Linux Security
    Linux Security
    Linux Security

    Debian: Linux 2.6.8 fix several vulnerabilities DSA-1184-2

    Date 25 Sep 2006
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1184-2                    This email address is being protected from spambots. You need JavaScript enabled to view it.                               Dann Frazier
    September 26th, 2006          
    - --------------------------------------------------------------------------
    Package        : kernel-source-2.6.8
    Vulnerability  : several
    Problem type   : remote
    Debian-specific: no
    CVE IDs        : CVE-2004-2660 CVE-2005-4798 CVE-2006-1052 CVE-2006-1343
                     CVE-2006-1528 CVE-2006-1855 CVE-2006-1856 CVE-2006-2444
                     CVE-2006-2446 CVE-2006-2935 CVE-2006-2936 CVE-2006-3468
                     CVE-2006-3745 CVE-2006-4093 CVE-2006-4145 CVE-2006-4535
    CERT advisory  : VU#681569
    BugTraq IDs    : 17203 17830 18081 18099 18101 18105 18847 19033 19396
                     19562 19615 19666 20087
    This advisory covers the S/390 components of the recent security
    update for the Linux 2.6.8 kernel that was missing due to technical
    problems.  For reference below please see the original advisory text.
    Several security related problems have been discovered in the Linux
    kernel which may lead to a denial of service or even the execution of
    arbitrary code.  The Common Vulnerabilities and Exposures project
    identifies the following problems:
        Toshihiro Iwamoto discovered a memory leak in the handling of
        direct I/O writes that allows local users to cause a denial of
        A buffer overflow in NFS readlink handling allows a malicious
        remote server to cause a denial of service.
        Stephen Smalley discovered a bug in the SELinux ptrace handling
        that allows local users with ptrace permissions to change the
        tracer SID to the SID of another process.
        Pavel Kankovsky discovered an information leak in the getsockopt
        system call which can be exploited by a local program to leak
        potentially sensitive memory to userspace.
        Douglas Gilbert reported a bug in the sg driver that allows local
        users to cause a denial of service by performing direct I/O
        transfers from the sg driver to memory mapped I/O space.
        Mattia Belletti noticed that certain debugging code left in the
        process management code could be exploited by a local attacker to
        cause a denial of service.
        Kostik Belousov discovered a missing LSM file_permission check in
        the readv and writev functions which might allow attackers to
        bypass intended access restrictions.
        Patrick McHardy discovered a bug in the SNMP NAT helper that
        allows remote attackers to cause a denial of service.
        A race condition in the socket buffer handling allows remote
        attackers to cause a denial of service.
        Diego Calleja Garcia discovered a buffer overflow in the DVD
        handling code that could be exploited by a specially crafted DVD
        or USB storage device to execute arbitrary code.
        A bug in the serial USB driver has been discovered that could be
        exploited by a custom made USB serial adapter to consume arbitrary
        amounts of memory.
        James McKenzie discovered a denial of service vulnerability in the
        NFS driver.  When exporting an ext3 file system over NFS, a remote
        attacker could exploit this to trigger a file system panic by
        sending a specially crafted UDP packet.
        Wei Wang discovered a bug in the SCTP implementation that allows
        local users to cause a denial of service and possibly gain root
        Olof Johansson discovered that the kernel did not disable the HID0
        bit on PowerPC 970 processors which could be exploited by a local
        attacker to cause a denial of service.
        A bug in the Universal Disk Format (UDF) filesystem driver could
        be exploited by a local user to cause a denial of service.
        David Miller reported a problem with the fix for CVE-2006-3745
        that allows local users to crash the system using via an SCTP
        socket with a certain SO_LINGER value.
    The following matrix explains which kernel version for which
    architecture fixes the problem mentioned above:
                                         stable (sarge)
        Source                           2.6.8-16sarge5
        Alpha architecture               2.6.8-16sarge5
        AMD64 architecture               2.6.8-16sarge5
        HP Precision architecture        2.6.8-6sarge5
        Intel IA-32 architecture         2.6.8-16sarge5
        Intel IA-64 architecture         2.6.8-14sarge5
        Motorola 680x0 architecture      2.6.8-4sarge5
        PowerPC architecture             2.6.8-12sarge5
        IBM S/390                        2.6.8-5sarge5
        Sun Sparc architecture           2.6.8-15sarge5
        FAI                              1.9.1sarge4
    Due to some internal problems kernel packages for the S/390 are
    missing and will be provided later.
    For the unstable distribution (sid) these problems have been fixed in
    version 2.6.18-1.
    We recommend that you upgrade your kernel package and reboot the
    machine.  If you have built a custom kernel from the kernel source
    package, you will need to rebuild to take advantage of these fixes.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given at the end of this advisory:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      846 1bcc93834f3d4ae2a83731ba2dab444c
          Size/MD5 checksum:    13994 feb0f938746f52cf80597ef8ff5691fc
      Architecture independent components:
          Size/MD5 checksum:    12084 ab2e51bb8bbbbfcc392b725f955f96c0
      IBM S/390 architecture:
          Size/MD5 checksum:  5087410 92c4b60e889e92f05f30214020b50955
          Size/MD5 checksum:  2981914 f71d20cba548768ee4e44ffe28be947d
          Size/MD5 checksum:  1144574 7e3ae52a9d115cdca1c79d3946cd4e6c
          Size/MD5 checksum:  3189746 f1bd52a536ae5a13427c8b935bd81434
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.