Debian Security Advisory DSA 438-1                     security@debian.org 
Debian -- Security Information                              Martin Schulze
February 18th, 2004                      Debian -- Debian security FAQ 
- --------------------------------------------------------------------------

Package        : kernel-source-2.4.18, kernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386, kernel-image-2.4.18-i386bf, kernel-patch-2.4.18-powerpc
Vulnerability  : missing function return value check
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2004-0077

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical
security vulnerability in the memory management code of Linux inside
the mremap(2) system call.  Due to missing function return value check
of internal functions a local attacker can gain root privileges.

For the stable distribution (woody) this problem has been fixed in
version 2.4.18-14.2 of kernel-source, version 2.4.18-14 of alpha
images, version 2.4.18-12.2 of i386 images, version 2.4.18-5woody7
of i386bf images and version 2.4.18-1woody4 of powerpc images.

Other architectures will probably mentioned in a separate advisory or
are not affected (m68k).

For the unstable distribution (sid) this problem is fixed in version
2.4.24-3 for source, i386 and alpha images and version 2.4.22-10 for
powerpc images.

This problem is also fixed in the upstream version of Linux 2.4.25 and
2.6.3.

We recommend that you upgrade your Linux kernel packages immediately.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

      
      Size/MD5 checksum:      664 38e578dda3dd54a5daa6b8badcac1a58
      
      Size/MD5 checksum:    67490 e1ef6246f639481dfd8b3c5b15d8668e
      
      Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2

      
      Size/MD5 checksum:      876 7774c946590a5a80332ca920f67cc8ec
      
      Size/MD5 checksum:    24477 b9c0ba46774c2da3be69851110d6f2f9

      
      Size/MD5 checksum:     1193 b44a4e8f803bb2214bd0c4c3e9f88d81
      
      Size/MD5 checksum:    70044 f4caad005d02a1c7cadfa73bfc4952fb

      
      Size/MD5 checksum:      656 e091295663f495df0ea8273703decef0
      
      Size/MD5 checksum:    26249 f84d855e356c1f5290f6fe96d9e039c8

      
      Size/MD5 checksum:      713 7f68980058d55c40a037c6666354ffe9
      
      Size/MD5 checksum:    79541 bff712e95a6960659a0e96dab9732ed4

  Architecture independent components:

      
      Size/MD5 checksum:  1719692 32cb6638a9be7e7f7332152c04854bba
      
      Size/MD5 checksum: 24133918 306f15a8a6279221394b6a8ac2c5a69c

      
      Size/MD5 checksum:    79274 8ea5d169fd45e464c1213e729e4e5368

  Alpha architecture:

      
      Size/MD5 checksum:  3363042 9ee4da919ccec99281efdaaae303af73
      
      Size/MD5 checksum:  3512422 47b306297211fd7079abb918bb10ef37
      
      Size/MD5 checksum:  3515048 d0153184a825640d1fe64b905ab98de4
      
      Size/MD5 checksum: 12425644 aa320665938f55d33bfc8a9593e4639f
      
      Size/MD5 checksum: 12800414 2901b9a0ff3cabfbb4249ee2cbb94b43

  Intel IA-32 architecture:

      
      Size/MD5 checksum:  3412982 cad64cfd789bfa49fe5463a3b4a8a5bd
      
      Size/MD5 checksum:  3503440 02c707f32c72f98df9002c04006aae6b
      
      Size/MD5 checksum:  3504340 bd5e69e90ab3be3378f588abbfe23c79
      
      Size/MD5 checksum:  3504232 6ab9026a1484be3aaf7fa08217ae9c5c
      
      Size/MD5 checksum:  3505300 2ffc58a24a13bf0991be5b982026b6c5
      
      Size/MD5 checksum:  3504034 a448bb692b10914a3a7f7f1d9b16be96
      
      Size/MD5 checksum:  3504256 349318073fbd9b6f3eae2b7bc5d65b54
      
      Size/MD5 checksum:  8797608 df96f2969970f149992e74cfd7838919
      
      Size/MD5 checksum:  8704208 b29d3a133a3d5485645a1428045481f2
      
      Size/MD5 checksum:  8703628 fdf8ddc2c2fdc0c5ceffb9f34b8dc00f
      
      Size/MD5 checksum:  8959706 da0efa81b152f5ce0e949ba00a58b1f0
      
      Size/MD5 checksum:  8660826 78ee935b25e3cb8e1d6affc13e78aa35
      
      Size/MD5 checksum:  8863038 8b0605e449390dfd819e5543c79fe0e3
      
      Size/MD5 checksum:   228532 83d533868f288d4bd7866cf4b3114321
      
      Size/MD5 checksum:   228084 dca93798c731513d7f8908c591fc4992
      
      Size/MD5 checksum:   227546 99c579382f1c93af23cdedb9dfdce997
      
      Size/MD5 checksum:   231188 cae74563956d0a8757994959b101e5c0
            Size/MD5 checksum:   227180 eb3383f20e4123b964a6143fae4be03b
            Size/MD5 checksum:   230440 e4875246851ee5dd470bf61af43e2ef6

      
      Size/MD5 checksum:  3410436 8238f8f8d03b19071ca774e611c83cd5
      
      Size/MD5 checksum:  6425110 e7e25ace06cd1edbb6967c3cae155e09

  PowerPC architecture:

      
      Size/MD5 checksum:  3432656 4116a684a091bbc46a94fcafc03ba50a
      
      Size/MD5 checksum:  9452588 ca305391d3dfe3aa0ab140a047d67df2
      
      Size/MD5 checksum: 10101958 d427f943297e02355545d7fa1a2ab263
      
      Size/MD5 checksum: 10345492 4d6e160cb19df083c4d238f8ff1e4913


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb  Debian -- Security Information  stable/updates main
For dpkg-ftp:    dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and  http://packages.debian.org/

Debian: kernel Privilege escalation vulnerability DSA-438-1

February 18, 2004
Due to missing function return value check of internal functions a local attacker can gain root privileges.

Summary

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical
security vulnerability in the memory management code of Linux inside
the mremap(2) system call. Due to missing function return value check
of internal functions a local attacker can gain root privileges.

For the stable distribution (woody) this problem has been fixed in
version 2.4.18-14.2 of kernel-source, version 2.4.18-14 of alpha
images, version 2.4.18-12.2 of i386 images, version 2.4.18-5woody7
of i386bf images and version 2.4.18-1woody4 of powerpc images.

Other architectures will probably mentioned in a separate advisory or
are not affected (m68k).

For the unstable distribution (sid) this problem is fixed in version
2.4.24-3 for source, i386 and alpha images and version 2.4.22-10 for
powerpc images.

This problem is also fixed in the upstream version of Linux 2.4.25 and
2.6.3.

We recommend that you upgrade your Linux kernel packages immediately.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody

Source archives:


Size/MD5 checksum: 664 38e578dda3dd54a5daa6b8badcac1a58

Size/MD5 checksum: 67490 e1ef6246f639481dfd8b3c5b15d8668e

Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2


Size/MD5 checksum: 876 7774c946590a5a80332ca920f67cc8ec

Size/MD5 checksum: 24477 b9c0ba46774c2da3be69851110d6f2f9


Size/MD5 checksum: 1193 b44a4e8f803bb2214bd0c4c3e9f88d81

Size/MD5 checksum: 70044 f4caad005d02a1c7cadfa73bfc4952fb


Size/MD5 checksum: 656 e091295663f495df0ea8273703decef0

Size/MD5 checksum: 26249 f84d855e356c1f5290f6fe96d9e039c8


Size/MD5 checksum: 713 7f68980058d55c40a037c6666354ffe9

Size/MD5 checksum: 79541 bff712e95a6960659a0e96dab9732ed4

Architecture independent components:


Size/MD5 checksum: 1719692 32cb6638a9be7e7f7332152c04854bba

Size/MD5 checksum: 24133918 306f15a8a6279221394b6a8ac2c5a69c


Size/MD5 checksum: 79274 8ea5d169fd45e464c1213e729e4e5368

Alpha architecture:


Size/MD5 checksum: 3363042 9ee4da919ccec99281efdaaae303af73

Size/MD5 checksum: 3512422 47b306297211fd7079abb918bb10ef37

Size/MD5 checksum: 3515048 d0153184a825640d1fe64b905ab98de4

Size/MD5 checksum: 12425644 aa320665938f55d33bfc8a9593e4639f

Size/MD5 checksum: 12800414 2901b9a0ff3cabfbb4249ee2cbb94b43

Intel IA-32 architecture:


Size/MD5 checksum: 3412982 cad64cfd789bfa49fe5463a3b4a8a5bd

Size/MD5 checksum: 3503440 02c707f32c72f98df9002c04006aae6b

Size/MD5 checksum: 3504340 bd5e69e90ab3be3378f588abbfe23c79

Size/MD5 checksum: 3504232 6ab9026a1484be3aaf7fa08217ae9c5c

Size/MD5 checksum: 3505300 2ffc58a24a13bf0991be5b982026b6c5

Size/MD5 checksum: 3504034 a448bb692b10914a3a7f7f1d9b16be96

Size/MD5 checksum: 3504256 349318073fbd9b6f3eae2b7bc5d65b54

Size/MD5 checksum: 8797608 df96f2969970f149992e74cfd7838919

Size/MD5 checksum: 8704208 b29d3a133a3d5485645a1428045481f2

Size/MD5 checksum: 8703628 fdf8ddc2c2fdc0c5ceffb9f34b8dc00f

Size/MD5 checksum: 8959706 da0efa81b152f5ce0e949ba00a58b1f0

Size/MD5 checksum: 8660826 78ee935b25e3cb8e1d6affc13e78aa35

Size/MD5 checksum: 8863038 8b0605e449390dfd819e5543c79fe0e3

Size/MD5 checksum: 228532 83d533868f288d4bd7866cf4b3114321

Size/MD5 checksum: 228084 dca93798c731513d7f8908c591fc4992

Size/MD5 checksum: 227546 99c579382f1c93af23cdedb9dfdce997

Size/MD5 checksum: 231188 cae74563956d0a8757994959b101e5c0
Size/MD5 checksum: 227180 eb3383f20e4123b964a6143fae4be03b
Size/MD5 checksum: 230440 e4875246851ee5dd470bf61af43e2ef6


Size/MD5 checksum: 3410436 8238f8f8d03b19071ca774e611c83cd5

Size/MD5 checksum: 6425110 e7e25ace06cd1edbb6967c3cae155e09

PowerPC architecture:


Size/MD5 checksum: 3432656 4116a684a091bbc46a94fcafc03ba50a

Size/MD5 checksum: 9452588 ca305391d3dfe3aa0ab140a047d67df2

Size/MD5 checksum: 10101958 d427f943297e02355545d7fa1a2ab263

Size/MD5 checksum: 10345492 4d6e160cb19df083c4d238f8ff1e4913


These files will probably be moved into the stable distribution on
its next revision.

For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/



Severity
Package : kernel-source-2.4.18, kernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386, kernel-image-2.4.18-i386bf, kernel-patch-2.4.18-powerpc
Vulnerability : missing function return value check
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0077

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved