[<prev] [next>] [month] [year] [list]
Date: Mon, 4 Feb 2008 13:17:28 -0500
From: Jamie Strandboge <jamie@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Subject: [USN-574-1] Linux kernel vulnerabilities
===========================================================
Ubuntu Security Notice USN-574-1 February 04, 2008
linux-source-2.6.17/20/22 vulnerabilities
CVE-2006-6058, CVE-2007-3107, CVE-2007-4567, CVE-2007-4849,
CVE-2007-4997, CVE-2007-5093, CVE-2007-5500, CVE-2007-5501,
CVE-2007-5966, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206,
CVE-2007-6417, CVE-2008-0001
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.10:
linux-image-2.6.17-12-386 2.6.17.1-12.43
linux-image-2.6.17-12-generic 2.6.17.1-12.43
linux-image-2.6.17-12-hppa32 2.6.17.1-12.43
linux-image-2.6.17-12-hppa64 2.6.17.1-12.43
linux-image-2.6.17-12-itanium 2.6.17.1-12.43
linux-image-2.6.17-12-mckinley 2.6.17.1-12.43
linux-image-2.6.17-12-powerpc 2.6.17.1-12.43
linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.43
linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.43
linux-image-2.6.17-12-server 2.6.17.1-12.43
linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.43
linux-image-2.6.17-12-sparc64 2.6.17.1-12.43
linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.43
Ubuntu 7.04:
linux-image-2.6.20-16-386 2.6.20-16.34
linux-image-2.6.20-16-generic 2.6.20-16.34
linux-image-2.6.20-16-hppa32 2.6.20-16.34
linux-image-2.6.20-16-hppa64 2.6.20-16.34
linux-image-2.6.20-16-itanium 2.6.20-16.34
linux-image-2.6.20-16-lowlatency 2.6.20-16.34
linux-image-2.6.20-16-mckinley 2.6.20-16.34
linux-image-2.6.20-16-powerpc 2.6.20-16.34
linux-image-2.6.20-16-powerpc-smp 2.6.20-16.34
linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.34
linux-image-2.6.20-16-server 2.6.20-16.34
linux-image-2.6.20-16-server-bigiron 2.6.20-16.34
linux-image-2.6.20-16-sparc64 2.6.20-16.34
linux-image-2.6.20-16-sparc64-smp 2.6.20-16.34
Ubuntu 7.10:
linux-image-2.6.22-14-386 2.6.22-14.51
linux-image-2.6.22-14-cell 2.6.22-14.51
linux-image-2.6.22-14-generic 2.6.22-14.51
linux-image-2.6.22-14-hppa32 2.6.22-14.51
linux-image-2.6.22-14-hppa64 2.6.22-14.51
linux-image-2.6.22-14-itanium 2.6.22-14.51
linux-image-2.6.22-14-lpia 2.6.22-14.51
linux-image-2.6.22-14-lpiacompat 2.6.22-14.51
linux-image-2.6.22-14-mckinley 2.6.22-14.51
linux-image-2.6.22-14-powerpc 2.6.22-14.51
linux-image-2.6.22-14-powerpc-smp 2.6.22-14.51
linux-image-2.6.22-14-powerpc64-smp 2.6.22-14.51
linux-image-2.6.22-14-rt 2.6.22-14.51
linux-image-2.6.22-14-server 2.6.22-14.51
linux-image-2.6.22-14-sparc64 2.6.22-14.51
linux-image-2.6.22-14-sparc64-smp 2.6.22-14.51
linux-image-2.6.22-14-ume 2.6.22-14.51
linux-image-2.6.22-14-virtual 2.6.22-14.51
linux-image-2.6.22-14-xen 2.6.22-14.51
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Details follow:
The minix filesystem did not properly validate certain filesystem
values. If a local attacker could trick the system into attempting
to mount a corrupted minix filesystem, the kernel could be made to
hang for long periods of time, resulting in a denial of service.
This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2006-6058)
The signal handling on PowerPC systems using HTX allowed local users
to cause a denial of service via floating point corruption. This was
only vulnerable in Ubuntu 6.10 and 7.04. (CVE-2007-3107)
The Linux kernel did not properly validate the hop-by-hop IPv6
extended header. Remote attackers could send a crafted IPv6 packet
and cause a denial of service via kernel panic. This was only
vulnerable in Ubuntu 7.04. (CVE-2007-4567)
The JFFS2 filesystem with ACL support enabled did not properly store
permissions during inode creation and ACL setting. Local users could
possibly access restricted files after a remount. This was only
vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4849)
Chris Evans discovered an issue with certain drivers that use the
ieee80211_rx function. Remote attackers could send a crafted 802.11
frame and cause a denial of service via crash. This was only
vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4997)
Alex Smith discovered an issue with the pwc driver for certain webcam
devices. A local user with physical access to the system could remove
the device while a userspace application had it open and cause the USB
subsystem to block. This was only vulnerable in Ubuntu 7.04.
(CVE-2007-5093)
Scott James Remnant discovered a coding error in ptrace. Local users
could exploit this and cause the kernel to enter an infinite loop.
This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-5500)
It was discovered that the Linux kernel could dereference a NULL
pointer when processing certain IPv4 TCP packets. A remote attacker
could send a crafted TCP ACK response and cause a denial of service
via crash. This was only vulnerable in Ubuntu 7.10. (CVE-2007-5501)
Warren Togami discovered that the hrtimer subsystem did not properly
check for large relative timeouts. A local user could exploit this and
cause a denial of service via soft lockup. (CVE-2007-5966)
Venustech AD-LAB discovered a buffer overflow in the isdn net
subsystem. This issue is exploitable by local users via crafted input
to the isdn_ioctl function. (CVE-2007-6063)
It was discovered that the isdn subsystem did not properly check for
NULL termination when performing ioctl handling. A local user could
exploit this to cause a denial of service. (CVE-2007-6151)
Blake Frantz discovered that when a root process overwrote an existing
core file, the resulting core file retained the previous core file's
ownership. Local users could exploit this to gain access to sensitive
information. (CVE-2007-6206)
Hugh Dickins discovered the when using the tmpfs filesystem, under
rare circumstances, a kernel page may be improperly cleared. A local
user may be able to exploit this and read sensitive kernel data or
cause a denial of service via crash. (CVE-2007-6417)
Bill Roman discovered that the VFS subsystem did not properly check
access modes. A local user may be able to gain removal privileges on
directories. (CVE-2008-0001)
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-source-2.6.17_2.6.17.1-12.43.diff.gz
Size/MD5: 2088629 e6f2abefc3d6b741165ad85e3e12e1cc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-source-2.6.17_2.6.17.1-12.43.dsc
Size/MD5: 2324 dba618e1ef3933ef7b72f9ae0c2f2a04
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-source-2.6.17_2.6.17.1.orig.tar.gz
Size/MD5: 59339565 2e5451201e38e865cbc7b0717fa124a1
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-doc-2.6.17_2.6.17.1-12.43_all.deb
Size/MD5: 4507566 f3593f4794ecb3c76651d3ee5fa80765
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-kernel-devel_2.6.17.1-12.43_all.deb
Size/MD5: 1098296 620681fa48911c868638eb45a081ef19
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-source-2.6.17_2.6.17.1-12.43_all.deb
Size/MD5: 46084550 a000ec6ae14a1430b19961088773e415
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/acpi-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 28612 a364ed5ec4a61c86836d92df3e7d1671
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/cdrom-core-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 50500 93635a5be96568a0bcc013b0f9374828
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/crc-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 2446 7c308d57a11c0852c5c191b32db03543
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ext2-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 40788 203ccc34e8d6ef08fefdb297f43660b7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ext3-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 113552 a08770e0ab9c5a095b3bbeb9aaa494b2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/fat-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 43992 045de726c19efd85aec0c58e19a4e206
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/fb-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 54024 58805876572a665f4ee930dd031fe271
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/firewire-core-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 189510 3baf972b680afac6017d498d3139a1c8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/floppy-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 40028 b7ba746a91d6ee3d22281d242ecb0cce
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ide-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 167744 276c9cae47fea158f010c9e9e4f04cc2
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/input-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 60446 994cf3669c701f3e1336fdb0d80cac91
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ipv6-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 154562 2957b41258642e256d453a061cc3d219
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/irda-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 314684 65a235b5a3258afe62924d8d962bbdf4
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/jfs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 105984 3b483a47da6b7b974619982ed1dd1b0c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/kernel-image-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 1904886 31043dbf63f7fff0a46a17b20969a62d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-headers-2.6.17-12-generic_2.6.17.1-12.43_amd64.deb
Size/MD5: 908872 f4a952f077d42bd99dac73248521c6f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-headers-2.6.17-12-server_2.6.17.1-12.43_amd64.deb
Size/MD5: 913364 758d91637533ae5e080b637024f1681d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-headers-2.6.17-12_2.6.17.1-12.43_amd64.deb
Size/MD5: 7430792 b3c5bf05fab75da55cd6a29e874452f6
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-image-2.6.17-12-generic_2.6.17.1-12.43_amd64.deb
Size/MD5: 23811514 fff7d351088cfc95d13afb9e240773d7
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-image-2.6.17-12-server_2.6.17.1-12.43_amd64.deb
Size/MD5: 24390532 b8889d70f1eaa4ec8dc9d7feda1f6dc0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-image-debug-2.6.17-12-generic_2.6.17.1-12.43_amd64.deb
Size/MD5: 2341466 5d5c42e611287c5867da6f9fe9517de9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-image-debug-2.6.17-12-server_2.6.17.1-12.43_amd64.deb
Size/MD5: 2340116 a773aac3beb5aa0ef0630b95b321e88d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/linux-libc-dev_2.6.17.1-12.43_amd64.deb
Size/MD5: 1772018 a783af129fea695b41510174eb43d345
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/loop-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 16788 34074cba4be650462232dca85e2104ea
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/md-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 279182 33e7fc01312168bfda6c2ed7e4847cc5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nfs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 256910 22dda36c134a86e4eab945493f568bd5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nic-firmware-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 1048488 572cc74c21331f50cd46468bbe42e7c1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nic-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 2103834 7867da5294924f2329268a010acf50ca
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nic-pcmcia-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 164438 2d6b9ba760717b711528b7f729ec0c1b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nic-shared-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 10502 544a81e351b9d9c14e56e924a6179c21
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/nic-usb-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 93360 9d0dd71df54a14334a2d56df02dc70b5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ntfs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 52564 79d82bd8c45bad6f92fb6711786ed307
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/parport-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 39814 e9213be66eca3f6b6d073e1a14f1a306
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/pcmcia-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 79820 8115473b2953a78a0b451d3aaaebc793
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/pcmcia-storage-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 6332 279d471ccb620dc327e808225c35de8e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/plip-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 9370 92f7e30eb7bb55cfa08198e141becd14
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ppp-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 62724 0bf2ba4988f7361accbe6fe7f0e7fb6a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/reiserfs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 138620 ebca050307f87ac2d72ebd9bc689e7ca
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/sata-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 115686 0531aaadc28eb1f9553f42d29e45cf7c
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/scsi-core-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 90614 b51479c44a516e3b7b1d9d6501351732
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/scsi-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 1286186 7fd5738a9d02487f8205f7d4438df1c5
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/serial-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 80588 1eaebfa015089b95fb4b33e0e3d54831
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/socket-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 13478 2fc4ef01ba125ff2c58541f680aea075
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/speakup-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 76274 2e8780a4c9f01d284f0f1721b9e6a80b
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/ufs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 36064 240b896de4d9d3b6e3e9078400f8a9f3
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/usb-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 151840 65707cf2f8925a5a89c2e13ddcbf0c04
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/usb-storage-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 53542 5de4ee3697a7e239fcafdd39c68d045a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/xfs-modules-2.6.17-12-generic-di_2.6.17.1-12.43_amd64.udeb
Size/MD5: 323448 02893e9d497b071b0379937a81316fbb
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/acpi-modules-2.6.17-12-386-di_2.6.17.1-12.43_i386.udeb
Size/MD5: 21210 90bb4a1eaf048397151cda845fe401f9
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.17/acpi-modules-2.6.17-12-generic-di_2.6.17.1-12.43_i386.udeb
Size/MD5: 23814 164eeb1b9f128c5ee852efcd0bf6f09f
htt
[ TRUNCATED ]
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux