Debian: Linux 2.6.24 fix several vulnerabilities DSA-1655-1
October 16, 2008
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, privilege escalation or a leak of
sensitive data
Summary
Severity
- ----------------------------------------------------------------------Debian Security Advisory DSA-1655-1 security@debian.org
http://www.debian.org/security/ dann frazier
Oct 16, 2008 http://www.debian.org/security/faq
- ----------------------------------------------------------------------Package : linux-2.6.24
Vulnerability : denial of service/information leak/privilege escalation
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-1514 CVE-2008-3525 CVE-2008-3831 CVE-2008-4113
CVE-2008-4445
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, privilege escalation or a leak of
sensitive data. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2008-1514
Jan Kratochvil reported a local denial of service vulnerability in
the ptrace interface for the s390 architecture. Local users can
trigger an invalid pointer dereference, leading to a system panic.
CVE-2008-3525
Eugene Teo reported a lack of capability checks in the kernel
driver for Granch SBNI12 leased line adapters (sbni), allowing
local users to perform privileged operations.
CVE-2008-3831
Olaf Kirch discovered an issue with the i915 driver that may allow
local users to cause memory corruption by use of an ioctl with
insufficient privilege restrictions.
CVE-2008-4113/CVE-2008-4445
Eugene Teo discovered two issues in the SCTP subsystem which allow
local users to obtain access to sensitive memory when the
SCTP-AUTH extension is enabled.
For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.6.
We recommend that you upgrade your linux-2.6.24 packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mipsel, powerpc, s390 and sparc. An update for mips will be made available soon.
Source archives:
Size/MD5 checksum: 5107 48de15915d82e55c28f531d9c03f8ba0
Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af
Size/MD5 checksum: 3930604 d56abb873a5dc719332b1d6536656c15
Architecture independent packages:
Size/MD5 checksum: 754490 9b4effa960f1d60cd0b5ed6ea2eeb276
Size/MD5 checksum: 96114 a486ac629244fe13cacbaad4a888ad68
Size/MD5 checksum: 4467464 8881c194d888d42a8504df8ebb7dac6a
Size/MD5 checksum: 81296 7c3acdec53210e758132df5fe8f96bf4
Size/MD5 checksum: 1574790 098f0ba09349695dab163ec3c4e1b213
Size/MD5 checksum: 46934056 27dcac10ac224dbf0ea3c96e60c2c4e1
alpha architecture (DEC Alpha)
Size/MD5 checksum: 329948 add3abe6143d13abc68965961dbdcd6f
Size/MD5 checksum: 80800 be0ab1a9e34201c60264fca5800c5674
Size/MD5 checksum: 80824 2108b32684fe0c28b4293f5411eac78f
Size/MD5 checksum: 26729636 187130ad90d9e39d4abdd97c1da62f83
Size/MD5 checksum: 3451848 db78b7284667f27b2c5a06f67dd5e64c
Size/MD5 checksum: 329252 62d2e97fce17b226999845611531a0b9
Size/MD5 checksum: 27336528 75217a269e395b495f49458ad0cb8eb2
Size/MD5 checksum: 26752102 479851cee1d9c87af49eeffe836c8f89
Size/MD5 checksum: 329776 393c10f6ea419484672968c5fa2cc300
amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 351550 3b700488e134314fd27e7a761aaac7d4
Size/MD5 checksum: 3647352 7d20048c3f7f9518e2cb6157cdad48e0
Size/MD5 checksum: 80804 44a912ae2a8826e9302d52eac211dbe8
Size/MD5 checksum: 80810 c372449ab2f928ebfe7efd9bc7cb1773
Size/MD5 checksum: 19592336 c55e477bcd75542845b38e8fdd112a0c
arm architecture (ARM)
Size/MD5 checksum: 80916 b11a3bf5b354d5d2f024d5f5b0fca816
Size/MD5 checksum: 3934788 90f376950a0115bea3547f973d0a4f6c
Size/MD5 checksum: 9355260 2a29ed46faf5c56a5fd6096cd0f1ea05
Size/MD5 checksum: 307924 7ee32d34d994b2980c3e0821ac392c90
Size/MD5 checksum: 296594 0ba7174df934269e265af6451f1e4b18
Size/MD5 checksum: 80944 36a87cbb5369aa27ab4a546a51b85446
Size/MD5 checksum: 10737744 57ce738b5759bfd3feca027e6c93c94b
Size/MD5 checksum: 305872 137bbbedb611bacc01d6f96048f1a821
Size/MD5 checksum: 10729554 d4e852b1df8f9d8bb9371ac3babcc091
hppa architecture (HP PA RISC)
Size/MD5 checksum: 256456 87538709114e1a8ea4a29a90a9dcd286
Size/MD5 checksum: 258154 b9887dfa0260f402af629083d959278e
Size/MD5 checksum: 13329656 32f1bfe168940d18834a2a3858f40436
Size/MD5 checksum: 257322 9b4316ee6463c6a6dd81d4ee6a212898
Size/MD5 checksum: 80804 ae18fba1b4fe4bf83e6acd7e98d8a5e8
Size/MD5 checksum: 13841634 ca11fbd609743ae6fc386f7edd7c9470
Size/MD5 checksum: 3437414 a28f8733eb63906e78ddbe32a6edfdf4
Size/MD5 checksum: 80828 14cc33d8c676244f76438b8accb4d06e
Size/MD5 checksum: 14369012 172748e495c4d93078dcca89c45f2396
Size/MD5 checksum: 259814 2437868a242dd5d2b5403fcfc74d3b79
Size/MD5 checksum: 14831336 044b3ef7a34e2edd18941e739658ca07
i386 architecture (Intel ia32)
Size/MD5 checksum: 19294692 ac961ac035603aeaf0b8141ce821db93
Size/MD5 checksum: 360042 85f4e3d7b30681d454cfd011f49d317f
Size/MD5 checksum: 359312 4eedcfea638d74d172b2a1f866c07a34
Size/MD5 checksum: 360530 440664d0a76fe0514075739a054e973a
Size/MD5 checksum: 80934 ed830a3735ed9177bde8dee5e5e3556d
Size/MD5 checksum: 19357564 1856637922f4d1df0415aea3d5671929
Size/MD5 checksum: 19589426 91466826671229fcb791f5d61431c58c
Size/MD5 checksum: 3653990 6a03ceea6e01c2783ff15638a6438909
Size/MD5 checksum: 80906 922e31289adcfd7ae75bc96b21257056
Size/MD5 checksum: 19360576 4bddd3702ce7499f664b3755f956d1d0
Size/MD5 checksum: 347156 99a385a2d3edf8b570a46314796e28df
ia64 architecture (Intel ia64)
Size/MD5 checksum: 80804 9682374bcec6295daafa32461efe5da3
Size/MD5 checksum: 32203722 5ac267044ea75e0c051f2ed16ee87383
Size/MD5 checksum: 32021312 0fd4544ecdd8569e8f690b5cc8bec589
Size/MD5 checksum: 80824 a39fc72b03bb0f994b7c582f870fb95a
Size/MD5 checksum: 317000 d0c5e988ca6e30bd92cee6e35618dfab
Size/MD5 checksum: 3565166 41d9f7d23568d8eded625e927562e5c0
Size/MD5 checksum: 316738 1adcd211435796d2a72093cfddb1b65a
mipsel architecture (MIPS (Little Endian))
Size/MD5 checksum: 244632 43712995cd30dad2b026bff200263241
Size/MD5 checksum: 13313620 a2c5e64acf64de535efd4e76d0c1b82d
Size/MD5 checksum: 16624786 5cc10475050607d1f3123ccc130d97bf
Size/MD5 checksum: 21728704 21434db1c437554c422011c7f10ac551
Size/MD5 checksum: 80854 d42930db28e1845701ed09daa8073e8d
Size/MD5 checksum: 244394 356ca26aee8e2852922e89c25ed839a1
Size/MD5 checksum: 3801106 3e9c078ec4b9817b9ccb84b7efa1a119
Size/MD5 checksum: 26967954 753068f229b9f146d4fe564f20e22484
Size/MD5 checksum: 80806 2abb33f05dd7834fdfc0aee32f4b2a2b
Size/MD5 checksum: 244538 63656613d9cc17448ab68f0686c7df08
Size/MD5 checksum: 16558654 891eee92f05d50a19729223c6aeef483
Size/MD5 checksum: 308374 eebd3467e6ab6dfdb7f0b67d0a80f925
Size/MD5 checksum: 308220 c21ea1a747e6314b412c8b782fc269a6
powerpc architecture (PowerPC)
Size/MD5 checksum: 19482252 cd436f9cf405e4bbbe7325c308f543b8
Size/MD5 checksum: 80838 164adbb4f246282b5be5c3dc24fa105b
Size/MD5 checksum: 3670134 b7c9549cd26ac6096eff24719a469cca
Size/MD5 checksum: 319920 7ef2ccf66653d29e912596fc72ff3213
Size/MD5 checksum: 17457698 3e22ebf47fda77b178bfbcb0fad56ea2
Size/MD5 checksum: 19192262 dd4fadd46955665cebf6505380d2fe45
Size/MD5 checksum: 320258 652c19780d0089401032263695569e6b
Size/MD5 checksum: 21149996 5fe54ed942998c7ea8df3058ebd8f18e
Size/MD5 checksum: 319214 365910f6efce6eca2ffda7709b7b703b
Size/MD5 checksum: 293860 35d2c5ea482d943faac2b1326d3e68be
Size/MD5 checksum: 80808 8a015b64e37e60d2c1759dccefe5842b
s390 architecture (IBM S/390)
Size/MD5 checksum: 80808 cb84c618330af0b8014dca1b122cf6b1
Size/MD5 checksum: 80794 5eb39c72ef315672963db912933daecf
Size/MD5 checksum: 7194976 f3a675061a1942fd6b83b660b10c486f
Size/MD5 checksum: 6944314 9d472766fa8c08bdae2969b241f13287
Size/MD5 checksum: 192558 4d5eb9f0062639bbcaba8973684e0f3d
Size/MD5 checksum: 1498538 a974b4588418143d29086929f5012596
Size/MD5 checksum: 3427460 a305cf0a388170a82d19da6392754714
Size/MD5 checksum: 192724 036cb40e45e0aef80992b3e5fd33c5b0
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 80930 31766cfd14230d07ab1acdad6a4605f8
Size/MD5 checksum: 3648646 dc4c16e3a84214357380d0553c5c83f7
Size/MD5 checksum: 13315124 d1a35c95ac5365be26db70d038d72506
Size/MD5 checksum: 13016252 409de226e7ae203a38526862f3ecac4d
Size/MD5 checksum: 259632 d44ecef12bbb7e210c1a9ede07cfaa32
Size/MD5 checksum: 261686 786a46833d8b6fb8d8d807e338d66ba8
Size/MD5 checksum: 80910 8f6fcb5e9e0f47c56ffd0c31ff32b08d
These changes will probably be included in the stable distribution on
its next update.
- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
