TTY Operations NULL Pointer Dereference Denial of Service Vulnerabilities
Another one without a CVE mentioned in the 2.6.25.10 ChangeLog.
Quote:
|
Linux Kernel "snd_seq_oss_synth_make_info()" Information Disclosure
Quote:
EDIT: Note that stable version 2.6.26.2 was released today, and it includes a patch for this. |
Linux Kernel 'uvc_driver.c ' Format Descriptor Parsing Buffer Overflow Vulnerability
Seems 2.6.26.1 did include at least one security patch, which I missed (partly for reasons discussed here).
So I'm posting this late notice only for completeness' sake. =/ Quote:
|
Linux Kernel "rt6_fill_node()" Denial of Service Vulnerability
Quote:
|
Linux Kernel 'sctp_setsockopt_auth_key()' Remote Denial of Service Vulnerability
Quote:
Quote:
|
Linux Kernel s390 ptrace Local Denial of Service
Quote:
|
Linux kernel NFSv4 ACL Buffer Overflow Vulnerability
Quote:
|
Linux Kernel "vmi_write_ldt_entry()" Privilege Escalation
Quote:
|
Linux 2.6.26.6 has been released. AFAICT, it includes at least two security fixes. One for the previously mentioned CVE-2008-1514, and one for a SCTP INIT-ACK AUTH Extension Remote Denial of Service Vulnerability.
|
Linux Kernel DRM_I915_HWS_ADDR IOCTL Privilege Escalation
Quote:
|
Linux 2.6.27.3 has been released.
It includes the fix for CVE-2008-3831 (mentioned above), and at least one more security-related fix:
Code:
security: avoid calling a NULL function pointer in drivers/video/tvaudio.c |
Linux 2.6.27.4 has been released.
It includes at least one security vulnerability fix:
Code:
ext[234]: Avoid printk floods in the face of directory corruption |
Linux 2.6.27.6 has been released.
In addresses at least one security vulnerability:
Quote:
|
Linux 2.6.27.7 has been released.
It addresses at least one security vulnerability:
Quote:
|
Linux Kernel "sendmsg()" Garbage Collector Denial of Service
Quote:
|
All times are GMT -5. The time now is 04:36 AM. |