LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2010-2954 CVE-2010-3078 CVE-2010-3080 CVE-2010-3081
Created:September 17, 2010 Updated:April 21, 2011
Description: From the Debian advisory:

Tavis Ormandy reported an issue in the irda subsystem which may allow local users to cause a denial of service via a NULL pointer dereference. (CVE-2010-2954)

Dan Rosenberg discovered an issue in the XFS file system that allows local users to read potentially sensitive kernel memory. (CVE-2010-3078)

Tavis Ormandy reported an issue in the ALSA sequencer OSS emulation layer. Local users with sufficient privileges to open /dev/sequencer (by default on Debian, this is members of the 'audio' group) can cause a denial of service via a NULL pointer dereference. (CVE-2010-3080)

Ben Hawkes discovered an issue in the 32-bit compatibility code for 64-bit systems. Local users can gain elevated privileges due to insufficient checks in compat_alloc_user_space allocations. (CVE-2010-3081)

Alerts:
Ubuntu USN-1093-1 2011-03-25
Ubuntu USN-1083-1 2011-03-03
Ubuntu USN-1074-2 2011-02-28
Ubuntu USN-1119-1 2011-04-20
Ubuntu USN-1074-1 2011-02-25
SUSE SUSE-SA:2011:007 2011-02-07
Red Hat RHSA-2011:0007-01 2011-01-11
MeeGo MeeGo-SA-10:38 2010-10-09
Fedora FEDORA-2010-18983 2010-12-17
Mandriva MDVSA-2010:247 2010-12-03
Fedora FEDORA-2010-18432 2010-12-02
Red Hat RHSA-2010:0882-01 2010-11-12
Red Hat RHSA-2010:0842-01 2010-11-10
CentOS CESA-2010:0839 2010-11-09
Red Hat RHSA-2010:0839-01 2010-11-09
SUSE SUSE-SA:2010:052 2010-11-03
openSUSE openSUSE-SU-test-2010:36579-1 2010-11-03
openSUSE openSUSE-SU-2010:0895-2 2010-11-03
Mandriva MDVSA-2010:214 2010-10-29
SUSE openSUSE-SU-2010:0895-1 2010-10-27
SUSE SUSE-SA:2010:050 2010-10-13
Red Hat RHSA-2010:0719-01 2010-09-28
Red Hat RHSA-2010:0718-01 2010-09-28
SUSE SUSE-SA:2010:045 2010-09-23
SUSE SUSE-SA:2010:043 2010-09-23
SUSE SUSE-SA:2010:044 2010-09-23
Slackware SSA:2010-265-01 2010-09-23
openSUSE openSUSE-SU-2010:0655-1 2010-09-23
openSUSE openSUSE-SU-2010:0664-1 2010-09-23
openSUSE openSUSE-SU-2010:0654-1 2010-09-23
Mandriva MDVSA-2010:188 2010-09-23
CentOS CESA-2010:0704 2010-09-21
Red Hat RHSA-2010:0711-01 2010-09-22
Red Hat RHSA-2010:0705-01 2010-09-21
Red Hat RHSA-2010:0704-01 2010-09-21
Fedora FEDORA-2010-14878 2010-09-17
Fedora FEDORA-2010-14890 2010-09-17
Ubuntu USN-988-1 2010-09-17
openSUSE openSUSE-SU-2010:0634-1 2010-09-20
SUSE SUSE-SA:2010:041 2010-09-17
Debian DSA-2110-1 2010-09-17
CentOS CESA-2010:0718 2010-09-29
Ubuntu USN-1000-1 2010-10-19
rPath rPSA-2010-0059-1 2010-10-17
openSUSE openSUSE-SU-2010:0720-1 2010-10-13
Red Hat RHSA-2010:0758-01 2010-10-07
Mandriva MDVSA-2010:198 2010-10-07
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds