Debian Security Advisory
DLA-0015-1 linux-2.6 -- LTS security update
- Date Reported:
- 12 Jul 2014
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2013-4387, CVE-2013-4470, CVE-2014-0203, CVE-2014-2678, CVE-2014-3122, CVE-2014-3144, CVE-2014-3917, CVE-2014-4652, CVE-2014-4699, CVE-2015-3145, CVE-2014-4656, CVE-2014-4667.
- More information:
This update fixes several remote and local denial of service attacks and other issues:
ipv6: udp packets following an UFO enqueued packet need also be handled by UFO to prevent remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.
inet: fix possible memory corruption with UDP_CORK and UFO to prevent local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application.
fix autofs/afs/etc. magic mountpoint breakage, preventing denial of service attacks by local users.
rds: prevent dereference of a NULL device in rds_iw_laddr_check to prevent local denial of service attacks (system crash or possibly have unspecified other impact).
: Incorrect locking of memory can result in local denial of service.
/ CVE-2014-3145: A local user can cause a denial of service (system crash) via crafted BPF instructions.
auditsc: audit_krule mask accesses need bounds checking to prevent a local denial of service attack (OOPS) or possibly leaking sensitive single-bit values from kernel memory.
ALSA: control: Protect user controls against concurrent access, resulting in a race condition, possibly allowing local users access to sensitive information from kernel memory.
ALSA: control: Make sure that id->index does not overflow, to prevent a denial of service of the sound system by local users.
sctp: Fix sk_ack_backlog wrap-around problem, preventing denial of service (socket outage) via a crafted SCTP packet by remote attackers.
Andy Lutomirski discovered that the ptrace syscall was not verifying the RIP register to be valid in the ptrace API on x86_64 processors. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.
For Debian 6
Squeeze, these issues have been fixed in linux-2.6 version 2.6.32-48squeeze8