[kernel-sec-discuss] r2170 - dsa-texts
Micah Anderson
micah at alioth.debian.org
Wed Jan 26 02:57:24 UTC 2011
Author: micah
Date: 2011-01-26 02:57:23 +0000 (Wed, 26 Jan 2011)
New Revision: 2170
Modified:
dsa-texts/2.6.26-26lenny2
Log:
some fixups
Modified: dsa-texts/2.6.26-26lenny2
===================================================================
--- dsa-texts/2.6.26-26lenny2 2011-01-26 02:51:36 UTC (rev 2169)
+++ dsa-texts/2.6.26-26lenny2 2011-01-26 02:57:23 UTC (rev 2170)
@@ -39,7 +39,7 @@
CVE-2010-4162
- Dan Rosenberg discovered an overflow issue in the block I/O subsystem. that
+ Dan Rosenberg discovered an overflow issue in the block I/O subsystem that
allows local users to map large numbers of pages, resulting in a denial
of service due to invocation of the out of memory killer.
@@ -59,7 +59,7 @@
CVE-2010-4243
Brad Spengler reported a denial-of-service issue in the kernel memory
- accounting system. By passing large argv/envp values to exec, local users
+ accounting system. By passing large argv/envp values to exec, local users
can cause the out of memory killer to kill processes owned by other
users.
@@ -79,7 +79,7 @@
Nelson Elhage reported an issue in Linux oops handling. Local users may
be able to obtain elevated privileges if they are able to trigger an
- oops with a process's fs set to KERNEL_DS.
+ oops with a process' fs set to KERNEL_DS.
CVE-2010-4342
@@ -92,7 +92,7 @@
Tavis Ormandy discovered an issue in the install_special_mapping routine
which allows local users to bypass the mmap_min_addr security restriction.
Combined with an otherwise low severity local denial of service
- vulnerability (NULL pointer derefernce), a local user could obtain
+ vulnerability (NULL pointer dereference), a local user could obtain
elevated privileges.
CVE-2010-4526
@@ -124,7 +124,7 @@
CVE-2010-4649
- Dan Carpenter reported an issue in the uverb handline of the
+ Dan Carpenter reported an issue in the uverb handling of the
InfiniBand subsystem. A potential buffer overflow may allow local
users to cause a denial of service (memory corruption) by passing
in a large cmd.ne value.
More information about the kernel-sec-discuss
mailing list