MDKSA-2005:022 - Updated cups packages fix multiple vulnerabilities

From: Mandrake Linux Security Team (security_at_linux-mandrake.com)
Date: 01/26/05

  • Next message: Predrag Damnjanovic: "List of all admin accounts in phpBB"
    To: bugtraq@securityfocus.com
    Date: Tue, 25 Jan 2005 21:57:24 -0700
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

     _______________________________________________________________________

                     Mandrakelinux Security Update Advisory
     _______________________________________________________________________

     Package name: kernel
     Advisory ID: MDKSA-2005:022
     Date: January 25th, 2005

     Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1,
                             Corporate Server 3.0,
                             Multi Network Firewall 8.2
     ______________________________________________________________________

     Problem Description:

     A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with
     this advisory:
     
     - Multiple race conditions in the terminal layer of 2.4 and 2.6
       kernels (prior to 2.6.9) can allow a local attacker to obtain
       portions of kernel data or allow remote attackers to cause a kernel
       panic by switching from console to PPP line discipline, then quickly
       sending data that is received during the switch (CAN-2004-0814)
     
     - Richard Hart found an integer underflow problem in the iptables
       firewall logging rules that can allow a remote attacker to crash the
       machine by using a specially crafted IP packet. This is only
       possible, however, if firewalling is enabled. The problem only
       affects 2.6 kernels and was fixed upstream in 2.6.8 (CAN-2004-0816)
     
     - Stefan Esser found several remote DoS confitions in the smbfs file
       system. This could be exploited by a hostile SMB server (or an
       attacker injecting packets into the network) to crash the client
       systems (CAN-2004-0883 and CAN-2004-0949)
     
     - Paul Starzetz and Georgi Guninski reported, independantly, that bad
       argument handling and bad integer arithmetics in the IPv4 sendmsg
       handling of control messages could lead to a local attacker crashing
       the machine. The fixes were done by Herbert Xu (CAN-2004-1016)
     
     - Rob Landley discovered a race condition in the handling of
       /proc/.../cmdline where, under rare circumstances, a user could read
       the environment variables of another process that was still spawning
       leading to the potential disclosure of sensitive information such as
       passwords (CAN-2004-1058)
     
     - Paul Starzetz reported that the missing serialization in
       unix_dgram_recvmsg() which was added to kernel 2.4.28 can be used by
       a local attacker to gain elevated (root) privileges (CAN-2004-1068)
     
     - Ross Kendall Axe discovered a possible kernel panic (DoS) while
       sending AF_UNIX network packets if certain SELinux-related kernel
       options were enabled. By default the CONFIG_SECURITY_NETWORK and
       CONFIG_SECURITY_SELINUX options are not enabled (CAN-2004-1069)
     
     - Paul Starzetz of isec.pl discovered several issues with the error
       handling of the ELF loader routines in the kernel. The fixes were
       provided by Chris Wright (CAN-2004-1070, CAN-2004-1071,
       CAN-2004-1072, CAN-2004-1073)
     
     - It was discovered that hand-crafted a.out binaries could be used to
       trigger a local DoS condition in both the 2.4 and 2.6 kernels. The
       fixes were done by Chris Wright (CAN-2004-1074)
     
     - Paul Starzetz found bad handling in the IGMP code which could lead
       to a local attacker being able to crash the machine. The fix was
       done by Chris Wright (CAN-2004-1137)
     
     - Jeremy Fitzhardinge discovered two buffer overflows in the
       sys32_ni_syscall() and sys32_vm86_warning() functions that could be
       used to overwrite kernel memory with attacker-supplied code resulting
       in privilege escalation (CAN-2004-1151)
     
     - Paul Starzetz found locally exploitable flaws in the binary format
       loader's uselib() function that could be abused to allow a local
       user to obtain root privileges (CAN-2004-1235)
     
     - Paul Starzetz found an exploitable flaw in the page fault handler
       when running on SMP machines (CAN-2005-0001)
     
     - A vulnerability in insert_vm_struct could allow a locla user to
       trigger BUG() when the user created a large vma that overlapped with
       arg pages during exec (CAN-2005-0003)
     
     - Paul Starzetz also found a number of vulnerabilities in the kernel
       binfmt_elf loader that could lead a local user to obtain elevated
       (root) privileges (isec-0017-binfmt_elf)
     
     The provided packages are patched to fix these vulnerabilities. All
     users are encouraged to upgrade to these updated kernels.
     
     To update your kernel, please follow the directions located at:
     
       http://www.mandrakesoft.com/security/kernelupdate
     
     PLEASE NOTE: Mandrakelinux 10.0 users will need to upgrade to the
     latest module-init-tools package prior to upgrading their kernel.
     Likewise, MNF8.2 users will need to upgrade to the latest modutils
     package prior to upgrading their kernel.
     _______________________________________________________________________

     References:

      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0814
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0816
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0883
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0949
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1016
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1058
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1068
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1069
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1070
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1071
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1073
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1074
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1137
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1151
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1235
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0001
      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0003
      http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt
      http://www.ussg.iu.edu/hypermail/linux/kernel/0411.1/1222.html
      http://www.isec.pl/vulnerabilities/isec-0022-pagefault.txt
     ______________________________________________________________________

     Updated Packages:
      
     Mandrakelinux 10.0:
     3d615b76ac136595a7458135e1f839c6 10.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.i586.rpm
     8872bc542fb173ebe7b3ab99d9fa0a78 10.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.i586.rpm
     c2324dc5344bf65b4c32b7aaef8ce854 10.0/RPMS/kernel-enterprise-2.4.25.13mdk-1-1mdk.i586.rpm
     df49e87e645dff4a94552e15e8943c19 10.0/RPMS/kernel-enterprise-2.6.3.25mdk-1-1mdk.i586.rpm
     ca8d699e0e20a337a5eebf79ec85706a 10.0/RPMS/kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk.i586.rpm
     e07ade9d7d022da3fba9e13257bb7f15 10.0/RPMS/kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk.i586.rpm
     916707e9d3fe3c8328db6c6e18473abe 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk.i586.rpm
     3372a66fbafd98d091b1d3d577d50221 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk.i586.rpm
     f4684d50ded00cd05eaf47753b7564c8 10.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.i586.rpm
     03688dfd221d3b4a6fda80ef5784bab6 10.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.i586.rpm
     120a2b5101fcb5ade30f58c66faa8622 10.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.i586.rpm
     d865abbec938cee8c258bfed331e49b3 10.0/RPMS/kernel-source-2.4.25-13mdk.i586.rpm
     6537b8b610d93a06a3b5e7fbed060d7d 10.0/RPMS/kernel-source-2.6.3-25mdk.i586.rpm
     2b80606da918944b7d9a3947fe9261f4 10.0/RPMS/kernel-source-stripped-2.6.3-25mdk.i586.rpm
     66014de2087370161cc488cbd2459caa 10.0/RPMS/module-init-tools-3.0-1.2.1.100mdk.i586.rpm
     9b808108f4839905f98821a72e01ed9b 10.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
     cbd99bedcf3e86bbe76cfc7483d3655a 10.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm
     5ee85d63733b93e1629a9f5c44cb634c 10.0/SRPMS/module-init-tools-3.0-1.2.1.100mdk.src.rpm

     Mandrakelinux 10.0/AMD64:
     c8609f9d078f225fdc78047f338df99a amd64/10.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.amd64.rpm
     b89b86305d44c25e7c79bff4a9f2ebe6 amd64/10.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.amd64.rpm
     0acfd0fcc2e4a792054970f796485a7b amd64/10.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.amd64.rpm
     90400428327d20e8e6d7a3c6bbd95304 amd64/10.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.amd64.rpm
     a5723d6b9ac757d83eb46ea25de3f270 amd64/10.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.amd64.rpm
     69e309596c73922539f7771a0a8473c6 amd64/10.0/RPMS/kernel-source-2.4.25-13mdk.amd64.rpm
     4bf67528554bddac99214a873a16cb9f amd64/10.0/RPMS/kernel-source-2.6.3-25mdk.amd64.rpm
     4628048ff5e631b48127cbbf1b7715b7 amd64/10.0/RPMS/kernel-source-stripped-2.6.3-25mdk.amd64.rpm
     91593c8eb6877c70f16c274254cbad2b amd64/10.0/RPMS/module-init-tools-3.0-1.2.1.100mdk.amd64.rpm
     9b808108f4839905f98821a72e01ed9b amd64/10.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
     cbd99bedcf3e86bbe76cfc7483d3655a amd64/10.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm
     5ee85d63733b93e1629a9f5c44cb634c amd64/10.0/SRPMS/module-init-tools-3.0-1.2.1.100mdk.src.rpm

     Mandrakelinux 10.1:
     0f696c0c5320ec25d05ef5bd350f9985 10.1/RPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
     d1af1c436a5abba25b8f08775da71db7 10.1/RPMS/kernel-2.6.8.1.24mdk-1-1mdk.i586.rpm
     0dcb79ef492718dee540f7d41e80058a 10.1/RPMS/kernel-enterprise-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
     40284c8cc69455994b3d4d1f4ca00f83 10.1/RPMS/kernel-enterprise-2.6.8.1.24mdk-1-1mdk.i586.rpm
     9ea23249f97f8ee30cdac0e330112aab 10.1/RPMS/kernel-i586-up-1GB-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
     7b30e9fcc1726f729fb553cbe2c6e1c0 10.1/RPMS/kernel-i586-up-1GB-2.6.8.1.24mdk-1-1mdk.i586.rpm
     871192ed017f9d5cf41182cf603ee186 10.1/RPMS/kernel-i686-up-64GB-2.6.8.1.24mdk-1-1mdk.i586.rpm
     c3cdd1c9aa5f109fc2c666496df04381 10.1/RPMS/kernel-secure-2.6.8.1.24mdk-1-1mdk.i586.rpm
     b9c94c3ddd5c96a6408cb2ae3c65cac4 10.1/RPMS/kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
     d70bdcfaf79cf6209e9c7d4842f9c630 10.1/RPMS/kernel-smp-2.6.8.1.24mdk-1-1mdk.i586.rpm
     d6d6df17dbd538a472f1715ed5085069 10.1/RPMS/kernel-source-2.4-2.4.28-0.rc1.5mdk.i586.rpm
     290f135dd67a321a54d1115a0e322114 10.1/RPMS/kernel-source-2.6-2.6.8.1-24mdk.i586.rpm
     a77254188fa582e1dc6507684b6350e0 10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-24mdk.i586.rpm
     ac1ff7f73b6ff5ef0d848835aa439f5b 10.1/SRPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.src.rpm
     7b0f95d89253bfab3456919d06e70039 10.1/SRPMS/kernel-2.6.8.1.24mdk-1-1mdk.src.rpm

     Mandrakelinux 10.1/X86_64:
     960b9e64607f387c5bcd4a437981a6fa x86_64/10.1/RPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.x86_64.rpm
     04b7bd7f2fe22aa39f023a0a962b0aad x86_64/10.1/RPMS/kernel-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
     6bb79b4942fcaf55f503bdcbbf22f0b5 x86_64/10.1/RPMS/kernel-secure-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
     0d2340a40d9b712f0462f73297248700 x86_64/10.1/RPMS/kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk.x86_64.rpm
     10c716e96824f09ed8db7d8f83729b90 x86_64/10.1/RPMS/kernel-smp-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
     7b963dda4b2be54640f9ca9413c07b53 x86_64/10.1/RPMS/kernel-source-2.4-2.4.28-0.rc1.5mdk.x86_64.rpm
     75c6e3ff75915b3d300a2c8cec0f9431 x86_64/10.1/RPMS/kernel-source-2.6-2.6.8.1-24mdk.x86_64.rpm
     796c7f2163d63e46e129fb165ea21e25 x86_64/10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-24mdk.x86_64.rpm
     ac1ff7f73b6ff5ef0d848835aa439f5b x86_64/10.1/SRPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.src.rpm
     7b0f95d89253bfab3456919d06e70039 x86_64/10.1/SRPMS/kernel-2.6.8.1.24mdk-1-1mdk.src.rpm

     Corporate Server 2.1:
     b6169281f854088c070fa44ec931958d corporate/2.1/RPMS/kernel-2.4.19.48mdk-1-1mdk.i586.rpm
     98dba27afd4cd5457d7f14159ed9ab5c corporate/2.1/RPMS/kernel-enterprise-2.4.19.48mdk-1-1mdk.i586.rpm
     889972abd61cb4c36ed1dcbb47b3f60e corporate/2.1/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.i586.rpm
     41ba99dbf81769dcb1ef6770a47de649 corporate/2.1/RPMS/kernel-smp-2.4.19.48mdk-1-1mdk.i586.rpm
     6a16729a1b05c13884bd4922749c2ef3 corporate/2.1/RPMS/kernel-source-2.4.19-48mdk.i586.rpm
     ba431d79d61432149d88b19f7edbdaf7 corporate/2.1/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm

     Corporate Server 2.1/x86_64:
     a3ee6a051ea79aadaefaaf67f19023d7 x86_64/corporate/2.1/RPMS/kernel-2.4.19.48mdk-1-1mdk.x86_64.rpm
     33c6cac5db86011dc231686086b63798 x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.x86_64.rpm
     d39c2680a53cacf01e1c768c06239660 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.48mdk-1-1mdk.x86_64.rpm
     7c17e24855523fd5f5d6bf819a6f198b x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-48mdk.x86_64.rpm
     ba431d79d61432149d88b19f7edbdaf7 x86_64/corporate/2.1/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm

     Corporate Server 3.0:
     3d615b76ac136595a7458135e1f839c6 corporate/3.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.i586.rpm
     8872bc542fb173ebe7b3ab99d9fa0a78 corporate/3.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.i586.rpm
     c2324dc5344bf65b4c32b7aaef8ce854 corporate/3.0/RPMS/kernel-enterprise-2.4.25.13mdk-1-1mdk.i586.rpm
     df49e87e645dff4a94552e15e8943c19 corporate/3.0/RPMS/kernel-enterprise-2.6.3.25mdk-1-1mdk.i586.rpm
     ca8d699e0e20a337a5eebf79ec85706a corporate/3.0/RPMS/kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk.i586.rpm
     e07ade9d7d022da3fba9e13257bb7f15 corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk.i586.rpm
     916707e9d3fe3c8328db6c6e18473abe corporate/3.0/RPMS/kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk.i586.rpm
     3372a66fbafd98d091b1d3d577d50221 corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk.i586.rpm
     f4684d50ded00cd05eaf47753b7564c8 corporate/3.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.i586.rpm
     03688dfd221d3b4a6fda80ef5784bab6 corporate/3.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.i586.rpm
     120a2b5101fcb5ade30f58c66faa8622 corporate/3.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.i586.rpm
     d865abbec938cee8c258bfed331e49b3 corporate/3.0/RPMS/kernel-source-2.4.25-13mdk.i586.rpm
     6537b8b610d93a06a3b5e7fbed060d7d corporate/3.0/RPMS/kernel-source-2.6.3-25mdk.i586.rpm
     2b80606da918944b7d9a3947fe9261f4 corporate/3.0/RPMS/kernel-source-stripped-2.6.3-25mdk.i586.rpm
     9b808108f4839905f98821a72e01ed9b corporate/3.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
     cbd99bedcf3e86bbe76cfc7483d3655a corporate/3.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm

     Mandrakelinux 9.2:
     df22e4dffb539874c2ad36bc8893718b 9.2/RPMS/kernel-2.4.22.41mdk-1-1mdk.i586.rpm
     58303975f994e50b440a46aa10b3c0a4 9.2/RPMS/kernel-enterprise-2.4.22.41mdk-1-1mdk.i586.rpm
     6548386b7fab601d507950a3b658b454 9.2/RPMS/kernel-i686-up-4GB-2.4.22.41mdk-1-1mdk.i586.rpm
     a5eeba7c971e7fe09d4b42ef183b97f9 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.41mdk-1-1mdk.i586.rpm
     c19bbca55e615a7eec5f26aebea3a675 9.2/RPMS/kernel-secure-2.4.22.41mdk-1-1mdk.i586.rpm
     a4b44486653dd2d4822ba26c2debb769 9.2/RPMS/kernel-smp-2.4.22.41mdk-1-1mdk.i586.rpm
     941029c6b6e57f5083a48cbb2481a41e 9.2/RPMS/kernel-source-2.4.22-41mdk.i586.rpm
     7a5a16618d1fb3c92a3b2c8abcb8f6e6 9.2/SRPMS/kernel-2.4.22.41mdk-1-1mdk.src.rpm

     Mandrakelinux 9.2/AMD64:
     b20216a4273d7c261e08e0aa4c7411ce amd64/9.2/RPMS/kernel-2.4.22.41mdk-1-1mdk.amd64.rpm
     adf9ba1fdd2b3be5de83f327fe35d932 amd64/9.2/RPMS/kernel-secure-2.4.22.41mdk-1-1mdk.amd64.rpm
     df3a1629ebbf44e8e57d5b6ba4c95149 amd64/9.2/RPMS/kernel-smp-2.4.22.41mdk-1-1mdk.amd64.rpm
     17b4902f4d569c2f208fe4c455b20b6f amd64/9.2/RPMS/kernel-source-2.4.22-41mdk.amd64.rpm
     7a5a16618d1fb3c92a3b2c8abcb8f6e6 amd64/9.2/SRPMS/kernel-2.4.22.41mdk-1-1mdk.src.rpm

     Multi Network Firewall 8.2:
     a08867762d937e0890a7efe79439c844 mnf8.2/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.i586.rpm
     6fb3c0a0ab8d44e031f1c309f67b4dbc mnf8.2/RPMS/modutils-2.4.19-5mdk.i586.rpm
     ba431d79d61432149d88b19f7edbdaf7 mnf8.2/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm
     296ea31d1338fe4ca0c1eba4ff652376 mnf8.2/SRPMS/modutils-2.4.19-5mdk.src.rpm
     _______________________________________________________________________

     To upgrade automatically use MandrakeUpdate or urpmi. The verification
     of md5 checksums and GPG signatures is performed automatically for you.

     All packages are signed by Mandrakesoft for security. You can obtain
     the GPG public key of the Mandrakelinux Security Team by executing:

      gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

     You can view other update advisories for Mandrakelinux at:

      http://www.mandrakesoft.com/security/advisories

     If you want to report vulnerabilities, please contact

      security_linux-mandrake.com

     Type Bits/KeyID Date User ID
     pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
      <security linux-mandrake.com>
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)

    iD8DBQFB9yM0mqjQ0CJFipgRAhTaAJ99L7scGJzG+tx7VaL4vEjpy+mI9gCdGerG
    WjVONQcZFTuq07uHUzEGvTo=
    =Wjcp
    -----END PGP SIGNATURE-----


  • Next message: Predrag Damnjanovic: "List of all admin accounts in phpBB"

    Relevant Pages

    • Re: grsecurity 2.1.0 release / 5 Linux kernel advisories (fwd)
      ... > immediately to the next kernel versions when released. ... > all memory leaks have been plugged. ... The PaX team resends the previous mail to Linux and Andrew ... > vulnerabilities is a privilege, and when that privilege is abused by not ...
      (Linux-Kernel)
    • [FLSA-2004:1804] Updated kernel resolves security vulnerabilities
      ... Updated kernel packages that fix security vulnerabilities which may ... allow local users to gain root privileges are now available. ... The Linux kernel handles the basic functions of the operating system. ... Vulnerabilities and Exposures project has assigned the name ...
      (Bugtraq)
    • [Full-Disclosure] [FLSA-2004:1804] Updated kernel resolves security vulnerabilities
      ... Updated kernel packages that fix security vulnerabilities which may ... allow local users to gain root privileges are now available. ... The Linux kernel handles the basic functions of the operating system. ... Vulnerabilities and Exposures project has assigned the name ...
      (Full-Disclosure)
    • [FLSA-2004:1804] Updated kernel resolves security vulnerabilities
      ... Updated kernel packages that fix security vulnerabilities which may ... allow local users to gain root privileges are now available. ... The Linux kernel handles the basic functions of the operating system. ... Vulnerabilities and Exposures project has assigned the name ...
      (Full-Disclosure)
    • [Full-Disclosure] MDKSA-2005:022 - Updated cups packages fix multiple vulnerabilities
      ... portions of kernel data or allow remote attackers to cause a kernel ... - Paul Starzetz and Georgi Guninski reported, independantly, that bad ... handling of control messages could lead to a local attacker crashing ... - Paul Starzetz also found a number of vulnerabilities in the kernel ...
      (Full-Disclosure)