OVAL Reference oval:org.mitre.oval:def:7654

Oval Definition:

oval:org.mitre.oval:def:7654

Revision Date:	2014-06-23	Version:	21
Title:	DSA-1479 linux-2.6 -- several vulnerabilities
Description:	Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: Bart Oldeman reported a denial of service (DoS) issue in the VFAT filesystem that allows local users to corrupt a kernel structure resulting in a system crash. This is only an issue for systems which make use of the VFAT compat ioctl interface, such as systems running an "amd64" flavor kernel. Takashi Iwai supplied a fix for a memory leak in the snd_page_alloc module. Local users could exploit this issue to obtain sensitive information from the kernel. ADLAB discovered a possible memory overrun in the ISDN subsystem that may permit a local user to overwrite kernel memory by issuing ioctls with unterminated data. Bill Roman of Datalight noticed a coding error in the linux VFS subsystem that, under certain conditions, can allow local users to remove directories for which they should not have removal privileges. These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-17etch1. We recommend that you upgrade your kernel packages immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2007-2878 CVE-2007-4571 CVE-2007-6151 CVE-2008-0001 DSA-1479
Platform(s):	Debian GNU/Linux 4.0	Product(s):	linux-2.6
Definition Synopsis
Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND Packages section linux-support-2.6.18-6 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-patch-debian-2.6.18 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-source-2.6.18 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-manual-2.6.18 is earlier than 2.6.18.dfsg.1-17etch1 OR loop-aes-testsuite is earlier than 3.1d-13etch2 OR linux-tree-2.6.18 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-doc-2.6.18 is earlier than 2.6.18.dfsg.1-17etch1 OR loop-aes-source is earlier than 3.1d-13etch2 OR Architecture dependent section Installed architecture is s390 AND Packages section linux-image-vserver-s390x is earlier than 2.6.18+6etch3 OR linux-image-2.6-s390x is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-s390x is earlier than 2.6.18+6etch3 OR linux-image-2.6-s390-tape is earlier than 2.6.18+6etch3 OR linux-image-2.6-s390 is earlier than 2.6.18+6etch3 OR kernel-image-2.6-s390x is earlier than 2.6.18+6etch3 OR linux-headers-2.6-s390x is earlier than 2.6.18+6etch3 OR linux-image-s390-tape is earlier than 2.6.18+6etch3 OR linux-image-s390 is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-s390 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-s390-tape is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-s390 is earlier than 2.6.18+6etch3 OR kernel-image-2.6-s390 is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-all-s390 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-vserver-s390x is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-vserver-s390x is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-vserver-s390x is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-s390x is earlier than 2.6.18.dfsg.1-17etch1 OR Architecture dependent section Installed architecture is amd64 AND Packages section linux-image-2.6-vserver-amd64-k8-smp is earlier than 2.6.18+6etch3 OR linux-image-2.6-xen-amd64 is earlier than 2.6.18+6etch3 OR kernel-image-2.6-amd64-k8 is earlier than 2.6.18+6etch3 OR linux-headers-2.6-xen-vserver-amd64 is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-amd64 is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-vserver is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-amd64-k8-smp is earlier than 2.6.18+6etch3 OR nvidia-kernel-2.6-amd64 is earlier than 1.0.8776+6etch2 OR linux-modules-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-xen-vserver-amd64 is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-vserver-amd64 is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR xen-linux-system-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-xen-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-all-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-xen-vserver-amd64 is earlier than 2.6.18+6etch3 OR kernel-image-2.6-em64t-p4 is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-em64t-p4 is earlier than 2.6.18+6etch3 OR linux-image-2.6-vserver-amd64 is earlier than 2.6.18+6etch3 OR linux-headers-2.6-xen-amd64 is earlier than 2.6.18+6etch3 OR linux-image-xen-amd64 is earlier than 2.6.18+6etch3 OR linux-image-vserver-amd64 is earlier than 2.6.18+6etch3 OR linux-image-2.6-amd64-generic is earlier than 2.6.18+6etch3 OR nvidia-kernel-legacy-2.6.18-6-amd64 is earlier than 1.0.7184+6etch2 OR linux-headers-2.6.18-6-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR nvidia-kernel-2.6.18-6-amd64 is earlier than 1.0.8776+6etch2 OR linux-image-2.6-amd64-k8 is earlier than 2.6.18+6etch3 OR linux-image-2.6-em64t-p4-smp is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-xen is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-xen-vserver is earlier than 2.6.18.dfsg.1-17etch1 OR kernel-image-2.6-amd64-k8-smp is earlier than 2.6.18+6etch3 OR kernel-image-2.6-amd64-generic is earlier than 2.6.18+6etch3 OR fai-kernels is earlier than 1.17+etch.17etch1 OR linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-17etch1 OR nvidia-kernel-legacy-2.6-amd64 is earlier than 1.0.7184+6etch2 OR xen-linux-system-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-vserver-em64t-p4-smp is earlier than 2.6.18+6etch3 OR linux-modules-2.6.18-6-xen-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-vserver-amd64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-amd64 is earlier than 2.6.18+6etch3 OR linux-image-2.6-amd64 is earlier than 2.6.18+6etch3 OR kernel-image-2.6-em64t-p4-smp is earlier than 2.6.18+6etch3 OR Supported platform section Installed architecture is hppa AND Packages section linux-headers-2.6.18-6-all-hppa is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-parisc64 is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-parisc-smp is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-parisc-smp is earlier than 2.6.18+6etch3 OR linux-image-parisc-smp is earlier than 2.6.18+6etch3 OR linux-image-2.6-parisc is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-parisc64-smp is earlier than 2.6.18+6etch3 OR linux-image-parisc64-smp is earlier than 2.6.18+6etch3 OR linux-headers-2.6.18-6 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6.18-6-parisc is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-parisc64-smp is earlier than 2.6.18+6etch3 OR linux-image-parisc is earlier than 2.6.18+6etch3 OR linux-headers-2.6-parisc is earlier than 2.6.18+6etch3 OR linux-headers-2.6-parisc-smp is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-parisc64-smp is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6.18-6-all is earlier than 2.6.18.dfsg.1-17etch1 OR linux-image-2.6-parisc64 is earlier than 2.6.18+6etch3 OR linux-image-2.6.18-6-parisc64 is earlier than 2.6.18.dfsg.1-17etch1 OR linux-headers-2.6-parisc64 is earlier than 2.6.18+6etch3

BACK