Lucene search

HistoryFeb 22, 2010 - 12:00 a.m.

linux-2.6 - several vulnerabilities


0.092 Low




NOTE: This kernel update marks the final planned kernel security update for
the 2.6.18 kernel in the Debian release ‘etch’. Although security support for
‘etch’ officially ended on Feburary 15th, 2010, this update was already in
preparation before that date. A final update that includes fixes for these
issues in the 2.6.24 kernel is also in preparation and will be released

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following

  • CVE-2009-3080
    Dave Jones reported an issue in the gdth SCSI driver. A missing
    check for negative offsets in an ioctl call could be exploited by
    local users to create a denial of service or potentially gain
    elevated privileges.
  • CVE-2009-3726
    Trond Myklebust reported an issue where a malicious NFS server
    could cause a denial of service condition on its clients by
    returning incorrect attributes during an open call.
  • CVE-2009-4005
    Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
    driver for Colognechip HFC-S USB chip. A potential read overflow
    exists which may allow remote users to cause a denial of service
    condition (oops).
  • CVE-2009-4020
    Amerigo Wang discovered an issue in the HFS filesystem that would
    allow a denial of service by a local user who has sufficient
    privileges to mount a specially crafted filesystem.
  • CVE-2009-4021
    Anana V. Avati discovered an issue in the fuse subsystem. If the
    system is sufficiently low on memory, a local user can cause the
    kernel to dereference an invalid pointer resulting in a denial of
    service (oops) and potentially an escalation of privileges.
  • CVE-2009-4536
    Fabian Yamaguchi reported an issue in the e1000 driver for Intel
    gigabit network adapters which allow remote users to bypass packet
    filters using specially crafted ethernet frames.
  • CVE-2010-0007
    Florian Westphal reported a lack of capability checking in the
    ebtables netfilter subsystem. If the ebtables module is loaded,
    local users can add and modify ebtables rules.
  • CVE-2010-0410
    Sebastian Krahmer discovered an issue in the netlink connector
    subsystem that permits local users to allocate large amounts of
    system memory resulting in a denial of service (out of memory).
  • CVE-2010-0415
    Ramon de Carvalho Valle discovered an issue in the sys_move_pages
    interface, limited to amd64, ia64 and powerpc64 flavors in Debian.
    Local users can exploit this issue to cause a denial of service
    (system crash) or gain access to sensitive kernel memory.
  • CVE-2010-0622
    Jerome Marchand reported an issue in the futex subsystem that
    allows a local user to force an invalid futex state which results
    in a denial of service (oops).

This update also fixes a regression introduced by a previous security
update that caused problems booting on certain s390 systems.

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch2.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

Debian 4.0 (etch)
fai-kernels 1.17+etch.26etch2
user-mode-linux 2.6.18-1um-2etch.26etch2