Linux Security
    Linux Security
    Linux Security

    Debian: DSA-1800-1: New Linux 2.6.26 packages fix several vulnerabilities

    Date 15 May 2009
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. The Common Vulnerabilities and Exposures project identifies the following problems:
    Hash: SHA1
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-1800-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           dann frazier
    May 15, 2009              
    - ----------------------------------------------------------------------
    Package        : linux-2.6
    Vulnerability  : denial of service/privilege escalation/sensitive memory leak
    Problem type   : local/remote
    Debian-specific: no
    CVE Id(s)      : CVE-2009-0028 CVE-2009-0834 CVE-2009-0835 CVE-2009-0859
                     CVE-2009-1046 CVE-2009-1072 CVE-2009-1184 CVE-2009-1192
                     CVE-2009-1242 CVE-2009-1265 CVE-2009-1337 CVE-2009-1338
    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a denial of service, privilege escalation or a sensitive
    memory leak. The Common Vulnerabilities and Exposures project
    identifies the following problems:
        Chris Evans discovered a situation in which a child process can
        send an arbitrary signal to its parent.
        Roland McGrath discovered an issue on amd64 kernels that allows
        local users to circumvent system call audit configurations which
        filter based on the syscall numbers or argument details.
        Roland McGrath discovered an issue on amd64 kernels with
        CONFIG_SECCOMP enabled. By making a specially crafted syscall,
        local users can bypass access restrictions.
        Jiri Olsa discovered that a local user can cause a denial of
        service (system hang) using a SHM_INFO shmctl call on kernels
        compiled with CONFIG_SHMEM disabled. This issue does not affect
        prebuilt Debian kernels.
        Mikulas Patocka reported an issue in the console subsystem that
        allows a local user to cause memory corruption by selecting a
        small number of 3-byte UTF-8 characters.
        Igor Zhbanov reported that nfsd was not properly dropping
        CAP_MKNOD, allowing users to create device nodes on file systems
        exported with root_squash.
        Dan Carpenter reported a coding issue in the selinux subsystem
        that allows local users to bypass certain networking checks when
        running with compat_net=1.
        Shaohua Li reported an issue in the AGP subsystem they may allow
        local users to read sensitive kernel memory due to a leak of
        uninitialized memory.
        Benjamin Gilbert reported a local denial of service vulnerability
        in the KVM VMX implementation that allows local users to trigger
        an oops.
        Thomas Pollet reported an overflow in the af_rose implementation
        that allows remote attackers to retrieve uninitialized kernel
        memory that may contain sensitive data.
        Oleg Nesterov discovered an issue in the exit_notify function that
        allows local users to send an arbitrary signal to a process by
        running a program that modifies the exit_signal field and then
        uses an exec system call to launch a setuid application.
        Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to
        reach processes outside of the current process namespace.
        Pavan Naregundi reported an issue in the CIFS filesystem code that
        allows remote users to overwrite memory via a long
        nativeFileSystem field in a Tree Connect response during mount.
    For the stable distribution (lenny), these problems have been fixed in
    version 2.6.26-15lenny2.
    For the oldstable distribution (etch), these problems, where applicable,
    will be fixed in future updates to linux-2.6 and linux-2.6.24.
    We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
    Note: Debian carefully tracks all known security issues across every
    linux kernel package in all releases under active security support.
    However, given the high frequency at which low-severity security
    issues are discovered in the kernel and the resource requirements of
    doing an update, updates for lower priority issues will normally not
    be released for all kernels at the same time. Rather, they will be
    released in a staggered or "leap-frog" fashion.
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    The following matrix lists additional source packages that were rebuilt for
    compatability with or to take advantage of this update:
                                                 Debian 5.0 (lenny)
         user-mode-linux                         2.6.26-1um-2+15lenny2
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 5.0 alias lenny
    - --------------------------------
    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    Source archives:
        Size/MD5 checksum:  7329571 1bce8a02959ba560840a7ddf3c85d903
        Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
        Size/MD5 checksum:     5777 5a7ff16752f5110837e60b4a5c8e9000
        Size/MD5 checksum:     1272 46e99e7c41b6ab88585e915a38834af2
        Size/MD5 checksum:    13274 692ffd3b2e648159d13941cffe052413
        Size/MD5 checksum:    12566 58cd8b7f3a51b2272c9afc10b81551cc
    Architecture independent packages:
        Size/MD5 checksum:   119468 9ad04974bda322d3bbef07498f30a9d6
        Size/MD5 checksum:  1757514 bb327a7a975d8c99f17dfd155a2a72a2
        Size/MD5 checksum:   104110 bdd9af9837d54a8fb50129861c97dc8f
        Size/MD5 checksum: 48700438 49386b86f3c839ac6fcdb18bd8c29c04
        Size/MD5 checksum:  2261264 29b2eb0593f8a91f2d0ec226d273b9da
        Size/MD5 checksum:  4624712 dd7e6ff69cf56f23c60496ff73f7298b
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   751056 dafcb057c2a435bd9df498619e29e1a7
        Size/MD5 checksum:   369566 f56eadc0219fd2a2747b83ba4ab8eacb
        Size/MD5 checksum: 28444362 7550723b98c8449b38be12f9878d3778
        Size/MD5 checksum:  3608062 b9ef0cc9e5c6d91626182ae4dd6ba8e8
        Size/MD5 checksum:   369154 f93e3de04d17cbe97485014d90f3c28c
        Size/MD5 checksum:   369350 7f2fd6ba761701961161a47a96072689
        Size/MD5 checksum:   103660 bdc8b2803a3e66f5359f256270d6f5ae
        Size/MD5 checksum:   103676 ed05e6468ab11308e64166a3ee12e881
        Size/MD5 checksum: 29151222 870766e5b3f04cf9c035cbeac559938a
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   392188 0654ee97b3c916c94e101a28e62b7758
        Size/MD5 checksum:  3935410 078ccbf5fd16712f8bf5ff151de046c9
        Size/MD5 checksum: 20918522 69de946d1bfb38db74dd37dc11bb77a2
        Size/MD5 checksum:   392818 ab57bec86e9379a94a35e99751905d8b
        Size/MD5 checksum:  3852298 9ac3894ba6a9c59c5c246b1cb515088f
        Size/MD5 checksum:   388042 76cc4730e19076a63e7a984581599e82
        Size/MD5 checksum:   103642 96e6f166c99d1345c2532e6128d68b63
        Size/MD5 checksum: 19288550 8e326e2bf136131abca1a3a60ddab9de
        Size/MD5 checksum:   397950 666585c1b6514caac9513ee0e960e549
        Size/MD5 checksum:   761832 88fe1a58c498c24ec8ccbe45ae862715
        Size/MD5 checksum:   103686 fe41064607e75452828b8d9b7ee43e05
        Size/MD5 checksum:  3830612 ba30367c79415273f405f7badde67ef7
        Size/MD5 checksum: 20896590 733b6e160bd73635703449966f4014c2
        Size/MD5 checksum: 21074418 7bcb629b5c1ab7edd559cfd1518606eb
        Size/MD5 checksum:  3794626 841fa07f11ebced3f6043398764203c2
        Size/MD5 checksum:   103652 9d14ba4a406d5c2f54377e9ed9385291
        Size/MD5 checksum:  1799890 3fbde882e04f90712afab46ceb1d2e4f
        Size/MD5 checksum:  5823978 d57d4ddc15c0c661db45766236aafd1f
    arm architecture (ARM)
        Size/MD5 checksum:   357196 61cf0294a78ae1aa4980eadc186b02bf
        Size/MD5 checksum: 11714240 6e461c880ce62f76fc2ae450df65ac7f
        Size/MD5 checksum:  4135562 934da0c4113cf93379303d7c426b9ec0
        Size/MD5 checksum:   345872 51a9ca83773967b4fca791ad7304e8b9
        Size/MD5 checksum: 11407528 01c0704554c7e5783af0bfe243583b2f
        Size/MD5 checksum: 10229940 7cdafb4746b99daf343615abd065b52c
        Size/MD5 checksum:   360706 c0553218a6dc212e6e262f2c5d4e95e9
        Size/MD5 checksum:   362878 063b38690d57b4bed42f47ae6669a205
        Size/MD5 checksum:   103570 67283a7c868e3b020ea32df43305e6cb
        Size/MD5 checksum:   743442 f032b462f2ced0b29ef8fad467dc53e3
        Size/MD5 checksum:   103614 b834c333d52e174cfafa707c1cf6007f
        Size/MD5 checksum: 12429986 3e583ab23c35a27a13cb10cc0da581f0
    armel architecture (ARM EABI)
        Size/MD5 checksum:   362534 553b5d4a96face61b87a8e072f1f9ff8
        Size/MD5 checksum:  4127498 168ff1a45080f3c4cba4a04d1b326b16
        Size/MD5 checksum: 11682088 d75f73e9f4614bfb13de3c73b5b2ae9a
        Size/MD5 checksum:   744114 76f75b81436e3b3b387e8fd405535dca
        Size/MD5 checksum:   334058 16bf2ddbe077aef886e30ecd08320792
        Size/MD5 checksum: 12394862 3dcf9c71e56fbd49c1ac8088c2271a67
        Size/MD5 checksum:   359142 f44a38848367e077d3ab10095695a1f9
        Size/MD5 checksum:   103698 b2db17336a565129e4cd858cfdbebdec
        Size/MD5 checksum:  9570956 c1202b4698c40d8ba708227cc463ba75
        Size/MD5 checksum:   364206 28ac049650ad018de6f30b2f974c335e
        Size/MD5 checksum: 11370938 f1272a12e1fe6bdb4a1e75be8d205c08
        Size/MD5 checksum:   103664 efcc623f3063eab822d32d3392659bb1
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   293774 11f697620d8e797204a9ee43c7e49e86
        Size/MD5 checksum:   296078 103c08b6d81814a758e70381efbd00cb
        Size/MD5 checksum: 17469984 5bf0999276e32dcc44eae2f5dae41c43
        Size/MD5 checksum:  3596462 498f39403026997ec7e9bd0daa01ae05
        Size/MD5 checksum:   103600 b5edaa5c335be330726ef6dbab25bcd8
        Size/MD5 checksum: 16925522 4c7ca20db89d33a0c050165a7ca41533
        Size/MD5 checksum:   293006 b8543710d9d5eba22a4a1bc6128436d9
        Size/MD5 checksum:   103574 35b0f4350ceb613d3790f054a720a2c7
        Size/MD5 checksum:   294442 b6ffd162c317e0bd787a6f5db35af295
        Size/MD5 checksum: 16202302 30d4723632168c7a4b1a2b0ebd993c6c
        Size/MD5 checksum:   755564 07bda4c6ddbf6a86ff2d37f5faa53a3b
        Size/MD5 checksum: 15613120 13474e40e538a178556712045a1055c2
    i386 architecture (Intel ia32)
        Size/MD5 checksum:   401964 67ca4a3a5e393d5dfc3d72b22c29ac24
        Size/MD5 checksum:  5352762 0492fa26aacea1e90a2a8076f421736d
        Size/MD5 checksum: 20260632 0903069efeb795506c5de03770992c4d
        Size/MD5 checksum:   382028 04fdd8c04218b0adabedf7255de595dc
        Size/MD5 checksum:  3715228 9a34e86a009de2cfce28c65486c435b1
        Size/MD5 checksum:   395624 e7f8a141fcce18b9175f988961560481
        Size/MD5 checksum:   103638 2e1729b6d848f742b6330e6d5a695a44
        Size/MD5 checksum: 20236806 82db8b2a80d62b4a09d33e83a88750ec
        Size/MD5 checksum:   395790 b55d97b7a62538cc00f886ea8655e59a
        Size/MD5 checksum:   396078 58d4fb3d17f32ffdc57a17a3a0e2a647
        Size/MD5 checksum: 20142406 30711aa079af780c44aab9474c404917
        Size/MD5 checksum:   746566 1044f2f109e75208c88397938b0a793f
        Size/MD5 checksum:   103652 404c334a0703eb5710593c6eade7c2f3
        Size/MD5 checksum: 20117418 65608dc1c7f99ab38fcd30a1a4bb06da
        Size/MD5 checksum:   396930 e589efc8e5b6a5c0649d1b4a9508b477
        Size/MD5 checksum: 20412848 43c86e53ac74b81cd167e59df620c6ae
        Size/MD5 checksum: 17945358 6bf8a4efc2d3d2af2ed9873f0ed4a940
        Size/MD5 checksum:  1589190 20210ab586114583a1227b00e7ddf23c
        Size/MD5 checksum:   384234 86d3c745e0456a25f481c9585becd71f
        Size/MD5 checksum:  3847862 8177698dda0696e378accfe9c3d3c44f
        Size/MD5 checksum:  3747978 b25b6df842f713a7736448d91be804a3
        Size/MD5 checksum:   103700 05a3a356d68d4777ed08c8e88e234c17
        Size/MD5 checksum:   396910 3b1af51b193bbb723c20f3ff1063a9f6
        Size/MD5 checksum: 20766900 c3d03294fd3777044a6fe908e77ca56e
        Size/MD5 checksum: 20082656 0a700ba7ed7bcf1c94cffe57722c8e77
        Size/MD5 checksum:  3770904 2c20fd09d1b57aceb659b650d2a86c3e
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:  3683456 f8e33d2b49c0dc0f6daaa8c1c5aed6a1
        Size/MD5 checksum:   352408 9087493ca55454b97152ebf3e12ac027
        Size/MD5 checksum: 34097344 aad5d13c617ffaf5efc31bf3fee5bdbb
        Size/MD5 checksum:   103650 61015b0fb2d786664d340caec9556cb3
        Size/MD5 checksum:   351716 9a1c3c31cedebd60ea0e71a983edbe24
        Size/MD5 checksum: 34176080 7d8b2afa280521af629da3ef6a8dcf96
        Size/MD5 checksum: 33920860 261eab4d401617b4e50d5e9c7fa9478c
        Size/MD5 checksum:   103682 e8ef7422829d57e214062770ee1516fd
        Size/MD5 checksum:   351762 3c392c2f3ecc09b8794b9c08a6dda4d9
        Size/MD5 checksum:   352368 f63441dda8bf0e1394d4e71531b5c3f6
        Size/MD5 checksum: 33988600 8fc3c10d5f376828d451263e2a5a0411
        Size/MD5 checksum:  3651316 fa72532376b07227d336484a5eb9b59c
        Size/MD5 checksum:   745208 bbb6f3e7e0aa49a23b19b0995f458d2b
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum: 29180882 69a83b37e95628c4ca370f1c8ab6e101
        Size/MD5 checksum: 19996594 09ab2685b1d53cd77b9554fbfafed256
        Size/MD5 checksum: 19985912 7de8b500b44f9fc8249944de2146a251
        Size/MD5 checksum:  3959292 ccf258221f247d7d6524511d64336422
        Size/MD5 checksum:   295336 877afd2f578bcfe254d01dbd437c72a3
        Size/MD5 checksum: 23319736 ab01e5fb78dc39389364a8284a9fafb8
        Size/MD5 checksum:   255696 3208d45d1fa1d3bc56452e3715044bde
        Size/MD5 checksum:   294846 4b8c8611ab3ced1936a21719d0db327e
        Size/MD5 checksum:   103628 e305aec4b61ee60c5638c64cb85b5f89
        Size/MD5 checksum:   103572 ac8b9df04d63b2e077590e82a8676e6c
        Size/MD5 checksum:   280168 4462adb08ce8d26bf9856021b814d191
        Size/MD5 checksum:   349818 e0e3ff2cb9251fca0729f347dfe5ecba
        Size/MD5 checksum: 11427614 ab6594b40bf0ce9a73c0891ba9706cc3
        Size/MD5 checksum: 15680942 6d69e713864dd57e7e5c52711ce65f8f
        Size/MD5 checksum:   350770 02fc7e97009a310eab609b34824f0198
        Size/MD5 checksum:   754842 f4f4b879b7a9ff4efb024cf7c81e4c8e
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum: 22773614 2f02c916e762ec12aa5e6d940e6942ab
        Size/MD5 checksum:   346140 f074d0b61aca2a022c1b23b2a9cb31d8
        Size/MD5 checksum:   103708 7cbdf5c0f7d9091682225139e4019f4a
        Size/MD5 checksum:   739236 220a8b129147286703e70de980e70010
        Size/MD5 checksum: 19378238 717d741afb1c4d6355bf2912e797b893
        Size/MD5 checksum: 19385536 c743a80e3ab91e52603517987059d062
        Size/MD5 checksum:   291996 72bd0ee79971f727a22e753de2a79dd2
        Size/MD5 checksum:  3887460 24f9ebab57d2f336ab2965d75ced8d04
        Size/MD5 checksum:   103656 7e5a9a9fe6b75f773f7109fdb29c67b2
        Size/MD5 checksum: 14885136 b97b282ee0e13f36a0e7ec7ac90fd698
        Size/MD5 checksum:   291628 97184eef6ab6f4aba03c5756cf817e77
        Size/MD5 checksum:   346368 9f65a85c3a36a98971295da9eca49ced
        Size/MD5 checksum:   287456 f836716afe5101b627b6d017ee2cf6e3
        Size/MD5 checksum: 28242940 f848e64d548e0dc0655ff4a1e1efc263
    powerpc architecture (PowerPC)
        Size/MD5 checksum:  3852082 41b6543dcd37c140f2c468d7c7535eed
        Size/MD5 checksum: 23112214 960c8cfb6b15c7cbaf6edd2d4aca9216
        Size/MD5 checksum:   103666 e2fd64d5aa6c1f98956e62b4a0260d0f
        Size/MD5 checksum:  3886868 44038a1babafe461e01dc987d84edf9a
        Size/MD5 checksum: 23389448 f1d0e1e6ed8b15a234c8023bc258149b
        Size/MD5 checksum:   370398 90e589b7dd6b6a5a2a1e29c204b0ed68
        Size/MD5 checksum:   370828 c556b7c5ed697ccf57eb6dee79279dfc
        Size/MD5 checksum:   752742 e8fa3ee09312887d1d11f32d123a50d9
        Size/MD5 checksum:   364504 91840865ed1ed6cc06f7e4141ee9caf6
        Size/MD5 checksum: 23548478 943ab35bb29eb5f16b065f31d98b0f10
        Size/MD5 checksum:   103692 f69df040dc9fdf8e78517698c15a5550
        Size/MD5 checksum:   364426 9d91da2c31f69340de4f4fa30e5043ee
        Size/MD5 checksum:   362742 f5cc256d09740470b319faa0acb0bbeb
        Size/MD5 checksum: 23341130 8b8bee292a27f65c68ccef929f472629
        Size/MD5 checksum: 23515268 8253e09f72830bc475e18382d77e790c
    s390 architecture (IBM S/390)
        Size/MD5 checksum:   226874 012f123cf2a0959a26b3842d4a01a288
        Size/MD5 checksum:  7829404 b2db1074fb1f2c946dec0e6e87ff5f92
        Size/MD5 checksum:   103648 850c0432d7d078b4626b3be6daab0a28
        Size/MD5 checksum:  7768546 35fc35b3b56e41cd84d43f2e77c0b22b
        Size/MD5 checksum:  3526832 fa2fb50fa267e35dd7d6800d99639256
        Size/MD5 checksum:   226086 2c89451b2fc1bea70667cd0ff95dae91
        Size/MD5 checksum:   738472 31dc6942f679a420645a21e0fc0c35e0
        Size/MD5 checksum:  7481500 e2375317ca3081bf63a3c97a5b935416
        Size/MD5 checksum:  1625802 5160bd9986a171955f3562b75cf354b2
        Size/MD5 checksum:   228190 5cabeeb5263a026a97facd0ea936b762
        Size/MD5 checksum:  3559308 e21511cdf0e9fcb7a252ab44d91b92eb
        Size/MD5 checksum:   103670 3775b5b831d91e73aefaa4e75bfeb002
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:   103590 d03c411c9501d10750608b9b79b0cf72
        Size/MD5 checksum: 14479456 98ceecd12b774a3ebb356191d62557a2
        Size/MD5 checksum:  3777608 881e0091bbc2885b4affe78a9ae3b07a
        Size/MD5 checksum:   297472 1670872dd129ca10da89ef6c9661c460
        Size/MD5 checksum: 14134838 0225ead0cde1eacf5ac523da37a7a679
        Size/MD5 checksum:  3812750 f0bb98ba845e2e1b6b196d8015a20718
        Size/MD5 checksum:   299968 ddc83f3902293f66791c1cc24345695c
        Size/MD5 checksum: 14459928 fc5eb9d5a238621723ecd3919946cbe9
        Size/MD5 checksum:   795946 cb3b7cb116f72dd623a3ed8e7d53e3e3
        Size/MD5 checksum:   298804 260d0051895126e78a28510075dc4898
        Size/MD5 checksum:   103566 3d18d81d21f97f8cc79638cfa1ef0090
      These changes will probably be included in the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"160","title":"Just made the switch!","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"161","title":"1-5 years","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.