Linux kernel vulnerabilities

2009-12-09T00:00:00
ID USN-869-1
Type ubuntu
Reporter Ubuntu
Modified 2009-12-09T00:00:00

Description

David Ford discovered that the IPv4 defragmentation routine did not
correctly handle oversized packets. A remote attacker could send
specially crafted traffic that would cause a system to crash, leading
to a denial of service. (The fix was included in the earlier kernels
from USN-864-1.) (CVE-2009-1298)

Akira Fujita discovered that the Ext4 "move extents" ioctl did not
correctly check permissions. A local attacker could exploit this to
overwrite arbitrary files on the system, leading to root privilege
escalation. (CVE-2009-4131)