These are the patches that looked security-relevant, from a fairly quick review: [03/49] fuse: verify ioctl retries Kernel buffer overflow, but only CUSE servers could exploit it and /dev/cuse is normally restricted to root. [16/49] IB/uverbs: Handle large number of entries in poll CQ Fixes integer overflow and information leak which I assume can be triggered by unprivileged local users. [20/49] orinoco: fix TKIP countermeasure behaviour Fixes cryptographic weakness potentially leaking information to remote (but physically nearby) users. [24/49] tracing: Fix panic when lseek() called on "trace" opened for writing File is normally only writable by root, so not a security issue. [33/49] [SCSI] bfa: fix system crash when reading sysfs fc_host statistics Local denial-of-service. CVE-2010-4343 [36/49] install_special_mapping skips security_file_mmap check. May enable privilege escalation through null pointer bugs that would otherwise only cause denial-of-service. CVE-2010-4346 [42/49] sound: Prevent buffer overflow in OSS load_mixer_volumes Not relevant to Debian kernel images since we don't build OSS. CVE-2010-4257 [44/49] ima: fix add LSM rule bug Allows subversion of IMA. Not relevant to Debian kernel images since we don't build IMA. [48/49] sctp: Fix a race between ICMP protocol unreachable and connect() Remote denial-of-service. CVE-2010-4526 Ben. -- Ben Hutchings Once a job is fouled up, anything done to improve it makes it worse.
Attachment:
signature.asc
Description: This is a digitally signed message part