[Ksplice][Debian 5.0 Updates] New updates available via Ksplice (Debian 5.0.4)

Tim Abbott tabbott at ksplice.com
Sat Jan 30 21:16:52 PST 2010 

Synopsis: Debian 5.0.4 can now be patched using Ksplice
CVEs: CVE-2009-3080 CVE-2009-3726 CVE-2009-4005 CVE-2009-4020 CVE-2009-4021 CVE-2009-4138 CVE-2009-4308

Systems running Debian 5.0 Lenny can now use Ksplice to patch against
the latest Debian update, Debian 5.0.4.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack Debian 5.0 Lenny users install
these updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* CVE-2009-4308: NULL pointer dereference in ext4 decoding EROFS w/o a journal.

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem 
in the Linux kernel before 2.6.32 allows user-assisted remote attackers to 
cause a denial of service (NULL pointer dereference), and possibly have 
unspecified other impact, via a crafted read-only filesystem that lacks a 
journal.

* CVE-2009-4138: NULL pointer dereference flaw in firewire-ohci driver.

A NULL pointer dereference flaw was found in the firewire-ohci driver
used for OHCI compliant IEEE 1394 controllers.  A local, unprivileged
user with access to /dev/fw* files could issue certain IOCTL calls,
causing a denial of service or privilege escalation.

* CVE-2009-4020: Buffer overflow mounting currupted hfs filesystem.

A buffer overflow flaw was found in the hfs_bnode_read() function in
the HFS file system implementation.  This could lead to a denial of
service if a user browsed a specially-crafted HFS file system, for
example, by running "ls".

* CVE-2009-4021: Denial of service in fuse_direct_io.

A programming error in the fuse_direct_io function could result in
FUSE dereferencing an invalid pointer if the machine entered a
low-memory state, leading to a denial of service (kernel oops).

* CVE-2009-4005: Read buffer overflow in ISDN hfc_usb driver.

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the
Linux kernel allows attackers to escalate privileges via a crafted
HDLC packet that arrives over ISDN and triggers a buffer under-read.

* CVE-2009-3726: NFSv4: Denial of Service in NFS client.

A programming error in the Linux NFSv4 client could allow a buggy or
malicious NFS server to cause a denial of service (kernel panic) in
the client.

* CVE-2009-3080: Privilege Escalation in GDT driver.

An array index error in the GDT SCSI driver in the Linux kernel before
2.6.32-rc8 allows local users to cause a denial of service or possibly
gain privileges via a negative event index in an IOCTL request.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Debian-5.0-Updates mailing list