Package: linux-2.6 Severity: important Tags: security Two more local denial-of-service vulnerabilities have been found in the Linux 2.6 kernel:
CAN-2005-3055: Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. http://marc.theaimsgroup.com/?l=linux-kernel&m=112766129313883 Linus refused the above patch on technical grounds, there was a short folloup- thread on linux-kernel. CAN-2005-3053: The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument. http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-rc1 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
