Oval Definition:oval:org.mitre.oval:def:12645
Revision Date:2014-07-21Version:20
Title:DSA-2094-1 linux-2.6 -- privilege escalation/denial of service/information leak
Description:CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service. CVE-2010-2226 Dan Rosenberg reported an issue in the xfs filesystem that allows local users to copy and read a file owned by another user, for which they only have write permissions, due to a lack of permission checking in the XFS_SWAPEXT ioctl. CVE-2010-2240 Rafal Wojtczuk reported an issue that allows users to obtain escalated privileges. Users must already have sufficient privileges to execute or connect clients to an Xorg server. CVE-2010-2248 Suresh Jayaraman discovered an issue in the CIFS filesystem. A malicious file server can set an incorrect "CountHigh" value, resulting in a denial of service. CVE-2010-2521 Neil Brown reported an issue in the NFSv4 server code. A malicious client could trigger a denial of service on a server due to a bug in the read_buf routine. CVE-2010-2798 Bob Peterson reported an issue in the GFS2 file system. A file system user could cause a denial of service via certain rename operations. CVE-2010-2803 Kees Cook reported an issue in the DRM subsystem. Local users with sufficient privileges could acquire access to sensitive kernel memory. CVE-2010-2959 Ben Hawkes discovered an issue in the AF_CAN socket family. An integer overflow condition may allow local users to obtain elevated privileges. CVE-2010-3015 Toshiyuki Okajima reported an issue in the ext4 filesystem. Local users could trigger a denial of service by generating a specific set of filesystem operations. This update also includes fixes a regression introduced by a previous update. See the referenced Debian bug page for details. For the stable distribution, this problem has been fixed in version 2.6.26-24lenny1. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+24lenny1
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-4895
CVE-2010-2226
CVE-2010-2240
CVE-2010-2248
CVE-2010-2521
CVE-2010-2798
CVE-2010-2803
CVE-2010-2959
CVE-2010-3015
DSA-2094-1
Platform(s):Debian GNU/Linux 5.0
Product(s):linux-2.6
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • linux-doc-2.6.26 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-tree-2.6.26 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-patch-debian-2.6.26 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-source-2.6.26 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-manual-2.6.26 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-support-2.6.26-2 DPKG is earlier than 2.6.26-24lenny1
  • OR Architecture depended section
  • Installed architecture is s390
  • AND Packages section
  • linux-headers-2.6.26-2-all DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-vserver-s390x DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-s390 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-s390 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-s390-tape DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-all-s390 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-vserver-s390x DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common-vserver DPKG is earlier than 2.6.26-24lenny1
  • OR linux-libc-dev DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-s390x DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-s390x DPKG is earlier than 2.6.26-24lenny1
  • OR Architecture depended section
  • Installed architecture is amd64
  • AND Packages section
  • xen-linux-system-2.6.26-2-xen-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-all DPKG is earlier than 2.6.26-24lenny1
  • OR linux-modules-2.6.26-2-xen-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-openvz-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common-vserver DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-openvz-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-libc-dev DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common-openvz DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-vserver-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-all-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-xen-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common-xen DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-xen-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-vserver-amd64 DPKG is earlier than 2.6.26-24lenny1
  • OR Supported platform section
  • Installed architecture is hppa
  • AND Packages section
  • linux-headers-2.6.26-2-all DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-parisc DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-parisc64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-parisc DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-common DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-all-hppa DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-parisc64 DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-parisc64-smp DPKG is earlier than 2.6.26-24lenny1
  • OR linux-libc-dev DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-parisc64-smp DPKG is earlier than 2.6.26-24lenny1
  • OR linux-headers-2.6.26-2-parisc-smp DPKG is earlier than 2.6.26-24lenny1
  • OR linux-image-2.6.26-2-parisc-smp DPKG is earlier than 2.6.26-24lenny1
  • BACK