---

New Debian Linux Kernel Update Addresses “Dirty COW” Bug, Three Security Issues

Apart from fixing the “Dirty COW” bug, the new Debian kernel patch also addresses an issue discovered in Linux kernel’s RFCOMM Bluetooth socket handling, which could have allowed an attacker to cause a denial of service (system crash) or access sensitive information. Additionally, the kernel update patches an incorrect buffer allocation issue discovered by Ondrej Kozina in Linux kernel’s proc_keys_show() function, which allowed a local attacker to cause a denial of service (system crash), and a buffer overflow in Linux kernel’s arcmsr SCSI driver, which allowed a local attacker to cause a denial of service or execute arbitrary code. The issue was discovered by Marco Grassi.