[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#309429: kernel-source-2.6.8: Local privilege escalation in pktcdvd und raw ioctl handling

Package: kernel-source-2.6.8
Severity: grave
Justification: user security hole

Two new local privilege escalations have been found in the 2.6 kernels;
input to the pktcdvd and raw ioctls is passed unchecked. Both issues
have been fixed in 2.4 does not seem to be affected.
At least one of the issues is CAN-2005-1264.


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.29-vs1.2.10
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Reply to: