planqert.blogg.se - Continuity activation tool kernel panic fix

CVE-2007-3851: On machines with a Intel i965 based graphics card local users with access to the direct rendering devicenode could overwrite memory on the machine and so gain root privileges.CVE-2007-3848: A local attacker could send a death signal to a setuid root program under certain conditions, potentially causing unwanted behaviour in this program.CVE-2007-3513: The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel did not limit the amount of memory used by a caller, which allowed local users to cause a denial of service (memory consumption).CVE-2007-2525: Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.CVE-2007-3107: The signal handling in the Linux kernel, when run on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency.Since this value can only be changed by a root user, exploitability is low. CVE-2007-3105: Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering".Note that this requires SCTP set-up and active to be exploitable. CVE-2007-2876: A NULL pointer dereference in SCTP connection tracking could be caused by a remote attacker by sending specially crafted packets.CVE-2007-2453: The random number feature in the Linux kernel 2.6 (1) did not properly seed pools when there is no entropy, or (2) used an incorrect cast when extracting entropy, which might have caused the random number generator to provide the same values after reboots on systems without an entropy source.

To adjust this, write to the file /proc/net/accept_source_route6.

CVE-2007-2242: The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers.

This kernel update fixes the following security problems: SUSE Linux Enterprise Server 10 SP1 for IBM POWERĮveryone using the Linux Kernel on ppc architecture should update. Product(s): SLE SDK 10 SP1 for IBM iSeries and IBM pSeries