CAN-2005-0001, CAN-2004-1235, CAN-2004-1137, CAN-2004-1016, Georgi Guninski security advisory #72, 2004, grsecurity 2.1.0 release

[Jan Lühr <jluehr@gmx.net>]

Greetings,

things seem to be in a rush right now, and I'm looking for a little overview.
In the past 1-2 months several kernel exploits rushed through the news that 
might / can / probably will affect debian stable. However, I haven't seen any 
signle DSA regarding the following issues: Can you please give me an 
overview:  Which problems do affected kernel-source-2,4.18? - If so, what is 
the current status of the according DSA? Because of running an 
terminal-Server I'd like to know, what's going on at these issues.


Thanks in advance, Keep smiling
yanosz

CAN-2005-0001 "Linux kernel i386 SMP page fault handler privilege escalation": 
http://www.isec.pl/vulnerabilities/isec-0022-pagefault.txt (I'm not runnig 
SMP ;)
CAN-2004-1235 "Linux kernel uselib() privilege elevation" 
http://isec.pl/vulnerabilities/isec-0021-uselib.txt (Sounds scary PoC Code is 
included, seems to be discussed here)
CAN-2004-1137 "Linux kernel IGMP vulnerabilities" (Sounds really scary. Are we 
effected? Debian Woody seems to be uneffected, but what about sarge / sid?)
http://isec.pl/vulnerabilities/isec-0018-igmp.txt
CAN-2004-1016 "Linux kernel scm_send local DoS"
 http://isec.pl/vulnerabilities/isec-0019-scm.txt
Georgi Guninski security advisory #72, 2004 "Fun with the linux kernel 
(2.6,2.4)"
http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html
grsecurity 2.1.0
 http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-01/0070.html
gives on scary / FUD-ish view on the linux kernel. Without discussing their 
thesis in detail, are patches available? Is kernel-source-2.4.18 affected?