Package: kernel-source-2.6.8 Version: 2.6.8-13 Severity: critical Tags: security Justification: root security hole
Cite: "The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments." The offending code is also in 2.6.8 and 2.4.27. Fix: http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED] Advisory: http://marc.theaimsgroup.com/?l=full-disclosure&m=110846727602817&w=2 Please fix also 2.6.9 and 2.6.10 -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
