Package : kernel-source-2.4.27 Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2005-4798 CVE-2006-2935 CVE-2006-1528 CVE-2006-2444 CVE-2006-2446 CVE-2006-3745 CVE-2006-4535 CERT advisory : VU#681569 BugTraq IDs : 18081 18101 18847 19666 20087
Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service.
Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD or USB storage device to execute arbitrary code.
A bug in the SCSI driver allows a local user to cause a denial of service.
Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service.
A race condition in the socket buffer handling allows remote attackers to cause a denial of service.
Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges.
David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system using via an SCTP socket with a certain SO_LINGER value.
The following matrix explains which kernel version for which architecture fixes the problem mentioned above: