Two vulnerabilities, a security issue, and a weakness have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, or by malicious people to disclose certain sensitive information.

1) A memory leak in "/security/keys/request_key_auth.c" can potentially be exploited by non-privileged users to cause a DoS.

2) A memory leak exists in "/fs/namei.c" when the CONFIG_AUDITSYSCALL option is enabled. This can potentially be exploited by local users to cause a DoS via an excessive number of system calls.

3) The orinoco wireless driver fails to pad data packets with zeroes when the length needs to be increased. This may cause uninitialized data to be sent, potentially exposing random pieces of the system memory.

4) The "/sys/module/drm/parameters/debug" file is created with world-writable permission in sysfs. This may be exploited by non-privileged users to turn on drm debugging.

Solution
The vulnerabilities, security issue, and weakness have been fixed in version 2.6.14-rc4 and stable version 2.6.13.4.

Provided and/or discovered by
2) Robert Derr
3) Meder Kydyraliev
4) alwin

Changelog
Further details available in Customer Area

Original Advisory
Kernel.org
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=74fd92c511bd4a0771ac0faaaef38bb1be3a29f6
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=829841146878e082613a49581ae252c071057c23
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=9bc39bec87ee3e35897fe27441e979e7c208f624
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.14-rc4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.4

Meder Kydyraliev:
http://o0o.nu/~meder/o0o_linux_orinoco_driver_info_leak.txt

Gentoo Bugzilla:
http://bugs.gentoo.org/show_bug.cgi?id=107893

Deep Links
Links available in Customer Area