Some vulnerabilities have been reported in the Linux Kernel. Two has an unknown impact, the others can potentially be exploited by malicious, local users to cause a DoS (Denial of Service)
1) A boundary error due to missing parameter validation in the "map_to_seg7()" function in "drivers/usb/input/map_to_7segment.h" of the Yealink driver may cause out-of-bound memory references.
2) A boundary error in "/drivers/i2c/i2c-core.c" when handling SMBus Block Write transactions may cause a buffer overflow.
3) An error exists in the handling of locking in the POSIX timer cleanup code when running on SMP systems. This may be exploited by local users to cause a DoS.
4) A race condition in the "do_coredump()" function in "/kernel/signal.c" can be exploited by malicious users to cause a DoS by triggering a core dump in one thread while another thread has a pending SIGSTOP.
5) An error within the implementation of module reference counting for loadable protocol modules of netfilter can be exploited by local users to crash the kernel by performing certain socket operations.
6) Incorrect setting of the VM_IO flag within the sg driver (drivers/scsi/sg.c) can be exploited by a local user to cause a DoS (crash) via a dio transfer to memory mapped (mmap) IO space.
Solution: The vulnerabilities have been fixed in version 2.6.14-git4.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Linux Kernel Potential Buffer Overflow and Denial of Service
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.