Package: linux-2.6 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for linux-2.6. CVE-2008-1615: | Linux kernel 2.6.18, and possibly other versions, when running on | AMD64 architectures, allows local users to cause a denial of service | (crash) via certain ptrace calls. This issue affects the 2.6 kernels in Debian on amd64. Steps to reproduce: wget -O x86_64-cs.c http://sources.redhat.com/cgi-bin/cvsweb.cgi/~checkout~/tests/ptrace-tests/tests/x86_64-cs.c?cvsroot=systemtap gcc -o x86_64-cs x86_64-cs.c -Wall -ggdb2 -D_GNU_SOURCE ./x86_64-cs Redhat used https://bugzilla.redhat.com/attachment.cgi?id=294062 to patch this, unfortunately this patch does not work for > 2.6.24 and I have no idea about porting it. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1615 http://security-tracker.debian.net/tracker/CVE-2008-1615 -- Nico Golde - http://www.ngolde.de - email@example.com - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Description: PGP signature