Linux 2.6.26: Fix Privilege Escalation, Denial of Service, Information Leak Vulnerabilities

Users of Linux 2.6.26 please be advised of a privilege escalation, denial of service, information leak vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

DSA 2126-1: [DSA 2126-1] New Linux 2.6.26 packages fix several issues
Package : linux-2.6

Vulnerability : privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead

to a privilege escalation, denial of service or information leak. The Common

Vulnerabilities and Exposures project identifies the following problems:


Kees Cook discovered an issue in the v4l 32-bit compatibility layer for

64-bit systems that allows local users with /dev/video write permission to

overwrite arbitrary kernel memory, potentially leading to a privilege

escalation. On Debian systems, access to /dev/video devices is restricted to

members of the ‘video’ group by default.


Tavis Ormandy discovered an issue in the io_submit system call. Local users

can cause an integer overflow resulting in a denial of service.