diff options
author | dann frazier <dannf@debian.org> | 2009-05-05 06:22:13 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2009-05-05 06:22:13 +0000 |
commit | 32f93d7e33335dbbedc16a5e0e9af9d53ded974a (patch) | |
tree | 9622e4a3c129ed20df17215530cf254a6b72e4cc /dsa-texts/2.6.18.dfsg.1-24etch2 | |
parent | 0f85dd72274016c88dd80b5d0dfc82f83dbc67cb (diff) |
start new draft
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1356 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/2.6.18.dfsg.1-24etch2')
-rw-r--r-- | dsa-texts/2.6.18.dfsg.1-24etch2 | 191 |
1 files changed, 191 insertions, 0 deletions
diff --git a/dsa-texts/2.6.18.dfsg.1-24etch2 b/dsa-texts/2.6.18.dfsg.1-24etch2 new file mode 100644 index 000000000..04d0d3b95 --- /dev/null +++ b/dsa-texts/2.6.18.dfsg.1-24etch2 @@ -0,0 +1,191 @@ +---------------------------------------------------------------------- +Debian Security Advisory DSA-XXXX-1 security@debian.org +http://www.debian.org/security/ dann frazier +May 5, 2009 http://www.debian.org/security/faq +---------------------------------------------------------------------- + +Package : linux-2.6 +Vulnerability : denial of service/privilege escalation/information leak +Problem type : local/remote +Debian-specific: no +CVE Id(s) : CVE-2008-4307 CVE-2008-5395 CVE-2008-5701 CVE-2008-5702 + CVE-2008-5713 CVE-2009-0028 CVE-2009-0029 CVE-2009-0031 + CVE-2009-0065 CVE-2009-0322 CVE-2009-0675 CVE-2009-0676 + CVE-2009-0834 CVE-2009-0859 CVE-2009-1192 CVE-2009-1265 + CVE-2009-1336 CVE-2009-1337 CVE-2009-1439 + +Several vulnerabilities have been discovered in the Linux kernel that +may lead to a denial of service or privilege escalation. The Common +Vulnerabilities and Exposures project identifies the following +problems: + +CVE-2008-4307 + + Bryn M. Reeves reported a denial of service in the NFS filesystem. + Local users can trigger a kernel BUG() due to a race condition in + the do_setlk function. + +CVE-2008-5395 + + Helge Deller discovered a denial of service condition that allows + local users on PA-RISC systems to crash a system by attempting to + unwind a stack contiaining userspace addresses. + +CVE-2008-5701 + + Vlad Malov reported an issue on 64-bit MIPS systems where a local + user could cause a system crash by crafing a malicious binary + which makes o32 syscalls with a number less than 4000. + +CVE-2008-5702 + + Zvonimir Rakamaric reported an off-by-one error in the ib700wdt + watchdog driver which allows local users to cause a buffer + underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl + call. + +CVE-2008-5713 + + Flavio Leitner discovered that a local user can cause a denial + of service by generating large amounts of traffic on a large SMP + system, resulting in soft lockups. + +CVE-2009-0028 + + Chris Evans discovered a situation in which a child process can + send an arbitrary signal to its parent. + +CVE-2009-0029 + + Christian Borntraeger discovered an issue effecting the alpha, + mips, powerpc, s390 and sparc64 architectures that allows local + users to cause a denial of service or potentially gain elevated + privileges. + +CVE-2009-0031 + + Vegard Nossum discovered a memory leak in the keyctl subsystem + that allows local users to cause a denial of service by consuming + all of kernel memory. + +CVE-2009-0065 + + Wei Yongjun discovered a memory overflow in the SCTP + implementation that can be triggered by remote users, permitting + remote code execution. + +CVE-2009-0322 + + Pavel Roskin provided a fix for an issue in the dell_rbu driver + that allows a local user to cause a denial of service (oops) by + reading 0 byts from a sysfs entry. + +CVE-2009-0675 + + Roel Kluin discovered inverted logic in the skfddi driver that + permits local, unprivileged users to reset the driver statistics. + +CVE-2009-0676 + + Clement LECIGNE discovered a bug in the sock_getsockopt function + that may result in leaking sensitive kernel memory. + +CVE-2009-0834 + + Roland McGrath discovered an issue on amd64 kernels that allows + local users to circumvent system call audit configurations which + filter based on the syscall numbers or argument details. + +CVE-2009-0859 + + Jiri Olsa discovered that a local user can cause a denial of + service (system hang) using a SHM_INFO shmctl call on kernels + compiled with CONFIG_SHMEM disabled. This issue does not affect + prebuilt Debian kernels. + +CVE-2009-1192 + + Shaohua Li reported an issue in the AGP subsystem they may allow + local users to read sensitive kernel memory due to a leak of + uninitialized memory. + +CVE-2009-1265 + + Thomas Pollet reported an overflow in the af_rose implementation + that allows remote attackers to retrieve uninitialized kernel + memory that may contain sensitive data. + +CVE-2009-1336 + + Trond Myklebust reported an issue in the encode_lookup() function in + the nfs server subsystem that allows local users to cause a denial + of service (oops in encode_lookup()) by use of a long filename. + +CVE-2009-1337 + + Oleg Nesterov discovered an issue in the exit_notify function that + allows local users to send an arbitrary signal to a process by + running a program that modifies the exit_signal field and then + uses an exec system call to launch a setuid application. + +CVE-2009-1439 + + Pavan Naregundi reported an issue in the CIFS filesystem code that + allows remote users to overwrite memory via a long + nativeFileSystem field in a Tree Connect response during mount. + +For the oldstable distribution (etch), this problem has been fixed in +version 2.6.18.dfsg.1-24etch2. + +We recommend that you upgrade your linux-2.6, fai-kernels, and +user-mode-linux packages. + +Note: Debian carefully tracks all known security issues across every +linux kernel package in all releases under active security support. +However, given the high frequency at which low-severity +security issues are discovered in the kernel and the resource +requirements of doing an update, updates for lower priority issues +will normally not be released for all kernels at the same time. Rather, +they will be released in a staggered or "leap-frog" fashion. + +Upgrade instructions +-------------------- + +wget url + will fetch the file for you +dpkg -i file.deb + will install the referenced file. + +If you are using the apt-get package manager, use the line for +sources.list as given below: + +apt-get update + will update the internal database +apt-get upgrade + will install corrected packages + +The following matrix lists additional source packages that were rebuilt for +compatability with or to take advantage of this update: + + Debian 4.0 (etch) + fai-kernels 1.17+etch.24etch2 + user-mode-linux 2.6.18-1um-2etch.24etch2 + +You may use an automated update by adding the resources from the +footer to the proper configuration. + +Debian GNU/Linux 4.0 alias etch +------------------------------- + +Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. + +[FILL IN] + + These changes will probably be included in the oldstable distribution on + its next update. + +--------------------------------------------------------------------------------- +For apt-get: deb http://security.debian.org/ oldstable/updates main +For dpkg-ftp: ftp://security.debian.org/debian-security dists/oldstable/updates/main +Mailing list: debian-security-announce@lists.debian.org +Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> |