Linux Security
    Linux Security
    Linux Security

    Debian: New Linux kernel 2.4.18 packages fix several vulnerabilities

    Date 21 May 2006
    4660
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1069-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/               Martin Schulze, Dann Frazier
    May 20th, 2006                          https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh
    Vulnerability  : several
    Problem-Type   : local/remote
    Debian-specific: no
    CVE IDs        : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685  CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135
    
    [This is a resend of the advisory text of DSA 1069-1, as the original one
    accidentally lacked te MD5 check sums]
    
    Several local and remote vulnerabilities have been discovered in the Linux
    kernel that may lead to a denial of service or the execution of arbitrary
    code. The Common Vulnerabilities and Exposures project identifies the
    following problems:
    
    
     CVE-2004-0427
    
         A local denial of service vulnerability in do_fork() has been found.     
    
     CVE-2005-0489
    
         A local denial of service vulnerability in proc memory handling has
         been found.
    
     CVE-2004-0394
    
         A buffer overflow in the panic handling code has been found.
    
     CVE-2004-0447
    
         A local denial of service vulnerability through a null pointer
         dereference in the IA64 process handling code has been found.
    
     CVE-2004-0554
    
         A local denial of service vulnerability through an infinite loop in
         the signal handler code has been found.
    
     CVE-2004-0565
    
         An information leak in the context switch code has been found on
         the IA64 architecture.
    
     CVE-2004-0685
    
         Unsafe use of copy_to_user in USB drivers may disclose sensitive
         information.
    
     CVE-2005-0001
    
         A race condition in the i386 page fault handler may allow privilege
         escalation.
    
     CVE-2004-0883
    
         Multiple vulnerabilities in the SMB filesystem code may allow denial
         of service of information disclosure.
    
     CVE-2004-0949
    
         An information leak discovered in the SMB filesystem code.
    
     CVE-2004-1016
    
         A local denial of service vulnerability has been found in the SCM layer.
    
     CVE-2004-1333
    
         An integer overflow in the terminal code may allow a local denial of
         service vulnerability.
    
     CVE-2004-0997
    
         A local privilege escalation in the MIPS assembly code has been found.
     
     CVE-2004-1335
     
         A memory leak in the ip_options_get() function may lead to denial of
         service.
          
     CVE-2004-1017
    
         Multiple overflows exist in the io_edgeport driver which might be usable
         as a denial of service attack vector.
     
     CVE-2005-0124
    
         Bryan Fulton reported a bounds checking bug in the coda_pioctl function
         which may allow local users to execute arbitrary code or trigger a denial
         of service attack.
    
     CVE-2005-0528
    
         A local privilege escalation in the mremap function has been found
    
     CVE-2003-0984
    
         Inproper initialization of the RTC may disclose information.
    
     CVE-2004-1070
    
         Insufficient input sanitising in the load_elf_binary() function may
         lead to privilege escalation.
    
     CVE-2004-1071
    
         Incorrect error handling in the binfmt_elf loader may lead to privilege
         escalation.
    
     CVE-2004-1072
    
         A buffer overflow in the binfmt_elf loader may lead to privilege
         escalation or denial of service.
    
     CVE-2004-1073
    
         The open_exec function may disclose information.
    
     CVE-2004-1074
    
         The binfmt code is vulnerable to denial of service through malformed
         a.out binaries.
    
     CVE-2004-0138
    
         A denial of service vulnerability in the ELF loader has been found.
    
     CVE-2004-1068
    
         A programming error in the unix_dgram_recvmsg() function may lead to
         privilege escalation.
    
     CVE-2004-1234
    
         The ELF loader is vulnerable to denial of service through malformed
         binaries.
    
     CVE-2005-0003
    
         Crafted ELF binaries may lead to privilege escalation, due to 
         insufficient checking of overlapping memory regions.
    
     CVE-2004-1235
    
         A race condition in the load_elf_library() and binfmt_aout() functions
         may allow privilege escalation.
    
     CVE-2005-0504
    
         An integer overflow in the Moxa driver may lead to privilege escalation.
    
     CVE-2005-0384
    
         A remote denial of service vulnerability has been found in the PPP
         driver.
    
     CVE-2005-0135
    
         An IA64 specific local denial of service vulnerability has been found
         in the unw_unwind_to_user() function.
    
    The following matrix explains which kernel version for which architecture
    fix the problems mentioned above:
    
                                         Debian 3.0 (woody)
         Source                          2.4.18-14.4
         Alpha architecture              2.4.18-15woody1
         Intel IA-32 architecture        2.4.18-13.2
         HP Precision architecture       62.4 
         PowerPC architecture            2.4.18-1woody6
         PowerPC architecture/XFS        20020329woody1            
         PowerPC architecture/benh       20020304woody1
         Sun Sparc architecture          22woody1    
    
    We recommend that you upgrade your kernel package immediately and reboot
    the machine.
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get dist-upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.dsc
          Size/MD5 checksum:      664 e66eee8b35df5d9f780a2b09db3cdd05
        https://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.diff.gz
          Size/MD5 checksum:    81246 cb17a014905f2887f6b501f64f779e22
        https://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
          Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.dsc
          Size/MD5 checksum:      750 522e81e5f4fdb2259bebef0e24f82b28
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.tar.gz
          Size/MD5 checksum:    26998 d4788765906cfc6792dd5ec875a8ecaa
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.dsc
          Size/MD5 checksum:     1193 0ca8bc314ef54bc3ab4c9c296fd646ee
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.tar.gz
          Size/MD5 checksum:    72467 dce62d476deb5778a73e8d0cb1904c57
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.dsc
          Size/MD5 checksum:      724 81445e6ef599c748a68b6ae584caaa97
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.tar.gz
          Size/MD5 checksum:    33405 a50d4542f801e318b2778fcafba5f0b1
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.dsc
          Size/MD5 checksum:      734 6b3f82a1442db234c98c1b5dd2df3b25
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.tar.gz
          Size/MD5 checksum:    81919 86adfacbd335393287f4be825a2c8c89
        https://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.dsc
          Size/MD5 checksum:      561 59754208d1c08b2c43b0b0302853b3b0
        https://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.tar.gz
          Size/MD5 checksum:  6030131 4446b0b03cb22fe9b9c230e1a7879965
    
    
      Architecture independent components:
    
        https://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.4_all.deb
          Size/MD5 checksum:  1721998 338b838922799a8b51263a0971fe48e9
        https://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4_all.deb
          Size/MD5 checksum: 24137152 0c4e20bf088cbdffbf68ba43ca26b2e1
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6_all.deb
          Size/MD5 checksum:    79788 d2fd4e178d1b39f9b36d953ac8ec8743
        https://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1_all.deb
          Size/MD5 checksum:  6065046 a7108836d30e9b1e477acb49b0c0cf0f
    
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15woody1_alpha.deb
          Size/MD5 checksum:  3351876 d9a4975763720d8fce7debc80bb79f63
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15woody1_alpha.deb
          Size/MD5 checksum:  3494576 3859c83de4315ed96f9708a51e045241
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15woody1_alpha.deb
          Size/MD5 checksum:  3496768 d71f68fc06c589873151f3f04bdf133e
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15woody1_alpha.deb
          Size/MD5 checksum: 11694314 2aa8fd58fb3c399cb116e770f8a5d5d1
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15woody1_alpha.deb
          Size/MD5 checksum: 12027076 dd1c23f37e48ba9d0a7ddfa88cf45d29
    
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3415450 d488aac93b07312e9dde5b91a6d631b2
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3505976 6eb395cc690576ec075a2b23ca4c2194
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3506954 807ca24843a58cf85a5e68c89faca563
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3507090 3c2546ab7c10ebf81fd455df8445a552
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3507950 68223703c4365e52b72362d3e2c8de3f
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3506762 754fd28c88640d2adb48c9112f811550
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  3506818 8173434dda3517ca6d777b8a1288eb9c
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8802200 78add9adc25b766f6d2d71dce28c4bf6
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8706062 472a648b1cc4aa7a48fd55181c65b791
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8709404 eb6966cbe26c20b45b09182977574ab4
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8961038 1297541ef30a29ad9650e1d40c24cd57
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8659464 0ed399a5da73df3b35fcd215b5011263
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13.2_i386.deb
          Size/MD5 checksum:  8865500 1b56f2739d199dfc85edcba38386b4af
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   231110 b6277e8187269984d46b9fbba104e195
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   230666 e7d69734cde1ea9172391aec10e11436
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   230198 ac36ed7f8dd38740a17837b2ea865fed
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   233800 8a863bfd914780df5d33a39cd5de0aaf
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   229768 556904c5c178f86edf7a8decbac09cc9
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13.2_i386.deb
          Size/MD5 checksum:   233054 cd4b0b4f688932c836220f77070cbd31
    
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1_powerpc.deb
          Size/MD5 checksum: 11439898 64015e0730aa9cca7313c601d1c401f3
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody6_powerpc.deb
          Size/MD5 checksum:  3433186 6a9e21c5ff417afe1b6c697c10f59de8
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody6_powerpc.deb
          Size/MD5 checksum:  9451006 2c2b9ee09fa3e3635f785410683af1c1
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody6_powerpc.deb
          Size/MD5 checksum: 10099720 4c85feb2001345ce597530d3d8b2bb86
        https://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody6_powerpc.deb
          Size/MD5 checksum: 10343584 dda622d41cbc718dc1e2202c50608f0f
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    Advisories

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"12","type":"x","order":"1","pct":3.91,"resources":[]},{"id":"159","title":"False","votes":"295","type":"x","order":"2","pct":96.09,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    You have already voted for this poll.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.