|
|
Log in / Subscribe / Register

Pardus alert 2010-57 (kernel kernel-pae)



From:
    	      Eren Turkay <eren@pardus.org.tr> 


To:
    	      pardus-security@pardus.org.tr 


Subject:
    	      [Pardus-security] [PLSA 2010-57] Kernel: Multiple Vulnerabilities 


Date:
    	      Tue, 27 Apr 2010 14:31:30 +0300 (EEST)


Message-ID:
    	      <20100427113130.A71A3A7AB31@lider.pardus.org.tr>



------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-57            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-04-27
  Severity: 4
      Type: Local
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been fixed in kernel. 


Description
===========

CVE-2010-1083: 

The processcompl_compat function in drivers/usb/core/devio.c  in  Linux 
kernel 2.6.x through 2.6.32, and possibly other versions, does not clear
the transfer buffer before returning to userspace when  a  USB  command 
fails, which might make it easier for physically proximate attackers to 
obtain sensitive information (kernel memory). 



CVE-2010-1084: 

Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows 
remote attackers to cause a denial of service (memory corruption) via a 
large number of Bluetooth sockets, related to the size of sysfs files in
(1)   net/bluetooth/l2cap.c, (2)   net/bluetooth/rfcomm/core.c,   (3)   
net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c. 



CVE-2010-1087: 

The nfs_wait_on_request function in fs/nfs/pagelist.c in  Linux  kernel 
2.6.x through 2.6.33-rc5 allows attackers to cause a denial of  service 
(Oops) via unknown vectors related to truncating a file and an operation
that is not interruptible. 



CVE-2010-1146: 

The Linux kernel 2.6.33.2  and  earlier,  when  a  ReiserFS  filesystem 
exists, does not restrict read or write access  to  the  .reiserfs_priv 
directory, which allows local users to gain privileges by modifying (1) 
extended attributes or (2) ACLs, as demonstrated  by  deleting  a  file 
under .reiserfs_priv/xattrs/. 


Affected packages:

  Pardus 2009:
    kernel, all before 2.6.31.13-131-44
    kernel-pae, all before 2.6.31.13-131-25



Resolution
==========

There are update(s) for kernel, kernel-pae. You  can  update  them  via 
Package Manager or with a single command from console: 

    pisi up kernel kernel-pae

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12620
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12624
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12632
  * http://bugs.pardus.org.tr/show_bug.cgi?id=12641

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds