[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2008:224 -- Mandriva kernel

ID: oval:org.secpod.oval:def:301281Date: (C)2012-01-07   (M)2024-02-19
Class: PATCHFamily: unix




Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The error-reporting functionality in fs/ext2/dir.c, fs/ext3/dir.c, and possibly fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing read or write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. The i915 driver in drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager master, which allows local users to cause a denial of service via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl"s configuration. The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. Additionaly, a problem with TCP options ordering, which could manifest as connection problems with many websites , was solved, a number of fixes for Intel HDA were added, another number of fixes for issues on Asus EEE PC, Panasonic Let"s Note, Acer One, Dell XPS, and others, were also added. Check package changelog for more information

Platform:
Mandriva Linux 2009.0
Product:
kernel
Reference:
MDVSA-2008:224
CVE-2008-4554
CVE-2008-3831
CVE-2008-3528
CVE    3
CVE-2008-3831
CVE-2008-3528
CVE-2008-4554
CPE    1
cpe:/o:mandriva:linux:2009.0

© SecPod Technologies