Package: kernel-source-2.6.8 Version: 2.6.8-13 Severity: grave Tags: security Justification: user security hole
"Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument." The offending code is also in 2.6.8 and 2.4.27. A fix is at http://linux.bkbits.net:8080/linux-2.6/[EMAIL PROTECTED] Advisory at http://marc.theaimsgroup.com/?l=full-disclosure&m=110846727602817&w=2 Please also fix 2.6.9 and 2.6.10 -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10-as2-stf-k-1 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages kernel-source-2.6.8 depends on: ii binutils 2.15-5 The GNU assembler, linker and bina ii bzip2 1.0.2-5 high-quality block-sorting file co ii coreutils [fileutils] 5.2.1-2 The GNU core utilities ii fileutils 5.2.1-2 The GNU file management utilities -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
