Linux Security
Linux Security
Linux Security

Debian: DSA-1800-1: New Linux 2.6.26 packages fix several vulnerabilities

Date 15 May 2009
Posted By LinuxSecurity Advisories
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. The Common Vulnerabilities and Exposures project identifies the following problems:
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-1800-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           dann frazier
May 15, 2009              
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : denial of service/privilege escalation/sensitive memory leak
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2009-0028 CVE-2009-0834 CVE-2009-0835 CVE-2009-0859
                 CVE-2009-1046 CVE-2009-1072 CVE-2009-1184 CVE-2009-1192
                 CVE-2009-1242 CVE-2009-1265 CVE-2009-1337 CVE-2009-1338

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, privilege escalation or a sensitive
memory leak. The Common Vulnerabilities and Exposures project
identifies the following problems:


    Chris Evans discovered a situation in which a child process can
    send an arbitrary signal to its parent.


    Roland McGrath discovered an issue on amd64 kernels that allows
    local users to circumvent system call audit configurations which
    filter based on the syscall numbers or argument details.


    Roland McGrath discovered an issue on amd64 kernels with
    CONFIG_SECCOMP enabled. By making a specially crafted syscall,
    local users can bypass access restrictions.


    Jiri Olsa discovered that a local user can cause a denial of
    service (system hang) using a SHM_INFO shmctl call on kernels
    compiled with CONFIG_SHMEM disabled. This issue does not affect
    prebuilt Debian kernels.


    Mikulas Patocka reported an issue in the console subsystem that
    allows a local user to cause memory corruption by selecting a
    small number of 3-byte UTF-8 characters.


    Igor Zhbanov reported that nfsd was not properly dropping
    CAP_MKNOD, allowing users to create device nodes on file systems
    exported with root_squash.


    Dan Carpenter reported a coding issue in the selinux subsystem
    that allows local users to bypass certain networking checks when
    running with compat_net=1.

    Shaohua Li reported an issue in the AGP subsystem they may allow
    local users to read sensitive kernel memory due to a leak of
    uninitialized memory.


    Benjamin Gilbert reported a local denial of service vulnerability
    in the KVM VMX implementation that allows local users to trigger
    an oops.


    Thomas Pollet reported an overflow in the af_rose implementation
    that allows remote attackers to retrieve uninitialized kernel
    memory that may contain sensitive data.


    Oleg Nesterov discovered an issue in the exit_notify function that
    allows local users to send an arbitrary signal to a process by
    running a program that modifies the exit_signal field and then
    uses an exec system call to launch a setuid application.


    Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to
    reach processes outside of the current process namespace.

    Pavan Naregundi reported an issue in the CIFS filesystem code that
    allows remote users to overwrite memory via a long
    nativeFileSystem field in a Tree Connect response during mount.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-15lenny2.

For the oldstable distribution (etch), these problems, where applicable,
will be fixed in future updates to linux-2.6 and linux-2.6.24.

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.

Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or "leap-frog" fashion.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

                                             Debian 5.0 (lenny)
     user-mode-linux                         2.6.26-1um-2+15lenny2

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:  7329571 1bce8a02959ba560840a7ddf3c85d903
    Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
    Size/MD5 checksum:     5777 5a7ff16752f5110837e60b4a5c8e9000
    Size/MD5 checksum:     1272 46e99e7c41b6ab88585e915a38834af2
    Size/MD5 checksum:    13274 692ffd3b2e648159d13941cffe052413
    Size/MD5 checksum:    12566 58cd8b7f3a51b2272c9afc10b81551cc

Architecture independent packages:
    Size/MD5 checksum:   119468 9ad04974bda322d3bbef07498f30a9d6
    Size/MD5 checksum:  1757514 bb327a7a975d8c99f17dfd155a2a72a2
    Size/MD5 checksum:   104110 bdd9af9837d54a8fb50129861c97dc8f
    Size/MD5 checksum: 48700438 49386b86f3c839ac6fcdb18bd8c29c04
    Size/MD5 checksum:  2261264 29b2eb0593f8a91f2d0ec226d273b9da
    Size/MD5 checksum:  4624712 dd7e6ff69cf56f23c60496ff73f7298b

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   751056 dafcb057c2a435bd9df498619e29e1a7
    Size/MD5 checksum:   369566 f56eadc0219fd2a2747b83ba4ab8eacb
    Size/MD5 checksum: 28444362 7550723b98c8449b38be12f9878d3778
    Size/MD5 checksum:  3608062 b9ef0cc9e5c6d91626182ae4dd6ba8e8
    Size/MD5 checksum:   369154 f93e3de04d17cbe97485014d90f3c28c
    Size/MD5 checksum:   369350 7f2fd6ba761701961161a47a96072689
    Size/MD5 checksum:   103660 bdc8b2803a3e66f5359f256270d6f5ae
    Size/MD5 checksum:   103676 ed05e6468ab11308e64166a3ee12e881
    Size/MD5 checksum: 29151222 870766e5b3f04cf9c035cbeac559938a

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   392188 0654ee97b3c916c94e101a28e62b7758
    Size/MD5 checksum:  3935410 078ccbf5fd16712f8bf5ff151de046c9
    Size/MD5 checksum: 20918522 69de946d1bfb38db74dd37dc11bb77a2
    Size/MD5 checksum:   392818 ab57bec86e9379a94a35e99751905d8b
    Size/MD5 checksum:  3852298 9ac3894ba6a9c59c5c246b1cb515088f
    Size/MD5 checksum:   388042 76cc4730e19076a63e7a984581599e82
    Size/MD5 checksum:   103642 96e6f166c99d1345c2532e6128d68b63
    Size/MD5 checksum: 19288550 8e326e2bf136131abca1a3a60ddab9de
    Size/MD5 checksum:   397950 666585c1b6514caac9513ee0e960e549
    Size/MD5 checksum:   761832 88fe1a58c498c24ec8ccbe45ae862715
    Size/MD5 checksum:   103686 fe41064607e75452828b8d9b7ee43e05
    Size/MD5 checksum:  3830612 ba30367c79415273f405f7badde67ef7
    Size/MD5 checksum: 20896590 733b6e160bd73635703449966f4014c2
    Size/MD5 checksum: 21074418 7bcb629b5c1ab7edd559cfd1518606eb
    Size/MD5 checksum:  3794626 841fa07f11ebced3f6043398764203c2
    Size/MD5 checksum:   103652 9d14ba4a406d5c2f54377e9ed9385291
    Size/MD5 checksum:  1799890 3fbde882e04f90712afab46ceb1d2e4f
    Size/MD5 checksum:  5823978 d57d4ddc15c0c661db45766236aafd1f

arm architecture (ARM)
    Size/MD5 checksum:   357196 61cf0294a78ae1aa4980eadc186b02bf
    Size/MD5 checksum: 11714240 6e461c880ce62f76fc2ae450df65ac7f
    Size/MD5 checksum:  4135562 934da0c4113cf93379303d7c426b9ec0
    Size/MD5 checksum:   345872 51a9ca83773967b4fca791ad7304e8b9
    Size/MD5 checksum: 11407528 01c0704554c7e5783af0bfe243583b2f
    Size/MD5 checksum: 10229940 7cdafb4746b99daf343615abd065b52c
    Size/MD5 checksum:   360706 c0553218a6dc212e6e262f2c5d4e95e9
    Size/MD5 checksum:   362878 063b38690d57b4bed42f47ae6669a205
    Size/MD5 checksum:   103570 67283a7c868e3b020ea32df43305e6cb
    Size/MD5 checksum:   743442 f032b462f2ced0b29ef8fad467dc53e3
    Size/MD5 checksum:   103614 b834c333d52e174cfafa707c1cf6007f
    Size/MD5 checksum: 12429986 3e583ab23c35a27a13cb10cc0da581f0

armel architecture (ARM EABI)
    Size/MD5 checksum:   362534 553b5d4a96face61b87a8e072f1f9ff8
    Size/MD5 checksum:  4127498 168ff1a45080f3c4cba4a04d1b326b16
    Size/MD5 checksum: 11682088 d75f73e9f4614bfb13de3c73b5b2ae9a
    Size/MD5 checksum:   744114 76f75b81436e3b3b387e8fd405535dca
    Size/MD5 checksum:   334058 16bf2ddbe077aef886e30ecd08320792
    Size/MD5 checksum: 12394862 3dcf9c71e56fbd49c1ac8088c2271a67
    Size/MD5 checksum:   359142 f44a38848367e077d3ab10095695a1f9
    Size/MD5 checksum:   103698 b2db17336a565129e4cd858cfdbebdec
    Size/MD5 checksum:  9570956 c1202b4698c40d8ba708227cc463ba75
    Size/MD5 checksum:   364206 28ac049650ad018de6f30b2f974c335e
    Size/MD5 checksum: 11370938 f1272a12e1fe6bdb4a1e75be8d205c08
    Size/MD5 checksum:   103664 efcc623f3063eab822d32d3392659bb1

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   293774 11f697620d8e797204a9ee43c7e49e86
    Size/MD5 checksum:   296078 103c08b6d81814a758e70381efbd00cb
    Size/MD5 checksum: 17469984 5bf0999276e32dcc44eae2f5dae41c43
    Size/MD5 checksum:  3596462 498f39403026997ec7e9bd0daa01ae05
    Size/MD5 checksum:   103600 b5edaa5c335be330726ef6dbab25bcd8
    Size/MD5 checksum: 16925522 4c7ca20db89d33a0c050165a7ca41533
    Size/MD5 checksum:   293006 b8543710d9d5eba22a4a1bc6128436d9
    Size/MD5 checksum:   103574 35b0f4350ceb613d3790f054a720a2c7
    Size/MD5 checksum:   294442 b6ffd162c317e0bd787a6f5db35af295
    Size/MD5 checksum: 16202302 30d4723632168c7a4b1a2b0ebd993c6c
    Size/MD5 checksum:   755564 07bda4c6ddbf6a86ff2d37f5faa53a3b
    Size/MD5 checksum: 15613120 13474e40e538a178556712045a1055c2

i386 architecture (Intel ia32)
    Size/MD5 checksum:   401964 67ca4a3a5e393d5dfc3d72b22c29ac24
    Size/MD5 checksum:  5352762 0492fa26aacea1e90a2a8076f421736d
    Size/MD5 checksum: 20260632 0903069efeb795506c5de03770992c4d
    Size/MD5 checksum:   382028 04fdd8c04218b0adabedf7255de595dc
    Size/MD5 checksum:  3715228 9a34e86a009de2cfce28c65486c435b1
    Size/MD5 checksum:   395624 e7f8a141fcce18b9175f988961560481
    Size/MD5 checksum:   103638 2e1729b6d848f742b6330e6d5a695a44
    Size/MD5 checksum: 20236806 82db8b2a80d62b4a09d33e83a88750ec
    Size/MD5 checksum:   395790 b55d97b7a62538cc00f886ea8655e59a
    Size/MD5 checksum:   396078 58d4fb3d17f32ffdc57a17a3a0e2a647
    Size/MD5 checksum: 20142406 30711aa079af780c44aab9474c404917
    Size/MD5 checksum:   746566 1044f2f109e75208c88397938b0a793f
    Size/MD5 checksum:   103652 404c334a0703eb5710593c6eade7c2f3
    Size/MD5 checksum: 20117418 65608dc1c7f99ab38fcd30a1a4bb06da
    Size/MD5 checksum:   396930 e589efc8e5b6a5c0649d1b4a9508b477
    Size/MD5 checksum: 20412848 43c86e53ac74b81cd167e59df620c6ae
    Size/MD5 checksum: 17945358 6bf8a4efc2d3d2af2ed9873f0ed4a940
    Size/MD5 checksum:  1589190 20210ab586114583a1227b00e7ddf23c
    Size/MD5 checksum:   384234 86d3c745e0456a25f481c9585becd71f
    Size/MD5 checksum:  3847862 8177698dda0696e378accfe9c3d3c44f
    Size/MD5 checksum:  3747978 b25b6df842f713a7736448d91be804a3
    Size/MD5 checksum:   103700 05a3a356d68d4777ed08c8e88e234c17
    Size/MD5 checksum:   396910 3b1af51b193bbb723c20f3ff1063a9f6
    Size/MD5 checksum: 20766900 c3d03294fd3777044a6fe908e77ca56e
    Size/MD5 checksum: 20082656 0a700ba7ed7bcf1c94cffe57722c8e77
    Size/MD5 checksum:  3770904 2c20fd09d1b57aceb659b650d2a86c3e

ia64 architecture (Intel ia64)
    Size/MD5 checksum:  3683456 f8e33d2b49c0dc0f6daaa8c1c5aed6a1
    Size/MD5 checksum:   352408 9087493ca55454b97152ebf3e12ac027
    Size/MD5 checksum: 34097344 aad5d13c617ffaf5efc31bf3fee5bdbb
    Size/MD5 checksum:   103650 61015b0fb2d786664d340caec9556cb3
    Size/MD5 checksum:   351716 9a1c3c31cedebd60ea0e71a983edbe24
    Size/MD5 checksum: 34176080 7d8b2afa280521af629da3ef6a8dcf96
    Size/MD5 checksum: 33920860 261eab4d401617b4e50d5e9c7fa9478c
    Size/MD5 checksum:   103682 e8ef7422829d57e214062770ee1516fd
    Size/MD5 checksum:   351762 3c392c2f3ecc09b8794b9c08a6dda4d9
    Size/MD5 checksum:   352368 f63441dda8bf0e1394d4e71531b5c3f6
    Size/MD5 checksum: 33988600 8fc3c10d5f376828d451263e2a5a0411
    Size/MD5 checksum:  3651316 fa72532376b07227d336484a5eb9b59c
    Size/MD5 checksum:   745208 bbb6f3e7e0aa49a23b19b0995f458d2b

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum: 29180882 69a83b37e95628c4ca370f1c8ab6e101
    Size/MD5 checksum: 19996594 09ab2685b1d53cd77b9554fbfafed256
    Size/MD5 checksum: 19985912 7de8b500b44f9fc8249944de2146a251
    Size/MD5 checksum:  3959292 ccf258221f247d7d6524511d64336422
    Size/MD5 checksum:   295336 877afd2f578bcfe254d01dbd437c72a3
    Size/MD5 checksum: 23319736 ab01e5fb78dc39389364a8284a9fafb8
    Size/MD5 checksum:   255696 3208d45d1fa1d3bc56452e3715044bde
    Size/MD5 checksum:   294846 4b8c8611ab3ced1936a21719d0db327e
    Size/MD5 checksum:   103628 e305aec4b61ee60c5638c64cb85b5f89
    Size/MD5 checksum:   103572 ac8b9df04d63b2e077590e82a8676e6c
    Size/MD5 checksum:   280168 4462adb08ce8d26bf9856021b814d191
    Size/MD5 checksum:   349818 e0e3ff2cb9251fca0729f347dfe5ecba
    Size/MD5 checksum: 11427614 ab6594b40bf0ce9a73c0891ba9706cc3
    Size/MD5 checksum: 15680942 6d69e713864dd57e7e5c52711ce65f8f
    Size/MD5 checksum:   350770 02fc7e97009a310eab609b34824f0198
    Size/MD5 checksum:   754842 f4f4b879b7a9ff4efb024cf7c81e4c8e

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum: 22773614 2f02c916e762ec12aa5e6d940e6942ab
    Size/MD5 checksum:   346140 f074d0b61aca2a022c1b23b2a9cb31d8
    Size/MD5 checksum:   103708 7cbdf5c0f7d9091682225139e4019f4a
    Size/MD5 checksum:   739236 220a8b129147286703e70de980e70010
    Size/MD5 checksum: 19378238 717d741afb1c4d6355bf2912e797b893
    Size/MD5 checksum: 19385536 c743a80e3ab91e52603517987059d062
    Size/MD5 checksum:   291996 72bd0ee79971f727a22e753de2a79dd2
    Size/MD5 checksum:  3887460 24f9ebab57d2f336ab2965d75ced8d04
    Size/MD5 checksum:   103656 7e5a9a9fe6b75f773f7109fdb29c67b2
    Size/MD5 checksum: 14885136 b97b282ee0e13f36a0e7ec7ac90fd698
    Size/MD5 checksum:   291628 97184eef6ab6f4aba03c5756cf817e77
    Size/MD5 checksum:   346368 9f65a85c3a36a98971295da9eca49ced
    Size/MD5 checksum:   287456 f836716afe5101b627b6d017ee2cf6e3
    Size/MD5 checksum: 28242940 f848e64d548e0dc0655ff4a1e1efc263

powerpc architecture (PowerPC)
    Size/MD5 checksum:  3852082 41b6543dcd37c140f2c468d7c7535eed
    Size/MD5 checksum: 23112214 960c8cfb6b15c7cbaf6edd2d4aca9216
    Size/MD5 checksum:   103666 e2fd64d5aa6c1f98956e62b4a0260d0f
    Size/MD5 checksum:  3886868 44038a1babafe461e01dc987d84edf9a
    Size/MD5 checksum: 23389448 f1d0e1e6ed8b15a234c8023bc258149b
    Size/MD5 checksum:   370398 90e589b7dd6b6a5a2a1e29c204b0ed68
    Size/MD5 checksum:   370828 c556b7c5ed697ccf57eb6dee79279dfc
    Size/MD5 checksum:   752742 e8fa3ee09312887d1d11f32d123a50d9
    Size/MD5 checksum:   364504 91840865ed1ed6cc06f7e4141ee9caf6
    Size/MD5 checksum: 23548478 943ab35bb29eb5f16b065f31d98b0f10
    Size/MD5 checksum:   103692 f69df040dc9fdf8e78517698c15a5550
    Size/MD5 checksum:   364426 9d91da2c31f69340de4f4fa30e5043ee
    Size/MD5 checksum:   362742 f5cc256d09740470b319faa0acb0bbeb
    Size/MD5 checksum: 23341130 8b8bee292a27f65c68ccef929f472629
    Size/MD5 checksum: 23515268 8253e09f72830bc475e18382d77e790c

s390 architecture (IBM S/390)
    Size/MD5 checksum:   226874 012f123cf2a0959a26b3842d4a01a288
    Size/MD5 checksum:  7829404 b2db1074fb1f2c946dec0e6e87ff5f92
    Size/MD5 checksum:   103648 850c0432d7d078b4626b3be6daab0a28
    Size/MD5 checksum:  7768546 35fc35b3b56e41cd84d43f2e77c0b22b
    Size/MD5 checksum:  3526832 fa2fb50fa267e35dd7d6800d99639256
    Size/MD5 checksum:   226086 2c89451b2fc1bea70667cd0ff95dae91
    Size/MD5 checksum:   738472 31dc6942f679a420645a21e0fc0c35e0
    Size/MD5 checksum:  7481500 e2375317ca3081bf63a3c97a5b935416
    Size/MD5 checksum:  1625802 5160bd9986a171955f3562b75cf354b2
    Size/MD5 checksum:   228190 5cabeeb5263a026a97facd0ea936b762
    Size/MD5 checksum:  3559308 e21511cdf0e9fcb7a252ab44d91b92eb
    Size/MD5 checksum:   103670 3775b5b831d91e73aefaa4e75bfeb002

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   103590 d03c411c9501d10750608b9b79b0cf72
    Size/MD5 checksum: 14479456 98ceecd12b774a3ebb356191d62557a2
    Size/MD5 checksum:  3777608 881e0091bbc2885b4affe78a9ae3b07a
    Size/MD5 checksum:   297472 1670872dd129ca10da89ef6c9661c460
    Size/MD5 checksum: 14134838 0225ead0cde1eacf5ac523da37a7a679
    Size/MD5 checksum:  3812750 f0bb98ba845e2e1b6b196d8015a20718
    Size/MD5 checksum:   299968 ddc83f3902293f66791c1cc24345695c
    Size/MD5 checksum: 14459928 fc5eb9d5a238621723ecd3919946cbe9
    Size/MD5 checksum:   795946 cb3b7cb116f72dd623a3ed8e7d53e3e3
    Size/MD5 checksum:   298804 260d0051895126e78a28510075dc4898
    Size/MD5 checksum:   103566 3d18d81d21f97f8cc79638cfa1ef0090

  These changes will probably be included in the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"64","type":"x","order":"1","pct":76.19,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"13","type":"x","order":"2","pct":15.48,"resources":[]},{"id":"181","title":"Hardly ever","votes":"7","type":"x","order":"3","pct":8.33,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.