[kernel-sec-discuss] r2486 - dsa-texts

Micah Anderson micah at alioth.debian.org
Wed Sep 7 17:34:41 UTC 2011 

Author: micah
Date: 2011-09-07 17:34:35 +0000 (Wed, 07 Sep 2011)
New Revision: 2486

Modified:
   dsa-texts/2.6.32-35squeeze1
Log:
some grammar/spelling fixes and standardizing formatting

Modified: dsa-texts/2.6.32-35squeeze1
===================================================================
--- dsa-texts/2.6.32-35squeeze1	2011-09-07 06:14:16 UTC (rev 2485)
+++ dsa-texts/2.6.32-35squeeze1	2011-09-07 17:34:35 UTC (rev 2486)
@@ -21,38 +21,37 @@
 CVE-2011-1020 
 
     Kees Cook discovered an issue in the /proc filesystem that allows local
-    users to gain access to sensitive process information after execution
-    of a setuid binary.
+    users to gain access to sensitive process information after execution of a
+    setuid binary.
 
 CVE-2011-1576 
 
-    Ryan Sweat discovered an issue in the VLAN implementation. Local users
-    may be able to cause a kernel memory leak, resulting in a denial of
-    service.
+    Ryan Sweat discovered an issue in the VLAN implementation. Local users may
+    be able to cause a kernel memory leak, resulting in a denial of service.
 
 CVE-2011-2484 
 
-    Vasiliy Kulikov of Openwall discovered that the amount of exit handler
-    that a process can register is not capped, resulting in local denial of
-    service through resource exhaustion (cpu time and memory).
+    Vasiliy Kulikov of Openwall discovered that the number of exit handlers that
+    a process can register is not capped, resulting in local denial of service
+    through resource exhaustion (cpu time and memory).
 
 CVE-2011-2491
 
-    Vasily Averin discovered an issue with the NFS locking implementation.
-    A malicious NFS server can cause a client to hang indefinitely in
-    an unlock call.
+    Vasily Averin discovered an issue with the NFS locking implementation.  A
+    malicious NFS server can cause a client to hang indefinitely in an unlock
+    call.
 
 CVE-2011-2492 
 
-    Marek Kroemeke and Filip Palian discovered that uninitialised struct
-    elements in the Bluetooth subsystem could lead to the information
-    through leaked stack memory.
+    Marek Kroemeke and Filip Palian discovered that uninitialized struct
+    elements in the Bluetooth subsystem could lead to a leak of sensitive kernel
+    memory through leaked stack memory.
 
 CVE-2011-2495 
 
-    Vasiliy Kulikov of Openwall discovered that the io file of a process'
-    proc directory was world-readable, resulting in local information disclosure
-    of information like password lengths.
+    Vasiliy Kulikov of Openwall discovered that the io file of a process' proc
+    directory was world-readable, resulting in local information disclosure of
+    information such as password lengths.
 
 CVE-2011-2496 
 
@@ -66,37 +65,37 @@
 
 CVE-2011-2517 
 
-    It was discovered that the netlink-based wireless configuration
-    interface performed insufficient length validation when parsing
-    SSIDs, resulting in buffer overflows. Local users with the
-    CAP_NET_ADMIN capability can cause a denial of service.
+    It was discovered that the netlink-based wireless configuration interface
+    performed insufficient length validation when parsing SSIDs, resulting in
+    buffer overflows. Local users with the CAP_NET_ADMIN capability can cause a
+    denial of service.
 
 CVE-2011-2525 
 
-    Ben Pfaff reported an issue in the network scheduling code. A local
-    user could cause a denial of service (NULL pointer dereference) by
-    sending a specially crafted netlink message.
+    Ben Pfaff reported an issue in the network scheduling code. A local user
+    could cause a denial of service (NULL pointer dereference) by sending a
+    specially crafted netlink message.
 
 CVE-2011-2700 
 
-    Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the 
+    Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the
     driver for the Si4713 FM Radio Transmitter driver used by N900 devices.
     Local users could exploit this issue to cause a denial of service or
-    ptotentially gain elevated privileges.
+    potentially gain elevated privileges.
 
 CVE-2011-2723
 
     Brent Meshier reported an issue in the GRO (generic receive offload)
-    implementation. This can be exploited by remote users to create a
-    denial of service (system crash) in certain network device configurations.
+    implementation. This can be exploited by remote users to create a denial of
+    service (system crash) in certain network device configurations.
 
 CVE-2011-2905 
 
-    Christian Ohm discovered that the 'perf' analysis tool searches
-    for its config files in the current working directory. This could
-    lead to denial of service or potential privilege escalation if
-    a user with evelated privileges is tricked into running 'perf'
-    in a directory under the control of the attacker.
+    Christian Ohm discovered that the 'perf' analysis tool searches for its
+    config files in the current working directory. This could lead to denial of
+    service or potential privilege escalation if a user with elevated privileges
+    is tricked into running 'perf' in a directory under the control of the
+    attacker.
 
 CVE-2011-2909 
 
@@ -106,27 +105,26 @@
 
 CVE-2011-2918 
 
-    Vince Weaver discovered that incorrect handling of software event 
-    overflows in the 'perf' analysis tool could lead to local denial
-    of service.
+    Vince Weaver discovered that incorrect handling of software event overflows
+    in the 'perf' analysis tool could lead to local denial of service.
 
 CVE-2011-2928
 
     Timo Warns discovered that insufficient validation of Be filesystem images
-    could lead to local denial of service if a malformed filesystem image 
-    is mounted.
+    could lead to local denial of service if a malformed filesystem image is
+    mounted.
 
 CVE-2011-3188 
 
-    Dan Kaminsky reported a weakness of the sequence number generation in
-    the TCP protocol implementation. This can be used by remote attackers
-    to inject packets into an active session.
+    Dan Kaminsky reported a weakness of the sequence number generation in the
+    TCP protocol implementation. This can be used by remote attackers to inject
+    packets into an active session.
 
 CVE-2011-3191
 
     Darren Lavender reported an issue in the Common Internet File System (CIFS).
-    A malicious file server could cause memory corruption leading to a denial
-    of service.
+    A malicious file server could cause memory corruption leading to a denial of
+    service.
 
 This update also includes a fix for a regression introduced with the previous
 security fix for CVE-2011-1768 (Debian: #633738)

More information about the kernel-sec-discuss mailing list