Debian: Linux 2.6.8 fix several vulnerabilities DSA-1233-1

    Date 10 Dec 2006
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1233-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                               Dann Frazier
    December 10th, 2006           
    - --------------------------------------------------------------------------
    Package        : kernel-source-2.6.8
    Vulnerability  : several
    Problem-Type   : local/remote
    Debian-specific: no
    CVE ID         : CVE-2006-3741 CVE-2006-4538 CVE-2006-4813 CVE-2006-4997
                     CVE-2006-5174 CVE-2006-5619 CVE-2006-5649 CVE-2006-5751
    Several local and remote vulnerabilities have been discovered in the Linux
    kernel that may lead to a denial of service or the execution of arbitrary
    code. The Common Vulnerabilities and Exposures project identifies the
    following problems:
        Stephane Eranian discovered a local DoS (Denial of Service) vulnerability
        on the ia64 architecture. A local user could exhaust the available file
        descriptors by exploiting a counting error in the permonctl() system call.
        Kirill Korotaev reported a local DoS (Denial of Service) vulnerability
        on the ia64 and sparc architectures. A user could cause the system to
        crash by executing a malformed ELF binary due to insufficient verification
        of the memory layout.
        Dmitriy Monakhov reported a potential memory leak in the
        __block_prepare_write function. __block_prepare_write does not properly
        sanitize kernel buffers during error recovery, which could be exploited
        by local users to gain access to sensitive kernel memory.
        ADLab Venustech Info Ltd reported a potential remote DoS (Denial of
        Service) vulnerability in the IP over ATM subsystem. A remote system
        could cause the system to crash by sending specially crafted packets
        that would trigger an attempt to free an already-freed pointer
        resulting in a system crash.
        Martin Schwidefsky reported a potential leak of sensitive information
        on s390 systems. The copy_from_user function did not clear the remaining
        bytes of the kernel buffer after receiving a fault on the userspace
        address, resulting in a leak of uninitialized kernel memory. A local user
        could exploit this by appending to a file from a bad address.
        James Morris reported a potential local DoS (Denial of Service)
        vulnerability that could be used to hang or oops a system. The seqfile
        handling for /proc/net/ip6_flowlabel has a flaw that can be exploited to
        cause an infinite loop by reading this file after creating a flowlabel.
        Fabio Massimo Di Nitto reported a potential remote DoS (Denial of Service)
        vulnerability on powerpc systems.  The alignment exception only
        checked the exception table for -EFAULT, not for other errors. This can
        be exploited by a local user to cause a system crash (panic).
        Eugene Teo reported a vulnerability in the get_fdb_entries function that
        could potentially be exploited to allow arbitrary code execution with
        escalated priveleges.
        Bill Allombert reported that various mount options are ignored by smbfs
        when UNIX extensions are enabled. This includes the uid, gid and mode
        options. Client systems would silently use the server-provided settings
        instead of honoring these options, changing the security model. This
        update includes a fix from Haroldo Gamal that forces the kernel to honor
        these mount options. Note that, since the current versions of smbmount
        always pass values for these options to the kernel, it is not currently
        possible to activate unix extensions by omitting mount options. However,
        this behavior is currently consistent with the current behavior of the
        next Debian release, 'etch'.
    The following matrix explains which kernel version for which architecture
    fix the problems mentioned above:
                                     Debian 3.1 (sarge)
         Source                      2.6.8-16sarge6
         Alpha architecture          2.6.8-16sarge6
         AMD64 architecture          2.6.8-16sarge6
         HP Precision architecture   2.6.8-6sarge6
         Intel IA-32 architecture    2.6.8-16sarge6
         Intel IA-64 architecture    2.6.8-14sarge6
         Motorola 680x0 architecture 2.6.8-4sarge6
         PowerPC architecture        2.6.8-12sarge6
         IBM S/390 architecture      2.6.8-5sarge6
         Sun Sparc architecture      2.6.8-15sarge6
    The following matrix lists additional packages that were rebuilt for
    compatibility with or to take advantage of this update:
                                     Debian 3.1 (sarge)
         fai-kernels                 1.9.1sarge5
    We recommend that you upgrade your kernel package immediately and reboot
    the machine. If you have built a custom kernel from the kernel source
    package, you will need to rebuild to take advantage of these fixes.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      621 011ee5100e419cb2f0c7bc1cc30ac84a
          Size/MD5 checksum:    29571 d148029e7fe13f42ab21c5eb43de8204
          Size/MD5 checksum:      812 f693cfc9f2cd655d084ca005326c126e
          Size/MD5 checksum:    40661 4e5045c3579ad31ff3ef6bc7c37bd292
          Size/MD5 checksum:     1103 5f1ba98eda946487e954612202ebfd08
          Size/MD5 checksum:    78113 c5a97681365085c2fe8e0434f87a99df
          Size/MD5 checksum:     1013 a992f3eea9565bbad701e8b7b9de901e
          Size/MD5 checksum:    69167 1eb1a08a3677ac93c3f2b881a6372830
          Size/MD5 checksum:     1047 371bc0e772a2de1e60d7c147779ee493
          Size/MD5 checksum:    92372 5bf576e9a0de27e48c54086ab65f6496
          Size/MD5 checksum:     1191 a89cdab675fdfc739b3e7e45b79a8e79
          Size/MD5 checksum:    65823 c026a5b58cd2126f7a5b7b49cd6871d0
          Size/MD5 checksum:      874 e0b1a23eb96c7f518d5f6ebbf55de163
          Size/MD5 checksum:    19011 ec0effc4a6dc039914338c10ef487de9
          Size/MD5 checksum:      846 359e3d309b037d46ea347dfa221b06fc
          Size/MD5 checksum:    14602 b9fade60d70a3149dfb975f46fa24876
          Size/MD5 checksum:     1036 12556f5dfc700f91c58312c425df72e6
          Size/MD5 checksum:    28517 d07e30138d6fb6f17664baaba77c2ac5
          Size/MD5 checksum:     1072 30e4b72b36b22e307d597dcb3d4d20e5
          Size/MD5 checksum:    28554 0022914d14f9ea691ac35d79b3cc1bb7
          Size/MD5 checksum:     1002 9e5b12cb1d4c98cddc88e5c36bf7d951
          Size/MD5 checksum:  1067572 1d83d174a3b2f5e6b03bcbf53c4d877f
          Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
      Architecture independent components:
          Size/MD5 checksum:  6192778 9c16bf9ab5f0ecf6551812f3e0e693ac
          Size/MD5 checksum:  1116726 3156984be3fc859f717a4253bd0ea462
          Size/MD5 checksum: 34943318 4b4ecbf67cb066043d0d9447b5238d28
          Size/MD5 checksum:    36670 67ed3f0138673fdf06494239a3531972
          Size/MD5 checksum:    12640 482b528f209c1c2cae844c28d6b18ae3
      Alpha architecture:
          Size/MD5 checksum:  2761698 83f1d28bc308bc26af3d17abacfdd30f
          Size/MD5 checksum:   233604 4043f87dd5ae9112e28a72094bea4a86
          Size/MD5 checksum:   228886 02018d26ea8bfd1e0b8af7580ba05113
          Size/MD5 checksum: 20237958 816d6775108cf3e9515b5605849d3051
          Size/MD5 checksum: 20097652 e66a50b7968d11f9a1951d544134ebd0
      AMD64 architecture:
          Size/MD5 checksum:  2724402 87e94eebbe634daa042e7b62a49b8aab
          Size/MD5 checksum:   227732 e29cc25197c45b2cee30c7f1a957716f
          Size/MD5 checksum:   226898 7dc6ccee008e587fad16c8520e53acc8
          Size/MD5 checksum:   222930 6fa3fd9a93f01842cb2f913d69b60777
          Size/MD5 checksum:   224678 c355e6eec253fa1a60592ecf97850d94
          Size/MD5 checksum:   221322 02266d74b03665409b8616688df66228
          Size/MD5 checksum: 12571284 c0a9538516a6cce193b918dec8b0a0e3
          Size/MD5 checksum: 13271158 208285a35c6d9ee4844f19196810214d
          Size/MD5 checksum: 13228820 497f1fd377746b9969ccb322e81b96fd
          Size/MD5 checksum: 13074616 10c7d4caa55222d8d4e445b161805335
          Size/MD5 checksum: 13053762 8dd7a6bcb65be4d1ec36b5b8df791e9f
      Intel IA-32 architecture:
          Size/MD5 checksum:  2724464 a8c2ca19ce721a696635823d29debf36
          Size/MD5 checksum:   227760 7cc36da576c41b0cc36ed299ceb3b924
          Size/MD5 checksum:   226792 92b357210c7cd4f06699af1d8af8d9da
          Size/MD5 checksum:   222922 6c9be69bcbb8373ea339ecbf7b3b4ab0
          Size/MD5 checksum:   224708 8a3c89878570fb4f8af43dac22a31f7f
          Size/MD5 checksum:   221334 51763611463ba3b42d81dcc73ddf8cd5
          Size/MD5 checksum: 12571406 e4d6d6b706f2bde44c2f20a9eb63b381
          Size/MD5 checksum: 13271216 f5091383a3245a517e7275cdf54434d8
          Size/MD5 checksum: 13228944 9979df016583c651084a316b3e60229c
          Size/MD5 checksum: 13227554 b31733336fad578c66ef2c5ee9809da1
          Size/MD5 checksum: 13203760 55665ff1ef5f7d19152b0ab55932d55b
          Size/MD5 checksum: 12002364 a235fc98f68f558e5ecc1ec7b42dd57e
          Size/MD5 checksum:  2781060 f1541ee9b97a523d3ec3a9718326e599
          Size/MD5 checksum:   260032 7b8f626d8a9f4461fa4c0514f88d1030
          Size/MD5 checksum:   258208 643338f6374486ca34800bd55f66743a
          Size/MD5 checksum:   255130 7f56f0182538f628f7ae6a03500b7aa9
          Size/MD5 checksum:   258046 12e637c2a82bc35395ec0d5eb09218a7
          Size/MD5 checksum:   255482 e47c34d5ea1c446dcb46018b655e4d5e
          Size/MD5 checksum: 14067514 9e25ec9a77d23f6111a096c22133704d
          Size/MD5 checksum: 15550508 2ccf7a2cfcb0b1629a8502bc9ea894bb
          Size/MD5 checksum: 15384328 8413949fb631cba0c41162f9973f448c
          Size/MD5 checksum: 15273574 a4615f36347ba4101f0316d860b0a999
          Size/MD5 checksum: 15165006 ded0d2ddc82edb483927736d0945a26f
      HP Precision architecture:
          Size/MD5 checksum:  2802706 e66daaf1ddef2c2d2d85c884487e94e1
          Size/MD5 checksum:   213308 4f856b7eb46570f2ff63872c76370557
          Size/MD5 checksum:   212830 8b7c179ad04d28d4351ef0335a71f846
          Size/MD5 checksum:   212172 964f4250b6228da3ffb42506831f952d
          Size/MD5 checksum:   211598 0c3a2b31ce52efdd3d25892bc8dbe4a7
          Size/MD5 checksum: 16038152 f4f0f9265fbe9759a8226791494c3d87
          Size/MD5 checksum: 16945098 7f48536252a7f397d4c3ccaa5c27acd1
          Size/MD5 checksum: 17488884 be22fbe687ccbdc74e46d82a50aa67e8
          Size/MD5 checksum: 18323104 bc84726f1d311731839a482470eac180
      Intel IA-64 architecture:
          Size/MD5 checksum:     8328 437a9e1f12ef5c44488123133be693f9
          Size/MD5 checksum:     8392 f350a2c8648dba4b9131bb6727f62a3c
          Size/MD5 checksum:     8354 4c2ac89127aca46b3c7caa94627cb790
          Size/MD5 checksum:     8422 90d9c28d0597fd071783627dfeb5a47d
          Size/MD5 checksum:  3100586 fe42f8372f9bd4e7aede89524752b258
          Size/MD5 checksum:   202016 f39ab5662025051f1a5f4071f98b8326
          Size/MD5 checksum:   201574 02242af3e14a45afbce321f9da26c4c3
          Size/MD5 checksum:   201736 6266254168512c6844bfc36c7c99baf1
          Size/MD5 checksum:   201358 0cf4e051888b2f2b447784ee95bd16bf
          Size/MD5 checksum:     8322 a4ef844e4a9a825b6d4e8458124b4c70
          Size/MD5 checksum:     8392 00f9abeb1db174321d20e5195476bf4d
          Size/MD5 checksum:     8350 4cda64538a8aded969f0737e8841bb8f
          Size/MD5 checksum:     8420 8fdcb1a497de06056e444fe666cd7eb3
          Size/MD5 checksum: 21492518 9ebc1de753630b3e7bc1375cebe40baf
          Size/MD5 checksum: 22143884 c8e8efe7d0e8e8bd5c7d9848c238da39
          Size/MD5 checksum: 21414040 436463ce77158481c193d7a393081525
          Size/MD5 checksum: 22159592 e78bd1c46d232ac6fbca8359e0b17217
      Motorola 680x0 architecture:
          Size/MD5 checksum:  3307308 19f3b7edc060d43e53340d9089d75f85
          Size/MD5 checksum:  3105070 c71f6661668cc4b7d24a74d05c61ec0f
          Size/MD5 checksum:  3017094 038b505e49d176ff9c6c2c29008c81b6
          Size/MD5 checksum:  2990546 fd8a9013b726c7cdd3af0ffc788ed464
          Size/MD5 checksum:  3176400 4f07b7599c4bf68fce66dc1b3d50027e
          Size/MD5 checksum:  2981206 74ac4e38ff78db512904f6fde1942d7d
          Size/MD5 checksum:  3050512 290c886ef124a7e8e0081c787dac1e02
          Size/MD5 checksum:  3111864 bed2bdc831f4aceb2cdab00dc6c9ff74
          Size/MD5 checksum:  2996748 072ad661017bb265f727971d64d22713
      IBM S/390 architecture:
          Size/MD5 checksum:  5088210 67913b4030c03602ab7b995e18a61ff0
          Size/MD5 checksum:  2983156 f075548343f44a55fa86950ab1acfd4e
          Size/MD5 checksum:  1145348 c985c3054acf6d23de65e2b1e8abceb1
          Size/MD5 checksum:  3190572 3761b55bbeebbb0f95ead41ed1c63645
      Sun Sparc architecture:
          Size/MD5 checksum:     6914 80f27150809880437b8eea7cdacf86aa
          Size/MD5 checksum:  2892460 fe5a212dc746cb2cd3b6f89cd3ec0910
          Size/MD5 checksum:   111930 47217a4688947b3541b160442c67c4e3
          Size/MD5 checksum:   146746 f7175f6a595c089d70cdcbc53da66741
          Size/MD5 checksum:   147416 3ba6d4524ee7f978629105f03a6cb888
          Size/MD5 checksum:  4556682 2e8d6bb2402f6eae4ca1c7d84fc038e5
          Size/MD5 checksum:  7436722 ad82ebcd955994cf9ba0a888665f7bc3
          Size/MD5 checksum:  7638170 97ea4b531b25d0184afe15bcf048dd61
      PowerPC architecture:
          Size/MD5 checksum:   408362 b1e56a6aa08127744684207cc77a5b18
          Size/MD5 checksum:   408258 9795e94f5386b04d96c1ed51b358152e
          Size/MD5 checksum:   408940 a7062df43f196e20ac34142bcb63094c
          Size/MD5 checksum:   408246 3039aa321500765dd3a90fdd02cabaf5
          Size/MD5 checksum:   408556 2730f0ac614407f07d4e3b89168ed1d0
          Size/MD5 checksum:   408344 0548e0547f8956e0b78154be37604c42
          Size/MD5 checksum:  5149586 138c219551722913760971e091ee01fa
          Size/MD5 checksum: 13587372 0eccec26ecc77a85a92882d85cd4dee7
          Size/MD5 checksum: 13940646 0d090a94b0d5d0087d03336eec38aafb
          Size/MD5 checksum: 13573608 1bf18727501cba237540f89661536a5d
          Size/MD5 checksum: 13928674 3364e627dcce97aceecb1f3d2993237f
          Size/MD5 checksum: 13605310 6f5cf3c2d1db6cc19247d16d7d6ffdab
          Size/MD5 checksum: 13860206 3d8bb4b7c4bdc8b34c7a840c3e9e894b
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Are you considering making the switch to Purism's new Librem 14 Linux laptop to improve your security and privacy online?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"109","title":"Yes - the hardware kill switches and default ad blocking\/tracking protection sold me on it.","votes":"3","type":"x","order":"1","pct":37.5,"resources":[]},{"id":"110","title":"Not sure yet - I need to do more research.","votes":"4","type":"x","order":"2","pct":50,"resources":[]},{"id":"111","title":"No - I'm satisfied with my current laptop and have no security\/privacy concerns.","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.