Linux Security
    Linux Security
    Linux Security

    Debian: DSA-1929-1: New Linux 2.6.18 packages fix several vulnerabilities

    Posted By
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:
    Hash: SHA1
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-1929-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           Dann Frazier
    November 5, 2009          
    - ----------------------------------------------------------------------
    Package        : linux-2.6
    Vulnerability  : privilege escalation/denial of service/sensitive memory leak
    Problem type   : local
    Debian-specific: no
    CVE Id(s)      : CVE-2009-1883 CVE-2009-2909 CVE-2009-3001 CVE-2009-3002
                     CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547
                     CVE-2009-3612 CVE-2009-3621
    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a denial of service, sensitive memory leak or privilege
    escalation.  The Common Vulnerabilities and Exposures project
    identifies the following problems:
        Solar Designer discovered a missing capability check in the
        z90crypt driver or s390 systems. This vulnerability may allow
        a local user to gain elevated privileges.
        Arjan van de Ven discovered an issue in the AX.25 protocol
        implementation. A specially crafted call to setsockopt() can
        result in a denial of service (kernel oops).
        Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
        802.2 LLC implementation. This is not exploitable in the Debian
        lenny kernel as root privileges are required to exploit this
        Eric Dumazet fixed several sensitive memory leaks in the IrDA,
        X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
        Network (CAN) implementations. Local users can exploit these
        issues to gain access to kernel memory.
        Eric Dumazet reported an instance of uninitialized kernel memory
        in the network packet scheduler. Local users may be able to
        exploit this issue to read the contents of sensitive kernel
        Linus Torvalds provided a change to the get_random_int() function
        to increase its randomness.
        Eric Paris discovered an issue with the NFSv4 server
        implementation.  When an O_EXCL create fails, files may be left
        with corrupted permissions, possibly granting unintentional
        privileges to other local users.
        Earl Chew discovered a NULL pointer dereference issue in the
        pipe_rdwr_open function which can be used by local users to gain
        elevated privileges.
        Jiri Pirko discovered a typo in the initialization of a structure
        in the netlink subsystem that may allow local users to gain access
        to sensitive kernel memory.
        Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
        socket implementation. Local users can exploit this vulnerability
        to cause a denial of service (system hang).
    For the oldstable distribution (etch), this problem has been fixed in
    version 2.6.18.dfsg.1-26etch1.
    We recommend that you upgrade your linux-2.6, fai-kernels, and
    user-mode-linux packages.
    Note: Debian 'etch' includes linux kernel packages based upon both the
    2.6.18 and 2.6.24 linux releases.  All known security issues are
    carefully tracked against both packages and both packages will receive
    security updates until security support for Debian 'etch'
    concludes. However, given the high frequency at which low-severity
    security issues are discovered in the kernel and the resource
    requirements of doing an update, lower severity 2.6.18 and 2.6.24
    updates will typically release in a staggered or "leap-frog" fashion.
    The following matrix lists additional source packages that were rebuilt for
    compatability with or to take advantage of this update:
                                                 Debian 4.0 (etch)
         fai-kernels                             1.17+etch.26etch1
         user-mode-linux                         2.6.18-1um-2etch.26etch1
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    Oldstable updates are available for alpha, amd64, hppa, i386,
    ia64, powerpc and s390 architectures. Updates for other
    architectures will be released as the they become available.
    Source archives:
        Size/MD5 checksum:  5514957 b9cb3b1e1ba1196b9020e6d07d48b752
        Size/MD5 checksum:     5673 4ba2595893287a7b82713ca182aad7be
        Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
    Architecture independent packages:
        Size/MD5 checksum:  3721660 836e780dd306ee60318d8ac1c28087eb
        Size/MD5 checksum: 41474520 7457b0e444adb6b31dbcda82768671cd
        Size/MD5 checksum:  1852976 ec11d9e2967a87b27fac807f80218d0e
        Size/MD5 checksum:    58896 e7dc19b1c3f0a22c1764420642117fa8
        Size/MD5 checksum:  3593482 146e26a9c17bfa1a0a1fa198afdf1c70
        Size/MD5 checksum:  1091166 7a089920e547412d07cf1ef44e47bbb1
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:    58290 7a1661641c432bc5a1e442a71f0584ac
        Size/MD5 checksum:    58254 223e25b49b1ce3fefe9934ecdda7cec4
        Size/MD5 checksum: 23374558 fc6fad80b66536f0c86fe4a4923057fa
        Size/MD5 checksum:   266914 bd1cb44848eb7ed46418783e958046de
        Size/MD5 checksum:   267502 b719376ff7b69b31e59f49010c249d17
        Size/MD5 checksum: 23440762 aace7bef32f7f7f69e1aeed69d191c41
        Size/MD5 checksum:   266308 228979a449e897802d4089909eef0326
        Size/MD5 checksum:  2978226 214923bbb5171e2a3daa23ed31240118
        Size/MD5 checksum:   267100 60048c2f207f0b00b1fab86639f3c276
        Size/MD5 checksum: 23393346 1fcae90244756e9b1ed37b08a8e39b99
        Size/MD5 checksum: 23752762 c6b5c665617a937c6caee0558daa8b2d
        Size/MD5 checksum:  3001856 cb672b346cd9b30717e4446ee2545fff
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:  3339600 83ef8191115cf0c23599b2ad45da661c
        Size/MD5 checksum: 15279100 dba0ecedc142a8f29c08ff3cb35fc9e5
        Size/MD5 checksum:  3362362 7acf6afbec42d7e386e4e99f45e07849
        Size/MD5 checksum: 16822140 04e89e226683aee6fc0f5e2d2751e258
        Size/MD5 checksum:   277136 04ba98f1750e31f17a52caa0add3e419
        Size/MD5 checksum:  3196356 37e16a42ebf900a63d15ec1c47bd2a2a
        Size/MD5 checksum: 15266172 647285195e9651e86fc78f47ca3e6aa3
        Size/MD5 checksum:  1687964 2556db55e5438dc01309d7d461f91ee3
        Size/MD5 checksum:  3173540 5e0fd0af39da8904a5fc459e00fe1592
        Size/MD5 checksum:   276536 ac228fd76c2a64910f1194c39f5dd9a5
        Size/MD5 checksum:   274660 9817c928baacf675542085e0387cfedc
        Size/MD5 checksum: 16868682 d99a5ffc0a0c88dee5f8c279e3f96f64
        Size/MD5 checksum:    58278 4825706649861dcc9afd8438f961ec6e
        Size/MD5 checksum:  1656646 633e8373c64bb27bc283e87300ebe6cf
        Size/MD5 checksum:   276056 60aec7d94ae1a1afa21cc68d5b7d3c53
        Size/MD5 checksum:    58254 8bb6069f2f74da9b2bb5603898dc22e3
        Size/MD5 checksum:    58240 51d240b42f43c2cb30c31f5c4bf2117c
        Size/MD5 checksum:    58254 31e336851095fea2499e594987acea4b
    hppa architecture (HP PA RISC)
        Size/MD5 checksum: 10563254 4486c3660f904e4bd439c370b7f97c69
        Size/MD5 checksum: 11814740 f178d4aa3358d09a492436d29dbee5cb
        Size/MD5 checksum:   202308 42a4b6b6b9c2f711d4c3b932353457fb
        Size/MD5 checksum: 11404596 9bd75cb26f23cc0c012dbcc1458c547f
        Size/MD5 checksum: 11005460 01d3a246f1ffe6f368fa6ca9f4548e97
        Size/MD5 checksum:  3026810 ef214434dcb13fe3bdd684bf580a6b9b
        Size/MD5 checksum:   203070 d50c921e10f3dd82ff85287acaf0b14f
        Size/MD5 checksum:   201556 da0a211d54dcd3e34fa29514c9934f9d
        Size/MD5 checksum:    58368 9917c0b22afe4c440ec64ff6d2a608e4
        Size/MD5 checksum:   201912 163590408b3e663b5f8cfae14e3c89a5
        Size/MD5 checksum:    58338 58f6a43a14a89d67bb46c796e8bde247
    i386 architecture (Intel ia32)
        Size/MD5 checksum:   290694 8a08177d6d4f46a20086b489ce4decf2
        Size/MD5 checksum:   280544 0ffbb9bc4aee76a067cebcec6f31f62e
        Size/MD5 checksum:   287894 831999c67686f31d2346b0fa6b4948aa
        Size/MD5 checksum: 16543512 c0b9fdc137151b96ccb8198fab8b5f72
        Size/MD5 checksum: 16931792 b73f3867a2efef757fcd111916116105
        Size/MD5 checksum: 14401768 eb0e34a9dfc17344c471b158faeab021
        Size/MD5 checksum:    58386 9ef707bff12f1cdb495a075c13325564
        Size/MD5 checksum:    58324 a00b5e3696278aa2d9c59f16267e3d06
        Size/MD5 checksum: 16326580 3ad3c0068e6343b6e5f70f3c44fdb3d5
        Size/MD5 checksum:   289228 4fcd19b2eb92b4550dc4a7673acc4f62
        Size/MD5 checksum: 16645286 1b2290466641e1d9ef3ecf942180fe79
        Size/MD5 checksum:  3215828 0c99ba0dd4abce66cda2fe6c554ccc03
        Size/MD5 checksum: 16517286 a729d0b07130c615d0d32d7b2ac46852
        Size/MD5 checksum:   289284 183af751e23717e0ac5821f60959e5ad
        Size/MD5 checksum: 14392520 cc51caf6cedda77521b7ee9065478392
        Size/MD5 checksum:   288014 c4834561b492ff42175353c524e0cbd1
        Size/MD5 checksum:    58340 7c463341e612b3159e0032aaf62ab5e1
        Size/MD5 checksum: 16477446 5829e6f2dce15ae1f3f74ca4d4180847
        Size/MD5 checksum:   291792 74558945d364674729b71b4d2598d1c8
        Size/MD5 checksum:  1304666 d9f7fb52fe8d29a9880ebc697eaae90f
        Size/MD5 checksum:  3239372 a7e8ba983a1e45176d33b86871e3940e
        Size/MD5 checksum:  3117812 36cc1af70a13016e79224a3f90981ac8
        Size/MD5 checksum:  1332688 a1c7f6d7435eaeb22c4e7097611602e5
        Size/MD5 checksum:   278926 cf2ec90e9c683c7c5904e76145b2b562
        Size/MD5 checksum:  3231506 8e9ff0b708e2e616072f569f0682fa11
        Size/MD5 checksum: 16604666 4d7eb157fa109072d21ec472bbbb46f1
        Size/MD5 checksum:   280110 d34163dab810a30572c7c1a29b9efdb6
        Size/MD5 checksum:    58326 bd8f5323a48ba297f6f404a4f26fd864
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:    58254 d64ce41c696ae0af6e65348111b0e1c2
        Size/MD5 checksum:    58276 509dcd2833bd560ed6dccffc0a448593
        Size/MD5 checksum:   259696 9e187526ddd2342af180682ab502f302
        Size/MD5 checksum:   259718 b670f97d9bd044492111b7698ed228c3
        Size/MD5 checksum: 28023040 9c2dbc349ec7702f781f978f27987da9
        Size/MD5 checksum:  3087206 3638b390791d5053b67b060e6a124866
        Size/MD5 checksum: 28194506 228765e996a15ef56fc2cb94e74abeeb
    powerpc architecture (PowerPC)
        Size/MD5 checksum:  3462292 f3f1c68ba029943c6054421c1ba23059
        Size/MD5 checksum:   261230 26a45e4c0a77f21af0e5a6ffb0dc2b63
        Size/MD5 checksum:    58266 f717cc289546c2037e4ca18aa630ceb9
        Size/MD5 checksum:  3486460 4c5d5df532d84da56f78e47ce6262d60
        Size/MD5 checksum:   262664 e499f6e0e4278f5d4263c9a952877624
        Size/MD5 checksum:   263770 d12d5f3fce934b3db4dd29d5349d84a4
        Size/MD5 checksum: 15240084 96adc4183855af04aaeca7db1d37a27e
        Size/MD5 checksum: 17113852 9db05c81e32ef07f342eb54374c6ac6e
        Size/MD5 checksum: 16727566 dfbc08d63a91ba7bef73dfca238559f7
        Size/MD5 checksum: 16506028 0f65a31aecb306f281348ad410174926
        Size/MD5 checksum: 17068826 bc0941830a8d7369abaf876837a0c81e
        Size/MD5 checksum:   262882 d5d2a01011e0a9efea7a7b2c0cbacc41
        Size/MD5 checksum: 18433752 23a6d8183e781a43469daf3cd7769fcb
        Size/MD5 checksum:   237826 90097f02a1ed0a29b81fe3bc64259696
        Size/MD5 checksum:    58312 6330638237601d3ea55b2a80d1c54540
        Size/MD5 checksum: 18384182 18eabc40e998896c8f77243e84f99458
        Size/MD5 checksum:   254332 4ac0852bf3ba527f890f828ecd749284
        Size/MD5 checksum:   262220 a5ee6d47da04555615ad2bab7f646b13
    s390 architecture (IBM S/390)
        Size/MD5 checksum:   148246 96f1a25db3b6aa699af3ad7185a96bd2
        Size/MD5 checksum:   149402 44a4ec702fc2410f733aabe494c0f4e4
        Size/MD5 checksum:   148624 78919a54c4a93dbf395369a106c76b5b
        Size/MD5 checksum:    58276 133b1b15cca9cb34e07eae4f3ec4a3db
        Size/MD5 checksum:  5410288 dd1b3737c133081f4b512c2a1ecb1cf6
        Size/MD5 checksum:  5626808 5b7dc2c64fac5988d6070a1cddeb19f3
        Size/MD5 checksum:  5672368 f31471a55f12bb17eade213d7672cb80
        Size/MD5 checksum:  2971470 e546925e4309b61b6b598de04b6a1e5a
        Size/MD5 checksum:  1445974 f80e8929c0406cbae86ba2bdf6c611e2
        Size/MD5 checksum:    58256 3c413237e42a72c9b70f58cb65278ce9
        Size/MD5 checksum:  2948300 f57e56f38edd5977cf95012c373f9519
      These changes will probably be included in the oldstable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"3","type":"x","order":"1","pct":75,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"1","type":"x","order":"2","pct":25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.