Linux Security
Linux Security
Linux Security

Debian: DSA-2053-1: New Linux 2.6.26 packages fix several issues

Date 25 May 2010
Posted By LinuxSecurity Advisories
CVE-2009-4537 Fabian Yamaguchi reported a missing check for Ethernet frames larger than the MTU in the r8169 driver. This may allow users on the local
Hash: SHA1

- ----------------------------------------------------------------------
Debian Security Advisory DSA-2053-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           dann frazier
May 25, 2010              
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service/information leak
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2009-4537 CVE-2010-0727 CVE-2010-1083 CVE-2010-1084
                 CVE-2010-1086 CVE-2010-1087 CVE-2010-1088 CVE-2010-1162
                 CVE-2010-1173 CVE-2010-1187 CVE-2010-1437 CVE-2010-1446
Debian Bug(s)  : 573071
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:


    Fabian Yamaguchi reported a missing check for Ethernet frames larger
    than the MTU in the r8169 driver. This may allow users on the local
    network to crash a system, resulting in a denial of service.


    Sachin Prabhu reported an issue in the GFS2 filesystem. Local users
    can trigger a BUG() altering the permissions on a locked file,
    resulting in a denial of service.


    Linus Torvalds reported an issue in the USB subsystem, which may allow
    local users to obtain portions of sensitive kernel memory.


    Neil Brown reported an issue in the Bluetooth subsystem that may
    permit remote attackers to overwrite memory through the creation
    of large numbers of sockets, resulting in a denial of service.


    Ang Way Chuang reported an issue in the DVB subsystem for Digital
    TV adapters. By creating a specially-encoded MPEG2-TS frame, a remote
    attacker could cause the receiver to enter an endless loop, resulting
    in a denial of service.


    Trond Myklebust reported an issue in the NFS filesystem. A local
    user may cause an oops by sending a fatal signal during a file
    truncation operation, resulting in a denial of service.


    Al Viro reported an issue where automount symlinks may not
    be followed when LOOKUP_FOLLOW is not set. This has an unknown
    security impact.


    Catalin Marinas reported an issue in the tty subsystem that allows
    local attackers to cause a kernel memory leak, possibly resulting
    in a denial of service.


    Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from
    Codenomicon Ltd reported an issue in the SCTP subsystem that allows
    a remote attacker to cause a denial of service using a malformed init


    Neil Hormon reported an issue in the TIPC subsystem. Local users can
    cause a denial of service by way of a NULL pointer dereference by
    sending datagrams through AF_TIPC before entering network mode.


    Toshiyuki Okajima reported a race condition in the keyring subsystem.
    Local users can cause memory corruption via keyctl commands that
    access a keyring in the process of being deleted, resulting in a
    denial of service.


    Wufei reported an issue with kgdb on the PowerPC architecture,
    allowing local users to write to kernel memory. Note: this issue
    does not affect binary kernels provided by Debian. The fix is
    provided for the benefit of users who build their own kernels
    from Debian source.


    Brad Spengler reported an issue on the SPARC architecture that allows
    local users to execute non-executable pages.

This update also includes fixes a regression introduced by a previous
update. See the referenced Debian bug page for details.

For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-22lenny1.

We recommend that you upgrade your linux-2.6 and user-mode-linux

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update:

                                             Debian 5.0 (lenny)
     user-mode-linux                         2.6.26-1um-2+22lenny1

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
    Size/MD5 checksum:     5778 713b8a3f2bc10816264a81c0a9eb7860
    Size/MD5 checksum:  7894925 86ecf2ca8808aea84b0af06317616a6c

Architecture independent packages:
    Size/MD5 checksum:   126228 be9c5c392a1ab0cf0a297063abf983f6
    Size/MD5 checksum:  1764832 b0d63ac0b12a0679867b8b53bf4c3a54
    Size/MD5 checksum:  2871892 c5c0e0d8ea193812566f9481e6ca8440
    Size/MD5 checksum: 48764508 9a203c801fd068d282d1cbb11fbab68f
    Size/MD5 checksum:  4627886 fe792ad0bcf2c9f8ac4bb496e9885a20
    Size/MD5 checksum:   110906 6ef2c4468e55570a3e571021299d4760

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   374304 046703c72d1bf6bcc81cb462e0f4d7ec
    Size/MD5 checksum:   372708 a6922d1de2035d2745d5ad56a6e38eb9
    Size/MD5 checksum: 28676342 687312e7cdf46a79c7c4b974cbe5b542
    Size/MD5 checksum:  3620318 4c7448f11e8a63ddec95b7ddaf6e9c02
    Size/MD5 checksum: 29374588 452a568c8f74d69e3b7ba6e1685d4863
    Size/MD5 checksum:   373176 fbda1e3fb70a213ee26ab4e0a5af16a7
    Size/MD5 checksum:   110428 82fc153ba577607964e55ce0d5eba8a8
    Size/MD5 checksum:   110404 9e24c63932b52a18206f951f18438a90
    Size/MD5 checksum:   760714 dbef4d63df60be4c54e5a8999b2f1203
    Size/MD5 checksum: 28661322 db654cfdd26ec48b75fbf73bae54d15b

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   391290 529d0af88248eeb9db6c720147c3c9c9
    Size/MD5 checksum:  1809098 2119049dd7757d1a7aa9b0cb6d65a4e6
    Size/MD5 checksum:   753158 c06cd160c023755232e79c187b20a98e
    Size/MD5 checksum:   391970 7e2145ea394dcbd739307b7cff343ffc
    Size/MD5 checksum:   387348 d76eb180fa81f742ee87d9524f3bc5a3
    Size/MD5 checksum: 20949852 a3c0bd81f9f9cc96d2e42521fb963fb9
    Size/MD5 checksum:  3757248 db362b7459220059221418a2b1542659
    Size/MD5 checksum:   110338 19ec7c8ca6e51c0a93352a059f9d5df8
    Size/MD5 checksum: 19315990 c185e17d0ca1ed640106dbb828c919f8
    Size/MD5 checksum:   110374 0e703e2b4306ca1e68cc61460ef86686
    Size/MD5 checksum: 21102730 604476ba9a35fdb435b4409e5323cf89
    Size/MD5 checksum:  3724662 ae8fed857d819d7a3dd5b3085c367085
    Size/MD5 checksum:  3780338 a2cd8cdd414be8c412bd923576ccb456
    Size/MD5 checksum:  3856722 9621b8e802a4e482de1db03572b0f72d
    Size/MD5 checksum: 20931422 9d71c45188552af06abd5a04d62b7c84
    Size/MD5 checksum:   110350 acdbea58008fec881f380752f9fc3ea6
    Size/MD5 checksum:   397220 709b723fefd37764ab8bffb079eb312f

arm architecture (ARM)
    Size/MD5 checksum: 12494622 96304f7aa2bddb3ea2ef404afaa4a513
    Size/MD5 checksum:   352980 44e27ad26963a2c1dbed9240b28d7c5b
    Size/MD5 checksum: 10294730 8066047f7d15cd2f7a6c93018cfaae37
    Size/MD5 checksum:   369410 e26f28edccaeabf04dec8e4d2d8cc88f
    Size/MD5 checksum: 11443274 d9232ed2bbde0e851f72488a2eea831d
    Size/MD5 checksum:   110444 631821dedb019f48b3133246338f4521
    Size/MD5 checksum:   751260 027d7225ddd40e26f12a9c7c7cc17b55
    Size/MD5 checksum:  4140556 a36e76af416da97176639d34a6dd42a2
    Size/MD5 checksum:   368088 8388881b72ce56cef47cb61a51abfe8d
    Size/MD5 checksum: 11731284 cc6e8949fe66950db619eb2996332572
    Size/MD5 checksum:   110404 611a83d9ddb07104525d3ae7eca714b8
    Size/MD5 checksum:   364180 878a5bd8fa6419dd6efe6422c7a14cbc

armel architecture (ARM EABI)
    Size/MD5 checksum:   365700 0327b96ec1802e56c4ffee19ce1c9dc5
    Size/MD5 checksum:   368810 05ee76d995844fc8461223846ab41802
    Size/MD5 checksum:   110358 830c76ccdf7d7c99f3ea84e1e8bc962d
    Size/MD5 checksum: 11691670 0ecbec767291466b244fd83506f1e112
    Size/MD5 checksum:   110392 c64900dc9ec3812df164d47c006ecffe
    Size/MD5 checksum: 11399558 2d16b67f176b8223bd4dd33b90217a2e
    Size/MD5 checksum:   340088 3b6e8d8210d6e6e68eee6ddc2cab8f09
    Size/MD5 checksum:  4136736 42aebe2283d941bb7724daf03882914d
    Size/MD5 checksum: 12451186 f22b998fbdfa29023573bf9b6988dba9
    Size/MD5 checksum:   751906 d1d0480ba764b4ca3bdae8a651acd066
    Size/MD5 checksum:  9606938 569b72a642446ac1ffe4ed2aa13f50aa
    Size/MD5 checksum:   370546 a3f2c479e65c9ae3be17641001b33afc

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   302516 dd1800b19f0df391bd05658a0a7846c0
    Size/MD5 checksum:   110354 479a0788049f39e648e57a3c5007b993
    Size/MD5 checksum:  3598606 4429cb37eda685553dde7198e5b47fd5
    Size/MD5 checksum:   762928 fe2e02babc93f6bdcc16c8f7ad8a5a88
    Size/MD5 checksum:   301842 1e58cca757600c08424118ace4a50da5
    Size/MD5 checksum:   110374 9198f6103932b14d766b0e4c32110806
    Size/MD5 checksum:   301034 890ed76fde4dedddcb9db60f7ba0091d
    Size/MD5 checksum: 17127808 a2cffd928aa5e30ab9f1f30e41b9aed1
    Size/MD5 checksum: 17678124 53aa5bddb6f2af761a8bfcb1fef54d02
    Size/MD5 checksum: 15784596 c892e98e5ab6fcf6aa84aa5e5021309f
    Size/MD5 checksum: 16388546 0ce6b1186e64e745a0680088d2c9fcad
    Size/MD5 checksum:   303348 6991ba8c20ae638798fda57540014d30

i386 architecture (Intel ia32)
    Size/MD5 checksum:   399720 ee32214acdf697edca92068f2d64f8b3
    Size/MD5 checksum:   110450 191bb7f29ece9f8ea2f8cff03efae3cd
    Size/MD5 checksum:   398126 32ef574340b20e8f2c7465f2290a8c0b
    Size/MD5 checksum:   413242 a5f35b11ae06961132fd16e21d5b5337
    Size/MD5 checksum:   409820 586c33fc476019b08a3b75816d9bf520
    Size/MD5 checksum:   110392 3f9c02cb47bc1070b92358227e030768
    Size/MD5 checksum: 20530142 c8e9146e82955c0dda3bcabe8b7542ef
    Size/MD5 checksum: 20509696 98b0e600e9bca75f016f1c4878d9d8e7
    Size/MD5 checksum:   767274 369a4858f7dfa2560ec664a08fdbac42
    Size/MD5 checksum:  3865974 0510efa636bb1554f9a2c040c1ee6f19
    Size/MD5 checksum: 20409094 798b4bb9a4b8d81affc30dbc2f284cc3
    Size/MD5 checksum: 20679068 6b6c2a57037f510313311d76849a9b0a
    Size/MD5 checksum:  3807640 6b21b3346b8196f19ea59d16a2e7b8f4
    Size/MD5 checksum: 18198474 627d51edc59f86bd8dfe2e7a74a25723
    Size/MD5 checksum: 20381812 493e6acfd2d47e456d1471ef44dd18ba
    Size/MD5 checksum:  1596580 5f456e26e01a793881871f4d683b13b1
    Size/MD5 checksum:   417750 057786734b1771be73cea6c484a09cce
    Size/MD5 checksum:   410364 4f381b525756e6cf131be68398e58fe7
    Size/MD5 checksum:   110394 46fba74b6675f6df2057da14ba3931f9
    Size/MD5 checksum:   409858 99ce0b8165bd71e4b90745ad5a7577d1
    Size/MD5 checksum:  3947966 aabcdf68ca8c4d35d87ad2eecb569517
    Size/MD5 checksum: 20350468 fb0caa5f722a968820562223577a4e74
    Size/MD5 checksum: 21022322 befe070ada9e62a69c15f38c9f0e706a
    Size/MD5 checksum:  3842206 b5e7820e844761d65d8dbf0a4ea639e5
    Size/MD5 checksum:   411454 771b6960fbfd4658124eac3673e01e90

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   359186 d2391d9bdb5fe861abe5fbd0f9f2f989
    Size/MD5 checksum:  3659176 8df0d712004a67cafedb9b4926970368
    Size/MD5 checksum:   359256 18a5fda7c38b900462ea120ae04a3c98
    Size/MD5 checksum: 34440420 2eddbf5140a8dc8a4a74d4e11a77ea44
    Size/MD5 checksum:   751862 329f5ddfc14f4f6e63aa3834f7a927fe
    Size/MD5 checksum:  3691882 19f4f11bbad0443a7ae7153823bcc0e7
    Size/MD5 checksum:   359722 f3d89cc673ff0f2e5b7ff2e718ff44f1
    Size/MD5 checksum: 34252074 96729f987e7b7e02802b240da3a3293c
    Size/MD5 checksum: 34376386 f97af824a762b90b102d84f5c1bf65f8
    Size/MD5 checksum:   110350 9881f68b5f5446c4c773dc60d655a589
    Size/MD5 checksum: 34191126 c5412cb1277801d2a2488be36dc1ad0e
    Size/MD5 checksum:   110386 c1ddbef0eeae94731617e277b32018c6
    Size/MD5 checksum:   359654 cba07c82268fc13d6007ecf4be2c8508

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:   262068 31c1aadffe81551bef675f9bc91b6f1e
    Size/MD5 checksum: 29432478 38c75d466da039b9e2ac1c70898b50ae
    Size/MD5 checksum:   358936 9ec1ce1473362c253cf4dc7d2fd791f6
    Size/MD5 checksum:  3966442 111674b840698cede9cdf3ecec2d5e3b
    Size/MD5 checksum:   302384 7f9f26f809e46a4748158588402d7ace
    Size/MD5 checksum:   359360 d07b20a27666a8cb2c43f03eeb729c57
    Size/MD5 checksum:   285392 9d513d80efd66be3e9ba7fa929b13b5f
    Size/MD5 checksum:   303780 3a507cccd77e01f7449a8ff73a3e5f6f
    Size/MD5 checksum:   760156 80eaea319450a06fe9c2310bdff051e2
    Size/MD5 checksum: 23504896 f928208abb4eb3ade6185409df5fa417
    Size/MD5 checksum: 20252984 09ee52755ae4cf03ca082e8dbc977206
    Size/MD5 checksum: 20244176 3c568fce5cab57746ca1dc53c8fcc754
    Size/MD5 checksum:   110400 6676cd4c8df659937bac47ed0c08bf37
    Size/MD5 checksum:   110464 fcbbce5e6741f1a1ec4830dba9a8ee91
    Size/MD5 checksum: 11542616 0ead2243e1d4c2cb50760d97f9a6a2f7
    Size/MD5 checksum: 15769388 08c7a66b4f1a5c9bc9f8cc5683d5786f

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum: 19682018 7e665290822815634b1666523270919e
    Size/MD5 checksum:   110460 445931c0ad4fa00f8875f5cbaf9d83aa
    Size/MD5 checksum: 19667420 02ae9fef2fea1c4ccd667c73025039f9
    Size/MD5 checksum:   760930 064ffab1507d84791e943528662e4c86
    Size/MD5 checksum:   297650 4433daa21c6e697d8c1bb33355e14ee1
    Size/MD5 checksum:   359828 870a33c1aea0535ab0b25f3016aa9623
    Size/MD5 checksum: 23074870 998294807dde61335d413ecf50fdbf3b
    Size/MD5 checksum:  3967560 590a467f25e74daf442dfd54caaf104e
    Size/MD5 checksum:   303240 9620ba551b29adb6052e13f8277347c0
    Size/MD5 checksum:   302768 59fe05d578020afc8e1e8fe3fce3b41c
    Size/MD5 checksum: 28568828 86e20054979d1ffc56c24f5db73d044a
    Size/MD5 checksum:   110406 3a073335ba3488e55549b82e005fefda
    Size/MD5 checksum: 15056072 429c33859de62cdfaa86e809e8625bec
    Size/MD5 checksum:   359706 43272f2843e3b39735812c24aad332f5

powerpc architecture (PowerPC)
    Size/MD5 checksum:   110358 eb7bc8e6a28a6801bc7be5d22bf95a2f
    Size/MD5 checksum: 23581674 48797e6c39bef5a0fd120d973b541f07
    Size/MD5 checksum:   363808 c2c489e8798d50db73d709367e390113
    Size/MD5 checksum:   365378 a4c38de9a287a71e84d09d5474393d41
    Size/MD5 checksum:   110392 9dd420c73a4b0c7d55fe2372a439adfb
    Size/MD5 checksum: 23420066 5bf69b74154de2ae05db3280f2070b74
    Size/MD5 checksum:  3782640 31d483da8ccb87dbd7f75200515c8b3f
    Size/MD5 checksum: 23474914 42ba4ae5a23355aba50cb1a8c018a631
    Size/MD5 checksum:   366524 a3970adc5168a37d49f28c5ce4ca05ff
    Size/MD5 checksum:   746782 d0ef1631862e4130479ce4e3da0a6050
    Size/MD5 checksum:  3814900 2b936155fef59a231764ca014043b806
    Size/MD5 checksum:   370710 35281c3da9947c322b12a014adabbcad
    Size/MD5 checksum: 23159310 22caa95faeb5687d37e677b4e34503b6
    Size/MD5 checksum:   371066 9961d473b25000f7bb7a23bde2720323
    Size/MD5 checksum: 23557104 bd8ab7bd0594a795f34dac94ee24ffae

s390 architecture (IBM S/390)
    Size/MD5 checksum:   758022 786d9ca518b1a573caf38f5492104cc4
    Size/MD5 checksum:   238208 3155d20f0210f5fd9a2e27fc28165502
    Size/MD5 checksum:   236574 05d74c2012431ee9bdae90e172a82de0
    Size/MD5 checksum:   237136 7950ba3ebfc31e3cf6536b34eccaf684
    Size/MD5 checksum:  7828888 56510e3515975d5ed979a55fb0bb14b7
    Size/MD5 checksum:  1633146 654e757be4670f764a99049c7984aa98
    Size/MD5 checksum:  3633806 0c911d5a677f4fdb22f44cf617cd8374
    Size/MD5 checksum:  7534830 da50ed9bfd6846d2ab2ced362b19ab4e
    Size/MD5 checksum:  7889984 06c9c7d89731808d7e376986cc472843
    Size/MD5 checksum:   110394 68dd1fe380aa0c9ba6caa84f934569fd
    Size/MD5 checksum:   110416 c1d7fd64b9efab8228f305d5474de5d1
    Size/MD5 checksum:  3598560 f63cbef687984b543d1152e013bc95fe

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum: 14291528 b0e802720e53cb53650b8a2d75d1588d
    Size/MD5 checksum:   304718 aa3ebf9c5e7cde5fc11513c27b4396d0
    Size/MD5 checksum:   110370 d746af2e449aaf644370d7b88a03cf2d
    Size/MD5 checksum: 14631258 b056f4f2245e4e2da6ef8e7549224226
    Size/MD5 checksum: 14611896 ad3108a56bbacf863b4f18521275887c
    Size/MD5 checksum:   800838 114ac1590a19b405fcacfb06ee36e55a
    Size/MD5 checksum:  3820700 fff1d7baf26f32217a8100ca14875708
    Size/MD5 checksum:   110352 02deff17df2e96a0ed208d786bdf9315
    Size/MD5 checksum:  3785870 518b0d1f9d0d13adce8d6707726031ab
    Size/MD5 checksum:   302894 c9354f7c9769be34b6356e0d042a294e
    Size/MD5 checksum:   304918 228d8163856c2e8e261b0fd086475d68

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"69","type":"x","order":"1","pct":75.82,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"14","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"181","title":"Hardly ever","votes":"8","type":"x","order":"3","pct":8.79,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.