There are at least 13 unpatched security vulnerabilities in the Linux kernel.
Please fix these. Some of them are many years old...
* Linux Kernel CHRP Denial of Service Security Issue
* Linux Kernel Multiple Vulnerabilities
* Linux Kernel Various Vulnerabilities
* Linux Kernel SMP "/proc" Race Condition Denial of Service
* Linux Kernel perfmon Local Denial of Service Vulnerability
* Linux Kernel IP ID Value Increment Weakness
* Linux Kernel Socket Data Buffering Denial of Service
* Linux Kernel URB and IPv6 Flowlabel Handling Denial of Service
* Linux Kernel "syscall()" Argument Handling Denial of Service
* Linux Kernel "is_hugepage_only_range()" Denial of Service
* Linux Kernel Multiple Vulnerabilities
* Linux Kernel Page Fault Handler Privilege Escalation
* Linux Kernel Multiple Vulnerabilities
* Linux Kernel Binary Format Loaders Privilege Escalation
* Linux Kernel Multiple Vulnerabilities
* Linux Kernel IGMP and "__scm_send()" Vulnerabilities
* Linux Kernel Local DoS and Memory Content Disclosure Vulnerabilities
* Linux Kernel smb Filesystem Implementation Multiple Vulnerabilities
* Linux Kernel ELF Binary Loader Setuid File Handling Vulnerabilities
* Linux Kernel ide-cd SG_IO Functionality Permission Bypass Vulnerability
* Linux Kernel NFS and ptmx Denial of Service Vulnerabilities
* Linux Kernel File Offset Pointer Handling Memory Disclosure Vulnerability
* Linux Kernel Sbus PROM Driver Multiple Integer Overflow Vulnerabilities
* Linux Kernel IEEE 1394 Driver Integer Overflow Vulnerabilities
* Linux Kernel Framebuffer Driver Direct Userspace Access Vulnerability
misread?
this is the list of 'unpatched' vulnerabilities from secunia.com? what leads you to the idea these are still unpatched?
one example (which was easy to google): "Linux Kernel "is_hugepage_only_range()" Denial of Service" is widely known as CVE-2005-0916. for the case of debian it is listed in http://lists.alioth.debian.org/pipermail/secure-testing-commits/2006-Dec... as "linux-2.6 (Fixed before upload into archive)". this one (which was in 2.6.8 and -- if you look at the right places -- is most likely fixed in the later revisions) was patched by the distributor. so a patch exists, which makes the word 'unpatched' wrong. i conclude that the vuln was unpatched when it was listed by secunia, but of course was closed later on -- what are you thinking, that the world wide developer community is waiting for some anonymous to post a list before fixing things?
Secunia
Yes, the list is from Secunia.
Secunia lists all security vulnerabilities, but these were marked as 'unpatched'.
Also, even if its patched by Distributor (Debian), doesn't mean its patched upstreams. Not everyone use Debian, I don't.
http://secunia.com/product/2719/?task=advisories
no magic
of course the 2.6.8 or so the vulnerability was found in does not get magically patched, the patched version would get another number (e.g. a fourth digit). in versions that appeared after the vuln was found, it most likely is fixed (have you looked at the source?) because there is no reason to assume people are too stupid to apply an existing patch (e.g. from a distro). if you happen to use a distribution, you get a fixed version too. just the old 2.6.8 archive you downloaded some years ago still has the bug. and secunia probably didn't update the status (news get old news quickly), please ask _them_ about this if you are unsure. if you have no dependable source -- like a distributor doing its homework -- for security updates, you should find one fast.
Even so, it is likely to get
Even so, it is likely to get included in upstream within the next release after a patch exists.