Lucene search

K
debianDebianDEBIAN:DLA-118-1:98410
HistoryDec 21, 2014 - 5:45 p.m.

[SECURITY] [DLA 118-1] linux-2.6 security update

2014-12-2117:45:48
lists.debian.org
17

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

46.1%

Package : linux-2.6
Version : 2.6.32-48squeeze10
CVE ID : CVE-2014-3185 CVE-2014-3687 CVE-2014-3688 CVE-2014-6410
CVE-2014-7841 CVE-2014-8709 CVE-2014-8884

Non-maintainer upload by the Squeeze LTS and Kernel Teams.

New upstream stable release 2.6.32.65, see
http://lkml.org/lkml/2014/12/13/81 for more information.

The stable release 2.6.32.65 includes the following new commits compared
to the previous 2.6.32-48squeeze9 package:

  • USB: whiteheat: Added bounds checking for bulk command response
    (CVE-2014-3185)
  • net: sctp: fix panic on duplicate ASCONF chunks (CVE-2014-3687)
  • net: sctp: fix remote memory pressure from excessive queueing
    (CVE-2014-3688)
  • udf: Avoid infinite loop when processing indirect ICBs (CVE-2014-6410)
  • net: sctp: fix NULL pointer dereference in af->from_addr_param on
    malformed packet (CVE-2014-7841)
  • mac80211: fix fragmentation code, particularly for encryption
    (CVE-2014-8709)
  • ttusb-dec: buffer overflow in ioctl (CVE-2014-8884)

We recommend that you upgrade your linux-2.6 packages.

We apologize for a minor cosmetic glitch:

The following commits were already included in 2.6.32-48squeeze9 despite
claims in debian/changelog they were only fixed in 2.6.32-48squeez10:

  • vlan: Don't propagate flag changes on down interfaces.
  • sctp: Fix double-free introduced by bad backport in 2.6.32.62
  • md/raid6: Fix misapplied backport in 2.6.32.64
  • block: add missing blk_queue_dead() checks
  • block: Fix blk_execute_rq_nowait() dead queue handling
  • proc connector: Delete spurious memset in proc_exit_connector()
    Attachment:
    signature.asc
    Description: This is a digitally signed message part.

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

46.1%