Debian: DSA-2053-1: New Linux 2.6.26 packages fix several issues

    Date 25 May 2010
    Posted By LinuxSecurity Advisories
    CVE-2009-4537 Fabian Yamaguchi reported a missing check for Ethernet frames larger than the MTU in the r8169 driver. This may allow users on the local
    Hash: SHA1
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-2053-1                This email address is being protected from spambots. You need JavaScript enabled to view it.                           dann frazier
    May 25, 2010              
    - ----------------------------------------------------------------------
    Package        : linux-2.6
    Vulnerability  : privilege escalation/denial of service/information leak
    Problem type   : local
    Debian-specific: no
    CVE Id(s)      : CVE-2009-4537 CVE-2010-0727 CVE-2010-1083 CVE-2010-1084
                     CVE-2010-1086 CVE-2010-1087 CVE-2010-1088 CVE-2010-1162
                     CVE-2010-1173 CVE-2010-1187 CVE-2010-1437 CVE-2010-1446
    Debian Bug(s)  : 573071
    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a denial of service or privilege escalation. The Common
    Vulnerabilities and Exposures project identifies the following problems:
        Fabian Yamaguchi reported a missing check for Ethernet frames larger
        than the MTU in the r8169 driver. This may allow users on the local
        network to crash a system, resulting in a denial of service.
        Sachin Prabhu reported an issue in the GFS2 filesystem. Local users
        can trigger a BUG() altering the permissions on a locked file,
        resulting in a denial of service.
        Linus Torvalds reported an issue in the USB subsystem, which may allow
        local users to obtain portions of sensitive kernel memory.
        Neil Brown reported an issue in the Bluetooth subsystem that may
        permit remote attackers to overwrite memory through the creation
        of large numbers of sockets, resulting in a denial of service.
        Ang Way Chuang reported an issue in the DVB subsystem for Digital
        TV adapters. By creating a specially-encoded MPEG2-TS frame, a remote
        attacker could cause the receiver to enter an endless loop, resulting
        in a denial of service.
        Trond Myklebust reported an issue in the NFS filesystem. A local
        user may cause an oops by sending a fatal signal during a file
        truncation operation, resulting in a denial of service.
        Al Viro reported an issue where automount symlinks may not
        be followed when LOOKUP_FOLLOW is not set. This has an unknown
        security impact.
        Catalin Marinas reported an issue in the tty subsystem that allows
        local attackers to cause a kernel memory leak, possibly resulting
        in a denial of service.
        Chris Guo from Nokia China and Jukka Taimisto and Olli Jarva from
        Codenomicon Ltd reported an issue in the SCTP subsystem that allows
        a remote attacker to cause a denial of service using a malformed init
        Neil Hormon reported an issue in the TIPC subsystem. Local users can
        cause a denial of service by way of a NULL pointer dereference by
        sending datagrams through AF_TIPC before entering network mode.
        Toshiyuki Okajima reported a race condition in the keyring subsystem.
        Local users can cause memory corruption via keyctl commands that
        access a keyring in the process of being deleted, resulting in a
        denial of service.
        Wufei reported an issue with kgdb on the PowerPC architecture,
        allowing local users to write to kernel memory. Note: this issue
        does not affect binary kernels provided by Debian. The fix is
        provided for the benefit of users who build their own kernels
        from Debian source.
        Brad Spengler reported an issue on the SPARC architecture that allows
        local users to execute non-executable pages.
    This update also includes fixes a regression introduced by a previous
    update. See the referenced Debian bug page for details.
    For the stable distribution (lenny), these problems have been fixed in
    version 2.6.26-22lenny1.
    We recommend that you upgrade your linux-2.6 and user-mode-linux
    The following matrix lists additional source packages that were
    rebuilt for compatibility with or to take advantage of this update:
                                                 Debian 5.0 (lenny)
         user-mode-linux                         2.6.26-1um-2+22lenny1
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 5.0 alias lenny
    - --------------------------------
    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    Source archives:
        Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
        Size/MD5 checksum:     5778 713b8a3f2bc10816264a81c0a9eb7860
        Size/MD5 checksum:  7894925 86ecf2ca8808aea84b0af06317616a6c
    Architecture independent packages:
        Size/MD5 checksum:   126228 be9c5c392a1ab0cf0a297063abf983f6
        Size/MD5 checksum:  1764832 b0d63ac0b12a0679867b8b53bf4c3a54
        Size/MD5 checksum:  2871892 c5c0e0d8ea193812566f9481e6ca8440
        Size/MD5 checksum: 48764508 9a203c801fd068d282d1cbb11fbab68f
        Size/MD5 checksum:  4627886 fe792ad0bcf2c9f8ac4bb496e9885a20
        Size/MD5 checksum:   110906 6ef2c4468e55570a3e571021299d4760
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   374304 046703c72d1bf6bcc81cb462e0f4d7ec
        Size/MD5 checksum:   372708 a6922d1de2035d2745d5ad56a6e38eb9
        Size/MD5 checksum: 28676342 687312e7cdf46a79c7c4b974cbe5b542
        Size/MD5 checksum:  3620318 4c7448f11e8a63ddec95b7ddaf6e9c02
        Size/MD5 checksum: 29374588 452a568c8f74d69e3b7ba6e1685d4863
        Size/MD5 checksum:   373176 fbda1e3fb70a213ee26ab4e0a5af16a7
        Size/MD5 checksum:   110428 82fc153ba577607964e55ce0d5eba8a8
        Size/MD5 checksum:   110404 9e24c63932b52a18206f951f18438a90
        Size/MD5 checksum:   760714 dbef4d63df60be4c54e5a8999b2f1203
        Size/MD5 checksum: 28661322 db654cfdd26ec48b75fbf73bae54d15b
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   391290 529d0af88248eeb9db6c720147c3c9c9
        Size/MD5 checksum:  1809098 2119049dd7757d1a7aa9b0cb6d65a4e6
        Size/MD5 checksum:   753158 c06cd160c023755232e79c187b20a98e
        Size/MD5 checksum:   391970 7e2145ea394dcbd739307b7cff343ffc
        Size/MD5 checksum:   387348 d76eb180fa81f742ee87d9524f3bc5a3
        Size/MD5 checksum: 20949852 a3c0bd81f9f9cc96d2e42521fb963fb9
        Size/MD5 checksum:  3757248 db362b7459220059221418a2b1542659
        Size/MD5 checksum:   110338 19ec7c8ca6e51c0a93352a059f9d5df8
        Size/MD5 checksum: 19315990 c185e17d0ca1ed640106dbb828c919f8
        Size/MD5 checksum:   110374 0e703e2b4306ca1e68cc61460ef86686
        Size/MD5 checksum: 21102730 604476ba9a35fdb435b4409e5323cf89
        Size/MD5 checksum:  3724662 ae8fed857d819d7a3dd5b3085c367085
        Size/MD5 checksum:  3780338 a2cd8cdd414be8c412bd923576ccb456
        Size/MD5 checksum:  3856722 9621b8e802a4e482de1db03572b0f72d
        Size/MD5 checksum: 20931422 9d71c45188552af06abd5a04d62b7c84
        Size/MD5 checksum:   110350 acdbea58008fec881f380752f9fc3ea6
        Size/MD5 checksum:   397220 709b723fefd37764ab8bffb079eb312f
    arm architecture (ARM)
        Size/MD5 checksum: 12494622 96304f7aa2bddb3ea2ef404afaa4a513
        Size/MD5 checksum:   352980 44e27ad26963a2c1dbed9240b28d7c5b
        Size/MD5 checksum: 10294730 8066047f7d15cd2f7a6c93018cfaae37
        Size/MD5 checksum:   369410 e26f28edccaeabf04dec8e4d2d8cc88f
        Size/MD5 checksum: 11443274 d9232ed2bbde0e851f72488a2eea831d
        Size/MD5 checksum:   110444 631821dedb019f48b3133246338f4521
        Size/MD5 checksum:   751260 027d7225ddd40e26f12a9c7c7cc17b55
        Size/MD5 checksum:  4140556 a36e76af416da97176639d34a6dd42a2
        Size/MD5 checksum:   368088 8388881b72ce56cef47cb61a51abfe8d
        Size/MD5 checksum: 11731284 cc6e8949fe66950db619eb2996332572
        Size/MD5 checksum:   110404 611a83d9ddb07104525d3ae7eca714b8
        Size/MD5 checksum:   364180 878a5bd8fa6419dd6efe6422c7a14cbc
    armel architecture (ARM EABI)
        Size/MD5 checksum:   365700 0327b96ec1802e56c4ffee19ce1c9dc5
        Size/MD5 checksum:   368810 05ee76d995844fc8461223846ab41802
        Size/MD5 checksum:   110358 830c76ccdf7d7c99f3ea84e1e8bc962d
        Size/MD5 checksum: 11691670 0ecbec767291466b244fd83506f1e112
        Size/MD5 checksum:   110392 c64900dc9ec3812df164d47c006ecffe
        Size/MD5 checksum: 11399558 2d16b67f176b8223bd4dd33b90217a2e
        Size/MD5 checksum:   340088 3b6e8d8210d6e6e68eee6ddc2cab8f09
        Size/MD5 checksum:  4136736 42aebe2283d941bb7724daf03882914d
        Size/MD5 checksum: 12451186 f22b998fbdfa29023573bf9b6988dba9
        Size/MD5 checksum:   751906 d1d0480ba764b4ca3bdae8a651acd066
        Size/MD5 checksum:  9606938 569b72a642446ac1ffe4ed2aa13f50aa
        Size/MD5 checksum:   370546 a3f2c479e65c9ae3be17641001b33afc
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   302516 dd1800b19f0df391bd05658a0a7846c0
        Size/MD5 checksum:   110354 479a0788049f39e648e57a3c5007b993
        Size/MD5 checksum:  3598606 4429cb37eda685553dde7198e5b47fd5
        Size/MD5 checksum:   762928 fe2e02babc93f6bdcc16c8f7ad8a5a88
        Size/MD5 checksum:   301842 1e58cca757600c08424118ace4a50da5
        Size/MD5 checksum:   110374 9198f6103932b14d766b0e4c32110806
        Size/MD5 checksum:   301034 890ed76fde4dedddcb9db60f7ba0091d
        Size/MD5 checksum: 17127808 a2cffd928aa5e30ab9f1f30e41b9aed1
        Size/MD5 checksum: 17678124 53aa5bddb6f2af761a8bfcb1fef54d02
        Size/MD5 checksum: 15784596 c892e98e5ab6fcf6aa84aa5e5021309f
        Size/MD5 checksum: 16388546 0ce6b1186e64e745a0680088d2c9fcad
        Size/MD5 checksum:   303348 6991ba8c20ae638798fda57540014d30
    i386 architecture (Intel ia32)
        Size/MD5 checksum:   399720 ee32214acdf697edca92068f2d64f8b3
        Size/MD5 checksum:   110450 191bb7f29ece9f8ea2f8cff03efae3cd
        Size/MD5 checksum:   398126 32ef574340b20e8f2c7465f2290a8c0b
        Size/MD5 checksum:   413242 a5f35b11ae06961132fd16e21d5b5337
        Size/MD5 checksum:   409820 586c33fc476019b08a3b75816d9bf520
        Size/MD5 checksum:   110392 3f9c02cb47bc1070b92358227e030768
        Size/MD5 checksum: 20530142 c8e9146e82955c0dda3bcabe8b7542ef
        Size/MD5 checksum: 20509696 98b0e600e9bca75f016f1c4878d9d8e7
        Size/MD5 checksum:   767274 369a4858f7dfa2560ec664a08fdbac42
        Size/MD5 checksum:  3865974 0510efa636bb1554f9a2c040c1ee6f19
        Size/MD5 checksum: 20409094 798b4bb9a4b8d81affc30dbc2f284cc3
        Size/MD5 checksum: 20679068 6b6c2a57037f510313311d76849a9b0a
        Size/MD5 checksum:  3807640 6b21b3346b8196f19ea59d16a2e7b8f4
        Size/MD5 checksum: 18198474 627d51edc59f86bd8dfe2e7a74a25723
        Size/MD5 checksum: 20381812 493e6acfd2d47e456d1471ef44dd18ba
        Size/MD5 checksum:  1596580 5f456e26e01a793881871f4d683b13b1
        Size/MD5 checksum:   417750 057786734b1771be73cea6c484a09cce
        Size/MD5 checksum:   410364 4f381b525756e6cf131be68398e58fe7
        Size/MD5 checksum:   110394 46fba74b6675f6df2057da14ba3931f9
        Size/MD5 checksum:   409858 99ce0b8165bd71e4b90745ad5a7577d1
        Size/MD5 checksum:  3947966 aabcdf68ca8c4d35d87ad2eecb569517
        Size/MD5 checksum: 20350468 fb0caa5f722a968820562223577a4e74
        Size/MD5 checksum: 21022322 befe070ada9e62a69c15f38c9f0e706a
        Size/MD5 checksum:  3842206 b5e7820e844761d65d8dbf0a4ea639e5
        Size/MD5 checksum:   411454 771b6960fbfd4658124eac3673e01e90
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:   359186 d2391d9bdb5fe861abe5fbd0f9f2f989
        Size/MD5 checksum:  3659176 8df0d712004a67cafedb9b4926970368
        Size/MD5 checksum:   359256 18a5fda7c38b900462ea120ae04a3c98
        Size/MD5 checksum: 34440420 2eddbf5140a8dc8a4a74d4e11a77ea44
        Size/MD5 checksum:   751862 329f5ddfc14f4f6e63aa3834f7a927fe
        Size/MD5 checksum:  3691882 19f4f11bbad0443a7ae7153823bcc0e7
        Size/MD5 checksum:   359722 f3d89cc673ff0f2e5b7ff2e718ff44f1
        Size/MD5 checksum: 34252074 96729f987e7b7e02802b240da3a3293c
        Size/MD5 checksum: 34376386 f97af824a762b90b102d84f5c1bf65f8
        Size/MD5 checksum:   110350 9881f68b5f5446c4c773dc60d655a589
        Size/MD5 checksum: 34191126 c5412cb1277801d2a2488be36dc1ad0e
        Size/MD5 checksum:   110386 c1ddbef0eeae94731617e277b32018c6
        Size/MD5 checksum:   359654 cba07c82268fc13d6007ecf4be2c8508
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum:   262068 31c1aadffe81551bef675f9bc91b6f1e
        Size/MD5 checksum: 29432478 38c75d466da039b9e2ac1c70898b50ae
        Size/MD5 checksum:   358936 9ec1ce1473362c253cf4dc7d2fd791f6
        Size/MD5 checksum:  3966442 111674b840698cede9cdf3ecec2d5e3b
        Size/MD5 checksum:   302384 7f9f26f809e46a4748158588402d7ace
        Size/MD5 checksum:   359360 d07b20a27666a8cb2c43f03eeb729c57
        Size/MD5 checksum:   285392 9d513d80efd66be3e9ba7fa929b13b5f
        Size/MD5 checksum:   303780 3a507cccd77e01f7449a8ff73a3e5f6f
        Size/MD5 checksum:   760156 80eaea319450a06fe9c2310bdff051e2
        Size/MD5 checksum: 23504896 f928208abb4eb3ade6185409df5fa417
        Size/MD5 checksum: 20252984 09ee52755ae4cf03ca082e8dbc977206
        Size/MD5 checksum: 20244176 3c568fce5cab57746ca1dc53c8fcc754
        Size/MD5 checksum:   110400 6676cd4c8df659937bac47ed0c08bf37
        Size/MD5 checksum:   110464 fcbbce5e6741f1a1ec4830dba9a8ee91
        Size/MD5 checksum: 11542616 0ead2243e1d4c2cb50760d97f9a6a2f7
        Size/MD5 checksum: 15769388 08c7a66b4f1a5c9bc9f8cc5683d5786f
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum: 19682018 7e665290822815634b1666523270919e
        Size/MD5 checksum:   110460 445931c0ad4fa00f8875f5cbaf9d83aa
        Size/MD5 checksum: 19667420 02ae9fef2fea1c4ccd667c73025039f9
        Size/MD5 checksum:   760930 064ffab1507d84791e943528662e4c86
        Size/MD5 checksum:   297650 4433daa21c6e697d8c1bb33355e14ee1
        Size/MD5 checksum:   359828 870a33c1aea0535ab0b25f3016aa9623
        Size/MD5 checksum: 23074870 998294807dde61335d413ecf50fdbf3b
        Size/MD5 checksum:  3967560 590a467f25e74daf442dfd54caaf104e
        Size/MD5 checksum:   303240 9620ba551b29adb6052e13f8277347c0
        Size/MD5 checksum:   302768 59fe05d578020afc8e1e8fe3fce3b41c
        Size/MD5 checksum: 28568828 86e20054979d1ffc56c24f5db73d044a
        Size/MD5 checksum:   110406 3a073335ba3488e55549b82e005fefda
        Size/MD5 checksum: 15056072 429c33859de62cdfaa86e809e8625bec
        Size/MD5 checksum:   359706 43272f2843e3b39735812c24aad332f5
    powerpc architecture (PowerPC)
        Size/MD5 checksum:   110358 eb7bc8e6a28a6801bc7be5d22bf95a2f
        Size/MD5 checksum: 23581674 48797e6c39bef5a0fd120d973b541f07
        Size/MD5 checksum:   363808 c2c489e8798d50db73d709367e390113
        Size/MD5 checksum:   365378 a4c38de9a287a71e84d09d5474393d41
        Size/MD5 checksum:   110392 9dd420c73a4b0c7d55fe2372a439adfb
        Size/MD5 checksum: 23420066 5bf69b74154de2ae05db3280f2070b74
        Size/MD5 checksum:  3782640 31d483da8ccb87dbd7f75200515c8b3f
        Size/MD5 checksum: 23474914 42ba4ae5a23355aba50cb1a8c018a631
        Size/MD5 checksum:   366524 a3970adc5168a37d49f28c5ce4ca05ff
        Size/MD5 checksum:   746782 d0ef1631862e4130479ce4e3da0a6050
        Size/MD5 checksum:  3814900 2b936155fef59a231764ca014043b806
        Size/MD5 checksum:   370710 35281c3da9947c322b12a014adabbcad
        Size/MD5 checksum: 23159310 22caa95faeb5687d37e677b4e34503b6
        Size/MD5 checksum:   371066 9961d473b25000f7bb7a23bde2720323
        Size/MD5 checksum: 23557104 bd8ab7bd0594a795f34dac94ee24ffae
    s390 architecture (IBM S/390)
        Size/MD5 checksum:   758022 786d9ca518b1a573caf38f5492104cc4
        Size/MD5 checksum:   238208 3155d20f0210f5fd9a2e27fc28165502
        Size/MD5 checksum:   236574 05d74c2012431ee9bdae90e172a82de0
        Size/MD5 checksum:   237136 7950ba3ebfc31e3cf6536b34eccaf684
        Size/MD5 checksum:  7828888 56510e3515975d5ed979a55fb0bb14b7
        Size/MD5 checksum:  1633146 654e757be4670f764a99049c7984aa98
        Size/MD5 checksum:  3633806 0c911d5a677f4fdb22f44cf617cd8374
        Size/MD5 checksum:  7534830 da50ed9bfd6846d2ab2ced362b19ab4e
        Size/MD5 checksum:  7889984 06c9c7d89731808d7e376986cc472843
        Size/MD5 checksum:   110394 68dd1fe380aa0c9ba6caa84f934569fd
        Size/MD5 checksum:   110416 c1d7fd64b9efab8228f305d5474de5d1
        Size/MD5 checksum:  3598560 f63cbef687984b543d1152e013bc95fe
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum: 14291528 b0e802720e53cb53650b8a2d75d1588d
        Size/MD5 checksum:   304718 aa3ebf9c5e7cde5fc11513c27b4396d0
        Size/MD5 checksum:   110370 d746af2e449aaf644370d7b88a03cf2d
        Size/MD5 checksum: 14631258 b056f4f2245e4e2da6ef8e7549224226
        Size/MD5 checksum: 14611896 ad3108a56bbacf863b4f18521275887c
        Size/MD5 checksum:   800838 114ac1590a19b405fcacfb06ee36e55a
        Size/MD5 checksum:  3820700 fff1d7baf26f32217a8100ca14875708
        Size/MD5 checksum:   110352 02deff17df2e96a0ed208d786bdf9315
        Size/MD5 checksum:  3785870 518b0d1f9d0d13adce8d6707726031ab
        Size/MD5 checksum:   302894 c9354f7c9769be34b6356e0d042a294e
        Size/MD5 checksum:   304918 228d8163856c2e8e261b0fd086475d68
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"7","type":"x","order":"1","pct":100,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.