[SECURITY] [DLA 360-1] linux-2.6 security update

ID DEBIAN:DLA-360-1:6C323
Type debian
Reporter Debian
Modified 2015-12-08T14:08:00


Package        : linux-2.6 Version        : 2.6.32-48squeeze17 CVE ID         : CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-7990                  CVE-2015-8324

This update fixes the CVEs described below.


Dmitry Vyukov discovered that a particular sequence of valid     operations on local (AF_UNIX) sockets can result in a     use-after-free.  This may be used to cause a denial of service     (crash) or possibly for privilege escalation.


郭永刚 discovered that a user granted access to /dev/ppp can cause     a denial of service (crash) by passing invalid parameters to the     PPPIOCSMAXCID ioctl.  This also applies to ISDN PPP device nodes.


Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a     flaw in the processing of certain USB device descriptors in the     usbvision driver. An attacker with physical access to the system can     use this flaw to crash the system.


It was discovered that the fix for CVE-2015-6937 was incomplete. A     race condition when sending a message on unbound socket can still     cause a NULL pointer dereference. A remote attacker might be able to     cause a denial of service (crash) by sending a crafted packet.


"Valintinr" reported that an attempt to mount a corrupted ext4     filesystem may result in a kernel panic.  A user permitted to     mount filesystems could use this flaw to crash the system.

For the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze17.  We recommend that you upgrade your linux-2.6 packages.

For the oldstable (wheezy) and stable (jessie) distributions, CVE-2015-7833, CVE-2015-7990 and CVE-2015-8324 have been fixed and the other issues will be fixed soon.

-- Ben Hutchings - Debian developer, member of Linux kernel and LTS teams

Attachment: signature.asc Description: This is a digitally signed message part