Linux Kernel Denial of Service Vulnerabilities (Moderately Critical)
Quote:
|
Linux Kernel "clip_mkip()" Denial of Service Vulnerability (Moderately Critical)
Quote:
|
Linux 2.6.17.14 has been released
It's a maintenance release, but it addresses a security vulnerability:
Quote:
|
Linux 2.6.18.1 has been released
It includes a patch for an s390 architecture vulnerability:
Quote:
|
Linux Kernel IPv6 Flow Label Denial of Service (Not Critical)
Quote:
|
Linux 2.6.18.2 has been released
It includes many bugfixes, one of which addresses the ip6_flowlabel vulnerabilty above:
Quote:
|
Linux 2.6.16.30 has been released
It includes many bugfixes, three of which address security vulnerabilities:
Quote:
|
Linux Kernel ISO9660 Local Denial of Service (Not Critical)
Quote:
|
Linux Kernel Fragmented IPv6 Packet Filtering Bypass (Moderately Critical)
Quote:
|
Linux 2.6.16.31/32 (Late Notification)
I missed the last two releases for the 2.6.16.y branch. =/
2.6.16.31 was released the 7th, while 2.6.16.32 was released the 15th. Both releases addressed security vulnerabilities. For 2.6.16.31: Quote:
Quote:
Quote:
Quote:
For 2.6.16.32: Quote:
|
Linux 2.6.18.3 has been released.
It includes many bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.4.33.4 has been released
It includes several bugfixes, at least one of which addresses a security vulnerability:
Quote:
|
Linux 2.6.18.4 has been released.
It consists of a single patch addressing a security vulnerability:
Quote:
BTW: Seems I once again missed a 2.6.16.y security fix release. 2.6.16.33 was released November 22 and included a patch for CVE-2005-4352. |
Linux Kernel "ip_summed" Memory Corruption Vulnerability (Less Critical)
Quote:
|
Linux 2.6.16.35 has been released.
It includes many bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.6.19.1 has been released.
It includes several bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.4.33.5 has been released.
It consists of a few bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.6.18.6 has been released.
It consists of a few bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.4.33.6 has been released.
It consists of two bugfixes, one of which addresses a security vulnerability:
Quote:
|
Linux 2.4.33.7 has been released.
It consists of a single patch addressing a security vulnerability:
Quote:
|
Linux 2.6.19.2 has been released.
It includes many bugfixes, including Linus Torvalds' much anticipated data corruption fix.
Of course, several security issues are also addressed: Quote:
|
Linux 2.6.16.38 has been released (01/20/2007).
It includes several bugfixes, at least ten of which address security vulnerabilities:
Quote:
|
Linux Kernel "listxattr" Memory Corruption Vulnerability (Less Critical)
Quote:
|
Linux Kernel "key_alloc_serial()" Denial of Service (Not Critical)
Quote:
|
Linux 2.6.20.1 has been released.
It consists of a single patch over 2.6.20, addressing a security issue.
Quote:
NOTE: The 2.6.18.y and 2.6.19.y branches also patched for this issue: ChangeLog for 2.6.18.7 | ChangeLog for 2.6.19.4 |
Linux 2.6.18.8 has been released.
It addresses several security vulnerabilities, and it's likely to be the last patch to hit 2.6.18.y unless something extremely serious comes-up.
Quote:
|
Linux 2.6.16.42 has been released.
It happened last week, but it slipped-by me. =/
It includes several bugfixes, including three for security vulnerabilities. Quote:
|
Linux 2.6.19.6 has been released.
It includes several bugfixes, one which addresses a security vulnerability. This is quite likely the last 2.6.19.y release, unless something extremely serious is found.
Quote:
NOTE: A few hours after, 2.6.19.7 was released, addressing a few issues which slipped past the -stable team. It does not appear to address any vulnerabilities. The ChangeLog for it is here. |
Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow (Not Critical)
Quote:
|
Linux 2.6.20.2 has been released.
It includes a ton of bugfixes, two of which address security vulnerabilities.
Quote:
|
Linux Kernel NULL Pointer Dereferences and Security Bypass
Quote:
|
Linux Kernel "ipv6_fl_socklist" Denial of Service (Less Critical)
Quote:
|
Linux Kernel "atalk_sum_skb()" AppleTalk Denial of Service (Less Critical)
Quote:
|
Linux Kernel "L2CAP" and "HCI" Information Disclosure (Not Critical)
Quote:
|
Linux Kernel IPv6 Type 0 Route Headers Denial of Service (Moderately Critical)
Quote:
|
Linux Kernel netlink NETLINK_FIB_LOOKUP Denial of Service (Not Critical)
Quote:
|
Linux Kernel PPPoE Socket "PPPIOCGCHAN" Denial of Service (Not Critical)
Quote:
|
Linux 2.6.21.3 has been released.
It addresses a GEODE-AES security vulnerability.
Quote:
|
Linux Kernel VFAT IOCTLs Denial of Service (Not Critical)
Quote:
|
Linux 2.6.21.4 has been released.
It is purely a security-fix update, addressing a few vulnerabilities.
Quote:
|
Linux Kernel USBLCD Driver Out of Memory Denial of Service (Not Critical)
Quote:
|
Linux Kernel "decode_choices()" Denial of Service (Moderately Critical)
Quote:
|
Linux Kernel Multiple Denial of Service Vulnerabilities (Moderately Critical)
The above advisory has been updated by Secunia.
Quote:
|
Linux 2.6.22.1 has been released.
Two days after the release of 2.6.22, a security update is available.
Quote:
|
Linux Kernel AACRAID Driver IOCTL Security Bypass (Less Critical)
Quote:
|
Linux 2.6.22.2 has been released.
It includes a patch for a security vulnerability.
Quote:
|
Linux Kernel CIFS Signing Options Weakness (Not Critical)
Quote:
|
Linux 2.6.22.3 has been released.
It includes several bugfixes, one of which addresses a security vulnerability.
Quote:
|
Linux 2.6.22.4 has been released.
It solely consists of a patch for a security vulnerability:
Quote:
|
Linux 2.6.22.7 has been released.
It solely consists of a patch for a x86_64 security vulnerability.
Quote:
|
All times are GMT -5. The time now is 05:30 AM. |