Package : linux-2.6 Version : 2.6.32-48squeeze7 CVE ID : CVE-2014-3153 CVE-2014-1438 CVE-2014-3153: Pinkie Pie discovered an issue in the futex subsystem that allows a local user to gain ring 0 control via the futex syscall. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation. CVE-2014-1438: The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a denial of service (task kill) or possibly gain privileges via a crafted application.
Attachment:
signature.asc
Description: Digital signature