|
|
Subscribe / Log in / New account

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2006-5749 CVE-2006-4814 CVE-2006-6106
Created:January 5, 2007 Updated:January 8, 2009
Description: A security issue has been reported in Linux kernel due to an error in drivers/isdn/i4l/isdn_ppp.c as the "isdn_ppp_ccp_reset_alloc_state()" function never initializes an event timer before scheduling it with the "add_timer()" function.

The mincore function in the kernel does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.

Another vulnerability has been reported in Linux kernel caused by a boundary error within the handling of incoming CAPI messages in net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain Kernel data structures.

Alerts:
Red Hat RHSA-2008:0787-01 kernel 2009-01-05
Red Hat RHSA-2009:0001-01 kernel 2009-01-08
CentOS CESA-2008:0211 kernel 2008-05-07
Red Hat RHSA-2008:0211-01 kernel 2008-05-07
Debian DSA-1503 kernel-source-2.4.27 2008-02-22
Debian DSA-1503-2 kernel-source-2.4.27 2008-03-06
SuSE SUSE-SA:2007:035 kernel 2007-06-14
SuSE SUSE-SA:2007:053 kernel 2007-10-12
Ubuntu USN-416-2 linux-restricted-modules-2.6.17 2007-03-01
Ubuntu USN-416-1 linux-source-2.6.12/2.6.15/2.6.17 2007-02-01
rPath rPSA-2007-0031-1 kernel 2007-02-09
Mandriva MDKSA-2007:040 kernel 2007-02-07
Red Hat RHSA-2007:0014-01 kernel 2007-01-30
Mandriva MDKSA-2007:025 kernel 2007-01-23
Fedora FEDORA-2007-058 kernel 2007-01-18
Mandriva MDKSA-2007:012 kernel 2006-01-12
Trustix TSLSA-2007-0002 kernel 2007-01-05
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds