[Pardus-security] [PLSA 2010-10] Kernel: Multiple Vulnerabilities

Eren Türkay eren at pardus.org.tr
Tue Jan 19 16:37:27 EET 2010 

------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-10            security at pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-01-19
  Severity: 3
      Type: Local
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities were  fixed  in  kernel,  please  update  your 
system. 


Description
===========

CVE-2009-2909: 

Integer  signedness error   in   the   ax25_setsockopt   function   in  
net/ax25/af_ax25.c in the ax25 subsystem in  the  Linux  kernel  allows 
local users to cause a denial of service (OOPS) via  a  crafted  optlen 
value in an SO_BINDTODEVICE operation. 



CVE-2009-4307: 

he ext4_fill_flex_info function in fs/ext4/super.c in the Linux  kernel 
allows user-assisted remote attackers to  cause  a  denial  of  service 
(divide-by-zero  error and  panic)  via  a  malformed  ext4  filesystem 
containing  a super  block  with  a  large  FLEX_BG  group  size  (aka  
s_log_groups_per_flex value). 



CVE-2009-4138: 

drivers/firewire/ohci.c in the Linux kernel, when packet-per-buffer mode
is used, allows local users to cause a denial of service (NULL  pointer 
dereference and system crash) or possibly have unknown other impact via 
an unspecified ioctl associated  with  receiving  an  ISO  packet  that 
contains zero in the payload-length field. 



CVE-2009-4410: 

The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c
in the Linux kernel uses the wrong variable in an argument to the kunmap
function, which allows local users to cause a denial of service (panic) 
via unknown vectors. 


Affected packages:

  Pardus 2009:
    kernel, all before 2.6.31.11-130-40


Resolution
==========

There are update(s) for kernel. You can update them via Package Manager 
or with a single command from console: 

    pisi up kernel

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=11674
  * http://bugs.pardus.org.tr/show_bug.cgi?id=11720
  * http://bugs.pardus.org.tr/show_bug.cgi?id=11736
  * http://bugs.pardus.org.tr/show_bug.cgi?id=11842

------------------------------------------------------------------------

More information about the Pardus-security mailing list