linux-2.6 - several vulnerabilities

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:

• CVE-2009-0029
  Christian Borntraeger discovered an issue effecting the alpha,
  mips, powerpc, s390 and sparc64 architectures that allows local
  users to cause a denial of service or potentially gain elevated
  privileges.
• CVE-2009-0031
  Vegard Nossum discovered a memory leak in the keyctl subsystem
  that allows local users to cause a denial of service by consuming
  all of kernel memory.
• CVE-2009-0065
  Wei Yongjun discovered a memory overflow in the SCTP
  implementation that can be triggered by remote users.
• CVE-2009-0269
  Duane Griffin provided a fix for an issue in the eCryptfs
  subsystem which allows local users to cause a denial of service
  (fault or memory corruption).
• CVE-2009-0322
  Pavel Roskin provided a fix for an issue in the dell_rbu driver
  that allows a local user to cause a denial of service (oops) by
  reading 0 bytes from a sysfs entry.
• CVE-2009-0676
  Clement LECIGNE discovered a bug in the sock_getsockopt function
  that may result in leaking sensitive kernel memory.
• CVE-2009-0675
  Roel Kluin discovered inverted logic in the skfddi driver that
  permits local, unprivileged users to reset the driver statistics.
• CVE-2009-0745
  Peter Kerwien discovered an issue in the ext4 filesystem that
  allows local users to cause a denial of service (kernel oops)
  during a resize operation.
• CVE-2009-0746
  Sami Liedes reported an issue in the ext4 filesystem that allows
  local users to cause a denial of service (kernel oops) when
  accessing a specially crafted corrupt filesystem.
• CVE-2009-0747
  David Maciejak reported an issue in the ext4 filesystem that
  allows local users to cause a denial of service (kernel oops) when
  mounting a specially crafted corrupt filesystem.
• CVE-2009-0748
  David Maciejak reported an additional issue in the ext4 filesystem
  that allows local users to cause a denial of service (kernel oops)
  when mounting a specially crafted corrupt filesystem.

For the oldstable distribution (etch), these problems, where applicable,
will be fixed in future updates to linux-2.6 and linux-2.6.24.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-13lenny2.

We recommend that you upgrade your linux-2.6 packages.