jaervosz at gentoo
Feb 15, 2005, 12:36 PM
Post #2 of 2
(420 views)
Permalink
|
Hi Kevin,
Thanks for sharing. Next time please file a bug also, so the Security Team can
respond swiftly:-)
Contact details here:
http://security.gentoo.org
Direct link for the lazy:
http://bugs.gentoo.org/enter_bug.cgi?product=Gentoo%20Security&component=Vulnerabilities
Bug details:
http://bugs.gentoo.org/show_bug.cgi?id=82141
On Tuesday 15 February 2005 19:08, bryank [at] cs wrote:
> A new set of kernel vulnerabilities.
>
> http://www.k-otik.com/english/advisories/2005/0163
>
> """
> * Technical Description *
>
> Several vulnerabilities were identified in Linux Kernel, which could be
> exploited by malicious users to obtain elevated privileges or disclose
> kernel memory. The first flaw exists due to a heap overflow error, which
> could be exploited to execute arbitrary commands. The second vulnerability
> resides in the "drivers/char/n_tty.c" file, and could be exploited by a
> local user to read kernel memory. The third flaw resides in the
> "net/atm/addr.c" and "fs/reiserfs/file.c" files. Other vulnerabilities were
> reported in Radeon driver (race condition) and i2cdump/i2c-viapro (buffer
> overflow). """
>
> --Kevin
--
Sune Kloppenborg Jeppesen (Jaervosz)
Operational Manager
Gentoo Linux Security Team
http://security.gentoo.org
|
