Linux Security
Linux Security
Linux Security

Debian: DSA-2003-1: New Linux 2.6.18 packages fix several vulnerabilities

Date 22 Feb 2010
Posted By LinuxSecurity Advisories
NOTE: This kernel update marks the final planned kernel security update for the 2.6.18 kernel in the Debian release 'etch'. Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-2003-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           Dann Frazier
February 22, 2010         
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2009-3080 CVE-2009-3726 CVE-2009-4005 CVE-2009-4020
                 CVE-2009-4021 CVE-2009-4536 CVE-2010-0007 CVE-2010-0410
                 CVE-2010-0415 CVE-2010-0622

NOTE: This kernel update marks the final planned kernel security
update for the 2.6.18 kernel in the Debian release 'etch'.
Although security support for 'etch' officially ended on
Feburary 15th, 2010, this update was already in preparation
before that date.  A final update that includes fixes for these
issues in the 2.6.24 kernel is also in preparation and will be
released shortly.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following


    Dave Jones reported an issue in the gdth SCSI driver. A missing
    check for negative offsets in an ioctl call could be exploited by
    local users to create a denial of service or potentially gain
    elevated privileges.


    Trond Myklebust reported an issue where a malicious NFS server
    could cause a denial of service condition on its clients by
    returning incorrect attributes during an open call.


    Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
    driver for Colognechip HFC-S USB chip. A potential read overflow
    exists which may allow remote users to cause a denial of service
    condition (oops).


    Amerigo Wang discovered an issue in the HFS filesystem that would
    allow a denial of service by a local user who has sufficient
    privileges to mount a specially crafted filesystem.

    Anana V. Avati discovered an issue in the fuse subsystem. If the
    system is sufficiently low on memory, a local user can cause the
    kernel to dereference an invalid pointer resulting in a denial of
    service (oops) and potentially an escalation of privileges.


    Fabian Yamaguchi reported an issue in the e1000 driver for Intel
    gigabit network adapters which allow remote users to bypass packet
    filters using specially crafted ethernet frames.


    Florian Westphal reported a lack of capability checking in the
    ebtables netfilter subsystem. If the ebtables module is loaded,
    local users can add and modify ebtables rules.


     Sebastian Krahmer discovered an issue in the netlink connector
     subsystem that permits local users to allocate large amounts of
     system memory resulting in a denial of service (out of memory).


    Ramon de Carvalho Valle discovered an issue in the sys_move_pages
    interface, limited to amd64, ia64 and powerpc64 flavors in Debian.
    Local users can exploit this issue to cause a denial of service
    (system crash) or gain access to sensitive kernel memory.


    Jermome Marchand reported an issue in the futex subsystem that
    allows a local user to force an invalid futex state which results
    in a denial of service (oops).

This update also fixes a regression introduced by a previous security
update that caused problems booting on certain s390 systems.

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch2.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

                                             Debian 4.0 (etch)
     fai-kernels                             1.17+etch.26etch2
     user-mode-linux                         2.6.18-1um-2etch.26etch2

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
    Size/MD5 checksum:  5524814 7d130709d4e511e7e4656da2451f1f87
    Size/MD5 checksum:     5673 571c1ffbdbfe1681087e1298fdfca95d

Architecture independent packages:
    Size/MD5 checksum:  3593424 693c92052b3593129ff2eaab0b4e1e30
    Size/MD5 checksum:    59218 c88b14065b28f990826bee042ad7d815
    Size/MD5 checksum:  3721138 b3c6b7e7cd57832097fbb8623dea8e74
    Size/MD5 checksum:  1867420 4bba6a0ecce93a9ed767e1eac85c9b22
    Size/MD5 checksum: 41471202 a194dff960abdc394759617b1cec833b
    Size/MD5 checksum:  1092796 93a2c28e51d0107c132042502ca421ca

alpha architecture (DEC Alpha)
    Size/MD5 checksum:    58590 3e7ce57fb1666206bef232d2dae61e0c
    Size/MD5 checksum:    58618 1418421d5bb7ed3c777e715d521cfc94
    Size/MD5 checksum:   269964 d6f60e56d88e7bc6e747f11f3a092be8
    Size/MD5 checksum: 23467854 890dcfb45d5c294782cfba481ba28cf8
    Size/MD5 checksum: 23486146 cf5f492de0d3b95c104688af41507f0d
    Size/MD5 checksum:   271438 377e64344139093fdd953be06a52b4fb
    Size/MD5 checksum:  3056666 4d4c20a663961a9876c3d394ec2be2df
    Size/MD5 checksum:   269088 9fab01f5a024c1565de5bf56bf1ae5f1
    Size/MD5 checksum: 23840840 423eeb0a1a176f9aa7dacc8d31fc662d
    Size/MD5 checksum:  3032594 d4985e6b8053cc3db8c0c7f9c3f408ff
    Size/MD5 checksum: 23545602 ef92253acd09d2912a37f5269d22d249
    Size/MD5 checksum:   269528 39e457bf1e855949511ec2e72af742bd

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum: 16868252 ee80d06b63146a8ce3eb9b3e1308b035
    Size/MD5 checksum:    58562 2fd76c2ea505f03467cb8b10a128e68d
    Size/MD5 checksum: 16821598 403b0975de890cb54ffa78723b885413
    Size/MD5 checksum:  3339518 efbea954d3dba3b14ed4a946aa07eb5d
    Size/MD5 checksum:   276768 729c58b0e6fe7370ef560b6473d8cc7b
    Size/MD5 checksum:  3362482 6144288edd4b3323467754247c548462
    Size/MD5 checksum: 15265034 e62db0183d0a20364689ae1e299eda8d
    Size/MD5 checksum:  3196466 040fc42bf648b266e20fd2167c8fddeb
    Size/MD5 checksum:    58588 1f5469f32baeb0c254734844683639de
    Size/MD5 checksum:   276144 9894a87be9f8f246d588f9d2f13edd65
    Size/MD5 checksum:   275988 6ba8cee4ae3a1e97f1f119de3c00cc27
    Size/MD5 checksum:  1656540 34136f91c651f85b68a968dc2a92fe21
    Size/MD5 checksum:    58614 532d4522c684b11a301aad882c2de18a
    Size/MD5 checksum: 15278248 d9743b0ad844642939e4b59f1ac4882d
    Size/MD5 checksum:   276280 0b696cbf9c223280dac38b74fcd929eb
    Size/MD5 checksum:    58576 37dda62cbf5e937dc9c18f142e4f2766
    Size/MD5 checksum:  1688578 d6d9b304ac68e159074548a1235ef202
    Size/MD5 checksum:  3173510 207be7a723806f298077014137426b51

arm architecture (ARM)
    Size/MD5 checksum:  3416842 1c1859099a68d2e9e80dbe346153061f
    Size/MD5 checksum:    58710 ec9b95dbc1df3b482fe6c4fe9fafa8a5
    Size/MD5 checksum:  5020934 94f451055d316f633bc2db3f2c62ff03
    Size/MD5 checksum:   242960 756c6f690fd001b7a9bbafed3b86d06b
    Size/MD5 checksum:    58666 b57304c2fc4d79702421ec17a7bb5ad7
    Size/MD5 checksum:  8878884 3e088eb4497996943f628eea68117281
    Size/MD5 checksum:   238046 50e7ca22a4518d6a26e43a4118117bc5
    Size/MD5 checksum:  7578534 67ecffb68bc3b622b18841eb3aa19ce1
    Size/MD5 checksum:   208064 70108064c38c883663bc03a6db12bc27
    Size/MD5 checksum:  7935286 2f8b5346acd0200686e9099cd52583b0
    Size/MD5 checksum:   203128 753f35c3648efbc9afa7a0891ddafbff
    Size/MD5 checksum:  4593036 3cb807ec55fd4b0ef9a0b37789fb1bc9
    Size/MD5 checksum:   238382 f84017f283186f036bc99a1ab5f165fb

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   203384 e7878c82df62eb0317c3e7e755f73ec0
    Size/MD5 checksum: 11004160 8eb8f762e0b7c9a716dea4486fec88f4
    Size/MD5 checksum:   202658 60c16e7d024108d544cefaf10c051c22
    Size/MD5 checksum:    58664 c383ca0f103b14998d277f50991df63e
    Size/MD5 checksum: 10562766 c8737f075273047316ce0db86c0da0a7
    Size/MD5 checksum:   201312 ca2bec6ed4dbdd849ba328926f6028b5
    Size/MD5 checksum: 11404158 ceefbede0cc30b42067f670813655463
    Size/MD5 checksum:   202646 9a8f530a9cbb7bf2ecbb1489c9227453
    Size/MD5 checksum: 11813688 4ce5c7173dfe01a8ce81fc00cb859235
    Size/MD5 checksum:  3026784 0743461ea063011192d1012d16879ec5
    Size/MD5 checksum:    58696 98e347f8d87e4e7b6660fc0cd85c08a1

i386 architecture (Intel ia32)
    Size/MD5 checksum:   284334 61e1f8473bdc4856e2634ff293672fd6
    Size/MD5 checksum:    58560 2ed5fe8d175457d93a319bc7ee952a9d
    Size/MD5 checksum:  3154278 619618aa8706f4367ac08063c1b9f4c7
    Size/MD5 checksum: 14295894 4d5f25608fec1620e4e794e1a8e52668
    Size/MD5 checksum:  3059602 7e53208a8a34c086c63e88186da83e95
    Size/MD5 checksum: 16516800 a66c25ce2fd838ddd1e66e2b49f962f5
    Size/MD5 checksum: 16840132 3d86df2706e3c7dd6bbdaf7a701f56af
    Size/MD5 checksum: 16195826 09fcc72dcdc03d855f10ecc4445a09e9
    Size/MD5 checksum:    58634 2861ac39f4daceddd382564c394b46e9
    Size/MD5 checksum: 14284500 40549f308e8d0606ec9318a198493a9e
    Size/MD5 checksum:    58570 f9304d56dbf44420e1c2fbf8747b4e38
    Size/MD5 checksum:   283676 e7d133a5ad5929609999975303ff5bb6
    Size/MD5 checksum: 16384538 d8970b85a23a9c78c019a6378c710bf7
    Size/MD5 checksum:  1304900 41b08f00ef96eb35a7dff09a0a731849
    Size/MD5 checksum: 16414450 43d891947b3e939699d2a86039df3d4e
    Size/MD5 checksum: 16343498 dbf74416f24e2335d88e3222e57154fa
    Size/MD5 checksum:   286570 efccf0d5a72f36d0c5db24645dc4123b
    Size/MD5 checksum: 16479532 df92eac7772f1f3de60a25e08aa00607
    Size/MD5 checksum:   284486 ea1fec578c1e693b504dac67ff40c769
    Size/MD5 checksum:  1333122 c62950e99d052efd58fe619a14953bc7
    Size/MD5 checksum:   275310 7e75b3fd69c50dc1cb6851416aa641ab
    Size/MD5 checksum:   284610 05ae2f640f9472bd954f35ec27f5aa37
    Size/MD5 checksum:  3173726 657e1290db9a855c4a8fa78a7c776d50
    Size/MD5 checksum:   282966 8c264f1eb67132f217b93809a7a673f7
    Size/MD5 checksum:   276942 3b13c5cebc124fef10b71672cf92ceb6
    Size/MD5 checksum:  3175958 f9fad639ddb47a449e48d70fd0bcad0d
    Size/MD5 checksum:    58582 d1f5a549c0a4e21863e764a84285479c
    Size/MD5 checksum:   277270 98ddf34ccebd116947d898b600e006ab

ia64 architecture (Intel ia64)
    Size/MD5 checksum: 28021328 c9d8cb38c61deb990571bd39fe1acd46
    Size/MD5 checksum:    58600 1e548e1b36f15d958e88de5611a834a2
    Size/MD5 checksum: 28191294 53ce5ebc7b9fe527e289015d24796b9d
    Size/MD5 checksum:  3087232 746e4dcb06ab898fde2c4e17296904ea
    Size/MD5 checksum:   259982 6a70f88fefb8333ce3a3bd7bc581c2b6
    Size/MD5 checksum:    58582 12cd8745267a18f27142e11823fbf2e1
    Size/MD5 checksum:   260056 bc3d28b3d93e7b439c9cbe391fa039ca

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:  3354708 68d0f60e3e4abce8ba788bf97bc30d3d
    Size/MD5 checksum:  6100096 804c036f65374e446941633cd60fd365
    Size/MD5 checksum:  8293296 f8ea6cbd2dbaf581e77d044e07ff84dd
    Size/MD5 checksum: 15657604 cd1c3f7523af39875d482966f6655c2f
    Size/MD5 checksum:  9058206 57534c2f6c516d95c737441d33f91558
    Size/MD5 checksum:    58630 3bb00a2094611ea579316edcf6078d2d
    Size/MD5 checksum: 15631492 8eb8324f58111276dbe1f5c96658ef7a
    Size/MD5 checksum:   187446 9ce4f17a356822abe0166b67bc83819d
    Size/MD5 checksum:    58582 dd4ca39eb0c937be019022ca12948170
    Size/MD5 checksum:   187504 6169c0c0dd8ac90b7a5821e71ef4bf17
    Size/MD5 checksum:   168428 9b37fdb1d7392d85421d03d31513d10f
    Size/MD5 checksum:   155222 01d8f12c1942c324747e0af05706c047
    Size/MD5 checksum:   164106 4202f694909673ed4fa87337a20c8e49

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   183268 ff589a4f430342423e559b8195b24f44
    Size/MD5 checksum:  6038950 faf77d2286820d59138dd6df3bd6af8e
    Size/MD5 checksum:  3355120 56461da76c60c11873499979e0f96428
    Size/MD5 checksum: 15075354 c90ebd12ee2dd430f8ab29adec40a5ef
    Size/MD5 checksum:   187132 3a8b31df1f3574d22c35213d441e35cf
    Size/MD5 checksum:   160392 a56adabb6755266b7b692412247b8d2e
    Size/MD5 checksum:   160394 b39c1d39e0c7e57ff3e9e3b1909b816e
    Size/MD5 checksum:    58644 b9c4b4ad568daf525350e99b85c6702f
    Size/MD5 checksum:   155250 c64112aaa2cbe96dfed1151fe6ed0948
    Size/MD5 checksum:  5931232 50039a459ebe81b46366daeb38629a71
    Size/MD5 checksum: 15045872 5d308ac045224c2f624c6e6d2616f599
    Size/MD5 checksum:  9865546 c19edb54536bc2632c3053914431c81d
    Size/MD5 checksum:   187352 ed1f956103380416f54f85265c08178a
    Size/MD5 checksum:  5952110 83be5714ffb5476521757e7533f6d77c
    Size/MD5 checksum:    58584 6976c9ecda249ed27b3526cd3c924709

powerpc architecture (PowerPC)
    Size/MD5 checksum:   261512 4d64c4021de872510638af4984efe8e3
    Size/MD5 checksum:   254974 13836ff4f4982359427a4807a3ff022c
    Size/MD5 checksum:   262228 19dcb574223e9520ada14a5e5239167e
    Size/MD5 checksum:  3463224 630cae3ab63eeaa3138eed1f690a7bcf
    Size/MD5 checksum:   261766 8d051586c13f4814f2f94475664c42b8
    Size/MD5 checksum: 16734852 df517679b15edf552ab7cae3bf9f4892
    Size/MD5 checksum: 15239458 5e56cbb80b43a8e8faedeb3b5ea3e30e
    Size/MD5 checksum:  3487960 24133361811daa6c3b722ae0d86cac17
    Size/MD5 checksum:    58660 6a8fbd00343a006657202af81e50d871
    Size/MD5 checksum:   261070 cfd8546dbaf739a7beb646c03a134ba0
    Size/MD5 checksum: 16496624 7b3072914553a8a3ebbb6e54fd28da75
    Size/MD5 checksum: 17066970 769cbf7696109bad94c4cda4d5c4aed1
    Size/MD5 checksum:   238728 1bb13cb18575c15c765450f61df97d7a
    Size/MD5 checksum: 18439946 6d07322dadbaeb6a9e38f4b69cfe6111
    Size/MD5 checksum:    58712 a264e42a469309dfd652824bb552df29
    Size/MD5 checksum: 17112002 a31f7eb37d3578dd6e8896b2a7307f56
    Size/MD5 checksum:   260410 e00847063d61e74b95ceaf8e5ccbd82d
    Size/MD5 checksum: 18387816 db567e0c6f6669ab6df80d4bbe070322

s390 architecture (IBM S/390)
    Size/MD5 checksum:  5650084 dcaa497cc7887ba3c5b8ce1728a8eccf
    Size/MD5 checksum:    58654 ba9f5dc205b5b55fbe5b8f03c9bc4e79
    Size/MD5 checksum:  3026856 fce3173ca8b7f64459c0fe706e5db38c
    Size/MD5 checksum:  5693838 2692c97a1fe5909f3aaec9ae37934cf3
    Size/MD5 checksum:  3003004 d516edcec41227c3b2d75b4ff1f41f61
    Size/MD5 checksum:  1446932 fae05aaf337ec910c31e74a82dd6e435
    Size/MD5 checksum:  5431786 22e14eae43a00baf80bc294aeb2f50a3
    Size/MD5 checksum:   151832 14b9a747078e738e1969119e2ac47e9b
    Size/MD5 checksum:   150652 ea19921c950df1596a0a13565cb54a60
    Size/MD5 checksum:    58682 180f34f0fdf6735c238192345d93b8da
    Size/MD5 checksum:   150868 cab6364d7593189a52fef18a4ce79d00

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   206692 12e23364149f1ddad43d2be4175d3905
    Size/MD5 checksum: 10693316 68d0ebf276378b8079935634d6a46469
    Size/MD5 checksum:   173954 34b8f651525dab30bdd2119be8e8a591
    Size/MD5 checksum:    58586 4b5dec560b473bc07f4f2a4ca738a81c
    Size/MD5 checksum:    58610 89ad8500983bc90ccc8ace61afe40acd
    Size/MD5 checksum: 10429006 910069b29aa54cf83a903691e7066f02
    Size/MD5 checksum:  6450644 e6225a5766b28073d83f0167f543daff
    Size/MD5 checksum: 10743470 968ffa0488f59aff985023b55873f36d
    Size/MD5 checksum:  3227902 43015e055532dac26cca8c6c0181c0bb
    Size/MD5 checksum:   207262 5a82874112183cf0214b925afdd3aa2f
    Size/MD5 checksum:   205768 bf4dcbfb68be2800a8494474325a742d
    Size/MD5 checksum:  3251856 330c10163d371c6ecbcce2f35435aaf1

  These changes will probably be included in the oldstable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"41","type":"x","order":"1","pct":83.67,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"4","type":"x","order":"2","pct":8.16,"resources":[]},{"id":"181","title":"Hardly ever","votes":"4","type":"x","order":"3","pct":8.16,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.