Major Debian GNU/Linux 9 "Stretch" Linux Kernel Patch Fixes 18 Security Flaws

The Debian Project released a new Linux kernel update for the Debian GNU/Linux 9 "Stretch" operating system series that addresses several security vulnerabilities discovered by various security researchers recently.

Affecting the long-term supported Linux 4.9 kernel used by the Debian GNU/Linux 9 "Stretch" operating system series, there are a total of 18 security vulnerabilities patched in this major update that have been discovered in the upstream Linux kernel and may lead to information leaks, privilege escalation, or denial of service.

These include a memory leak in the irda_bind function and a flaw in the irda_setsockopt function of Linux kernel's IrDA subsystem, a flaw in the fd_locked_ioctl function in the Floppy driver, a buffer overflow in the Bluetooth HIDP implementation, and a double-realloc (double free) flaw in the rawmidi kernel driver.

Furthermore, a use-after-free bug and a potential null pointer dereference were discovered in Linux kernel's F2FS (... (read more)

from Softpedia News / Global https://ift.tt/2DP9lrv