linux-2.6 - several issues

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

• CVE-2009-4537
  Fabian Yamaguchi reported a missing check for Ethernet frames larger
  than the MTU in the r8169 driver. This may allow users on the local
  network to crash a system, resulting in a denial of service.
• CVE-2010-0727
  Sachin Prabhu reported an issue in the GFS2 filesystem. Local users
  can trigger a BUG() altering the permissions on a locked file,
  resulting in a denial of service.
• CVE-2010-1083
  Linus Torvalds reported an issue in the USB subsystem, which may allow
  local users to obtain portions of sensitive kernel memory.
• CVE-2010-1084
  Neil Brown reported an issue in the Bluetooth subsystem that may
  permit remote attackers to overwrite memory through the creation
  of large numbers of sockets, resulting in a denial of service.
• CVE-2010-1086
  Ang Way Chuang reported an issue in the DVB subsystem for Digital
  TV adapters. By creating a specially-encoded MPEG2-TS frame, a remote
  attacker could cause the receiver to enter an endless loop, resulting
  in a denial of service.
• CVE-2010-1087
  Trond Myklebust reported an issue in the NFS filesystem. A local
  user may cause an oops by sending a fatal signal during a file
  truncation operation, resulting in a denial of service.
• CVE-2010-1088
  Al Viro reported an issue where automount symlinks may not
  be followed when LOOKUP_FOLLOW is not set. This has an unknown
  security impact.
• CVE-2010-1162
  Catalin Marinas reported an issue in the tty subsystem that allows
  local attackers to cause a kernel memory leak, possibly resulting
  in a denial of service.
• CVE-2010-1173
  Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from
  Codenomicon Ltd reported an issue in the SCTP subsystem that allows
  a remote attacker to cause a denial of service using a malformed init
  package.
• CVE-2010-1187
  Neil Hormon reported an issue in the TIPC subsystem. Local users can
  cause a denial of service by way of a NULL pointer dereference by
  sending datagrams through AF_TIPC before entering network mode.
• CVE-2010-1437
  Toshiyuki Okajima reported a race condition in the keyring subsystem.
  Local users can cause memory corruption via keyctl commands that
  access a keyring in the process of being deleted, resulting in a
  denial of service.
• CVE-2010-1446
  Wufei reported an issue with kgdb on the PowerPC architecture,
  allowing local users to write to kernel memory. Note: this issue
  does not affect binary kernels provided by Debian. The fix is
  provided for the benefit of users who build their own kernels
  from Debian source.
• CVE-2010-1451
  Brad Spengler reported an issue on the SPARC architecture that allows
  local users to execute non-executable pages.

This update also includes fixes a regression introduced by a previous
update. See the referenced Debian bug page for details.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-22lenny1.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

The user-mode-linux source package was additional rebuilt for
compatibility to take advantage of this update. The updated version of
the package is 2.6.26-1um-2+22lenny1.