CVE-2008-3534

Name of the Vulnerable Software and Affected Versions linux-headers versions 2.6.24-etchnhalf.1-r5k-ip32 through 2.6.24-etchnhalf.1-r5k-ip32 linux-headers versions 2.6.24-etchnhalf.1-r4k-ip22 through 2.6.24-etchnhalf.1-r4k-ip22 linux-headers version 2.6.24-etchnhalf.1-all-mips linux-image versions 2.6.24-etchnhalf.1-r5k-ip32 through 2.6.24-etchnhalf.1-r5k-ip32 linux-image versions 2.6.24-etchnhalf.1-r4k-ip22 through 2.6.24-etchnhalf.1-r4k-ip22 Linux kernel versions prior to 2.6.26.1

Description The issue concerns multiple vulnerabilities in the Linux kernel and Debian GNU/Linux packages, which can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Additionally, a local user can cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, related to allocation of "useless pages" and improper maintenance of the i blocks count in the tmpfs implementation.

Recommendations For linux-headers versions 2.6.24-etchnhalf.1-r5k-ip32 and 2.6.24-etchnhalf.1-r4k-ip22, update to a version later than 2.6.24-etchnhalf.1. For linux-headers version 2.6.24-etchnhalf.1-all-mips, update to a version later than 2.6.24-etchnhalf.1. For linux-image versions 2.6.24-etchnhalf.1-r5k-ip32 and 2.6.24-etchnhalf.1-r4k-ip22, update to a version later than 2.6.24-etchnhalf.1. For Linux kernel versions prior to 2.6.26.1, update to version 2.6.26.1 or later. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.