----------------------------------------------------------------------

Want a new IT Security job?

Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/

----------------------------------------------------------------------

TITLE:
Linux Kernel Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA14713

VERIFY ADVISORY:
http://secunia.com/advisories/14713/

CRITICAL:
Moderately critical

IMPACT:
Exposure of system information, Exposure of sensitive information,
Privilege escalation, DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
Linux Kernel 2.4.x
http://secunia.com/product/763/
Linux Kernel 2.6.x
http://secunia.com/product/2719/

DESCRIPTION:
Multiple vulnerabilities have been reported in the Linux kernel,
which can be exploited to disclose information, cause a DoS (Denial
of Service), gain escalated privileges, or potentially compromise a
vulnerable system.

1) Some unspecified errors have been reported in the ISO9660
filesystem handler including Rock Ridge and Juliet extensions. These
can be exploited via a specially crafted filesystem to cause a DoS or
potentially corrupt memory leading to execution of arbitrary code.

2) A signedness error in the "bluez_sock_create()" function when
creating bluetooth sockets can potentially be exploited to gain root
privileges on a vulnerable system.

3) An information leak exists in ext2 when creating new directories
and may disclose kernel memory.

4) An error in load_elf_library can be exploited to cause a DoS.

SOLUTION:
Update to version 2.6.11.6.
http://kernel.org/

The vulnerabilities have also been fixed in version 2.4.30-rc2.

PROVIDED AND/OR DISCOVERED BY:
1) Michal Zalewski
2) Ilja van Sprundel
3) Mathieu Lafon
4) Yichen Xie

ORIGINAL ADVISORY:
Kernel.org:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6
http://kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.30.log

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------