Debian Security Advisory

DSA-1565-1 linux-2.6 -- several vulnerabilities

Date Reported:
01 May 2008
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375.
More information:

Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2007-6694

    Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS).

  • CVE-2008-0007

    Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code.

  • CVE-2008-1294

    David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0.

  • CVE-2008-1375

    Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges.

For the stable distribution (etch), these problems have been fixed in version 2.6.18.dfsg.1-18etch3.

The unstable (sid) and testing distributions will be fixed soon.

We recommend that you upgrade your linux-2.6, fai-kernels, and user-mode-linux packages.

Fixed in:

Debian GNU/Linux 4.0 (etch)

Architecture-independent component:
HP Precision:
Intel IA-32:
Intel IA-64:
Big-endian MIPS:
Little-endian MIPS:
IBM S/390:
Sun Sparc:

MD5 checksums of the listed files are available in the original advisory.