Referenced CVEs:
CVE-2009-1298, CVE-2009-4131
Description:
===========================================================Ubuntu Security Notice USN-869-1 December 10, 2009linux vulnerabilityCVE-2009-1298, CVE-2009-4131===========================================================A security issue affects the following Ubuntu releases:Ubuntu 9.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 9.10: linux-image-2.6.31-16-386 2.6.31-16.53 linux-image-2.6.31-16-generic 2.6.31-16.53 linux-image-2.6.31-16-generic-pae 2.6.31-16.53 linux-image-2.6.31-16-ia64 2.6.31-16.53 linux-image-2.6.31-16-lpia 2.6.31-16.53 linux-image-2.6.31-16-powerpc 2.6.31-16.53 linux-image-2.6.31-16-powerpc-smp 2.6.31-16.53 linux-image-2.6.31-16-powerpc64-smp 2.6.31-16.53 linux-image-2.6.31-16-server 2.6.31-16.53 linux-image-2.6.31-16-sparc64 2.6.31-16.53 linux-image-2.6.31-16-sparc64-smp 2.6.31-16.53 linux-image-2.6.31-16-virtual 2.6.31-16.53After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:David Ford discovered that the IPv4 defragmentation routine did notcorrectly handle oversized packets. A remote attacker could sendspecially crafted traffic that would cause a system to crash, leadingto a denial of service. (The fix was included in the earlier kernelsfrom USN-864-1.) (CVE-2009-1298)Akira Fujita discovered that the Ext4 "move extents" ioctl did notcorrectly check permissions. A local attacker could exploit this tooverwrite arbitrary files on the system, leading to root privilegeescalation. (CVE-2009-4131)
More...