[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20090130022149.GN7877@outflux.net>
Date: Thu, 29 Jan 2009 18:21:49 -0800
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-715-1] Linux kernel vulnerabilities
===========================================================
Ubuntu Security Notice USN-715-1 January 29, 2009
linux vulnerabilities
CVE-2008-5079, CVE-2008-5182, CVE-2008-5300, CVE-2008-5395,
CVE-2008-5700, CVE-2008-5702
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.10:
linux-image-2.6.27-11-generic 2.6.27-11.27
linux-image-2.6.27-11-server 2.6.27-11.27
linux-image-2.6.27-11-virtual 2.6.27-11.27
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.
Details follow:
Hugo Dias discovered that the ATM subsystem did not correctly manage
socket counts. A local attacker could exploit this to cause a system hang,
leading to a denial of service. (CVE-2008-5079)
It was discovered that the inotify subsystem contained watch removal
race conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)
Dann Frazier discovered that in certain situations sendmsg did not
correctly release allocated memory. A local attacker could exploit
this to force the system to run out of free memory, leading to a denial
of service. (CVE-2008-5300)
Helge Deller discovered that PA-RISC stack unwinding was not handled
correctly. A local attacker could exploit this to crash the system,
leading do a denial of service. This did not affect official Ubuntu
kernels, but was fixed in the source for anyone performing HPPA kernel
builds. (CVE-2008-5395)
It was discovered that the ATA subsystem did not correctly set timeouts. A
local attacker could exploit this to cause a system hang, leading to a
denial of service. (CVE-2008-5700)
It was discovered that the ib700 watchdog timer did not correctly check
buffer sizes. A local attacker could send a specially crafted ioctl
to the device to cause a system crash, leading to a denial of service.
(CVE-2008-5702)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-11.27.diff.gz
Size/MD5: 3045315 319b70724933690ebeaf2570c08e5872
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27-11.27.dsc
Size/MD5: 1529 1f0ca8782583778c06befbe486a5537c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux_2.6.27.orig.tar.gz
Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-doc-2.6.27_2.6.27-11.27_all.deb
Size/MD5: 3480820 102ffe69d583daaea25e9dc16624cf1d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11_2.6.27-11.27_all.deb
Size/MD5: 5782904 b7de142c5ded4e2e26037799b045b17d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-source-2.6.27_2.6.27-11.27_all.deb
Size/MD5: 52041978 3eb25260c3bf95d7110174a153457fe4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 36522 9e9b81519f796f9c8d970e369e6235b9
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 264132 781d177036c0d1f8d04fca8fd1322ad4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 53470 8e367a9fbbb2aea106db18724fbd78e8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 43124 32bb76a5c82cf4787e015a8d14a78b96
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 52340 46d233691c5842fa9f7347216eba0ce1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 89726 a8ac9ef887eacc31ebc322cf37223aec
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 38136 9d6bf29c616ae927c9341f80cb1d354b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 677334 2d925e6343fb97c1ce8c6c09438e3718
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 158556 40a73a5eb7858e877a17a6d0a28c3043
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 46412 641ffe0928f442956384d73dc5fcb9cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 154052 7891486ab310849caa511a7ea3a1bf7c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 312654 b1d2f2e0e9806822dbdd40733a2cce06
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 2602056 b4700083fb77226533a5bd56e53e75e5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-generic_2.6.27-11.27_amd64.deb
Size/MD5: 650884 057a9ec3b2e95418feb15f4ff322a0be
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-server_2.6.27-11.27_amd64.deb
Size/MD5: 650812 78edc2defb2ee5021fc467dd1371165b
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-generic_2.6.27-11.27_amd64.deb
Size/MD5: 23066840 67bb78180690fd6c6279b3e6646949b6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-server_2.6.27-11.27_amd64.deb
Size/MD5: 23063204 17ec50d1369bf3c1de230498ec658de1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-virtual_2.6.27-11.27_amd64.deb
Size/MD5: 10458152 dfa3ac79fa292857dd7180a8b5533121
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-11.27_amd64.deb
Size/MD5: 663848 8e0665e8893317c6b1129439cbf8612c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 434908 b5a695a4f2f24657ea84c929f5d7ee62
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 186342 b7a1cca322d68a0f9527ae2d72fc6231
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 275584 b22e9e6b69184f316a19c962318aa10e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 1808120 824533c7be48a5d527ba67b89bb5518f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 151332 c649c8efebd591d06e236cf67038a3c7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 194226 7dc44b61e6db4e263792a41021b32f23
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 167994 b0eec2b2c31f2722fa09b1f93146dfc1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 36462 ac920fe410b1d3966c5b09771550160f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 83386 c7bc43aad167ea7072f594048b631658
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 71942 628766ec1e59a39a404ea0347f610c59
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 23248 048d2bbe2abb50df1c7c3418ef1c41d4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 9018 975b1829cf22116ac762dadb64134904
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 68450 e9f1d069286257e48656fd6bdcce9bab
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 110420 6ab3fac78aec7c2415f2c4f1125c4c13
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 1275722 c1679d35e5b5ac1ba621cf0be47c3183
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 47598 4a49b7ce281ba54376b481ce6262b893
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 13326 aba5704b3eb0815e06c1ea0e4b2ccdf6
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 393692 6d4c19e8ad0d57be0405765494b24e9d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 200842 1381efd1c93a15db6624ae8e8d9df104
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-11-generic-di_2.6.27-11.27_amd64.udeb
Size/MD5: 13584 4a7ccf52bdc9b3d0dad86552fa461f0d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/linux/acpi-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 33940 53d8f886cc515299e0eb7fe2a71e98e2
http://security.ubuntu.com/ubuntu/pool/main/l/linux/block-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 244608 8d93bedf28c656de410ce24e1a350e8e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/crypto-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 55386 cf79c0e3fe330fe240dd0f11b07e909a
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fat-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 41266 39a834a82711ec66c6b27937770d1805
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 48690 5f04814a5a76700b49ef21a75af6d161
http://security.ubuntu.com/ubuntu/pool/main/l/linux/firewire-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 86928 8a7931fd909cf6ae6d0564c97186d070
http://security.ubuntu.com/ubuntu/pool/main/l/linux/floppy-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 33954 8d3bcb9e61f855ea8b6386f01342b43f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 674578 fd257461743980b6e4e8bb7e10ab6f3d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/fs-secondary-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 158190 520a2b2d77a7cbc688c4c70a12c7d7cb
http://security.ubuntu.com/ubuntu/pool/main/l/linux/input-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 43714 8b9aa57db293e55cef3d60f5becc7263
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ipv6-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 144884 7fbc0d69548b95a16eec745bddc79337
http://security.ubuntu.com/ubuntu/pool/main/l/linux/irda-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 301946 8c81d047b7c026b20591d191e945e997
http://security.ubuntu.com/ubuntu/pool/main/l/linux/kernel-image-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 2431736 394df3bd7f18565be6901a5ea1712105
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-generic_2.6.27-11.27_i386.deb
Size/MD5: 632990 c05b53970da1f25e9c81668a09e9b3ae
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-2.6.27-11-server_2.6.27-11.27_i386.deb
Size/MD5: 633356 b8307ea92110ae4c9b5ebeca7d36f4d8
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-generic_2.6.27-11.27_i386.deb
Size/MD5: 23447370 9a758b4ecf00f126be500b1df7caf344
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-server_2.6.27-11.27_i386.deb
Size/MD5: 23581390 ec5535e94eb5775cb8a678c579de8df5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-image-2.6.27-11-virtual_2.6.27-11.27_i386.deb
Size/MD5: 10096662 c1778afb9dabe62225b7d766e160498e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-libc-dev_2.6.27-11.27_i386.deb
Size/MD5: 663792 7d3ab57dfd5d2f9c537634247e9398d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/md-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 432704 891b06a4f4240bab98735a0a26b15234
http://security.ubuntu.com/ubuntu/pool/main/l/linux/message-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 170998 f433e304c1e459f25988617280e15890
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nfs-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 264000 6f2e567b929370211311a86899e85243
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 1991656 dca60f4f4fa22e08355e3cd4ce381b05
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 150938 db2ad37e334d23e2d775a7ee05e12652
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-shared-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 183914 8c89dc120cd8ae8ab6a9ed22abe1ff4d
http://security.ubuntu.com/ubuntu/pool/main/l/linux/nic-usb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 157596 a3f0343a661a2207d0c2a76234698a1c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/parport-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 34458 84e133df5aaa20cb1a9b6635c62dd48f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pata-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 78180 206749d441c3ca3b944ef63882f0d3f1
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 86136 93ffbb4882c09e989335910e1c98530e
http://security.ubuntu.com/ubuntu/pool/main/l/linux/pcmcia-storage-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 51164 3e1f3994e027b35c0cfd3824357415ac
http://security.ubuntu.com/ubuntu/pool/main/l/linux/plip-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 8794 593b7c703dab68100a29326611f07071
http://security.ubuntu.com/ubuntu/pool/main/l/linux/ppp-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 64170 56a1b6a05fc9c6334fa232ee5753234c
http://security.ubuntu.com/ubuntu/pool/main/l/linux/sata-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 101846 f72497e53cbb1517c01ad754dcbc68dd
http://security.ubuntu.com/ubuntu/pool/main/l/linux/scsi-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 1448908 d634feb7eace4987a4466dae309246b4
http://security.ubuntu.com/ubuntu/pool/main/l/linux/serial-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 44520 a5e92227ba7d965e33ed76d9c53cc1d5
http://security.ubuntu.com/ubuntu/pool/main/l/linux/socket-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 12478 c004549b61d3fb69fdbceb890f430cdc
http://security.ubuntu.com/ubuntu/pool/main/l/linux/storage-core-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 372730 98180fd4bbe2441a04b191f1b6dae1a7
http://security.ubuntu.com/ubuntu/pool/main/l/linux/usb-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 189760 27a4ed16ecfa113cce764df26c2a707f
http://security.ubuntu.com/ubuntu/pool/main/l/linux/virtio-modules-2.6.27-11-generic-di_2.6.27-11.27_i386.udeb
Size/MD5: 12986 afde633f64a103dc86644d482210e552
Download attachment "signature.asc" of type "application/pgp-signature" (236 bytes)
Powered by blists - more mailing lists