The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security > Security Advisories (RSS)
USN-574-1: Linux kernel vulnerabilities USN-574-1: Linux kernel vulnerabilities
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


Security Advisories (RSS) UNIX and Linux Security Advisories Via RSS News

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
USN-614-1: Linux kernel vulnerabilities iBot Security Advisories (RSS) 0 06-03-2008 01:09 PM
Ubuntu: Linux kernel vulnerabilities iBot Security Advisories (RSS) 0 02-14-2008 06:20 AM
USN-578-1: Linux kernel vulnerabilities iBot Security Advisories (RSS) 0 02-13-2008 09:00 PM
Ubuntu: Linux kernel vulnerabilities iBot Security Advisories (RSS) 0 02-04-2008 03:50 PM
USN-558-1: Linux kernel vulnerabilities iBot Security Advisories (RSS) 0 12-23-2007 08:52 PM

Reply
 
Submit Tools LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-04-2008
iBot's Avatar
RSS Robot Girl
  

Join Date: Sep 2000
Posts: 14,302
Stumble this Post!
USN-574-1: Linux kernel vulnerabilities
Referenced CVEs:
CVE-2006-6058, CVE-2007-3107, CVE-2007-4567, CVE-2007-4849, CVE-2007-4997, CVE-2007-5093, CVE-2007-5500, CVE-2007-5501, CVE-2007-5966, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206, CVE-2007-6417, CVE-2008-0001


Description:
=========================================================== Ubuntu Security Notice USN-574-1 February 04, 2008linux-source-2.6.17/20/22 vulnerabilitiesCVE-2006-6058, CVE-2007-3107, CVE-2007-4567, CVE-2007-4849,CVE-2007-4997, CVE-2007-5093, CVE-2007-5500, CVE-2007-5501,CVE-2007-5966, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206,CVE-2007-6417, CVE-2008-0001===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.10: linux-image-2.6.17-12-386 2.6.17.1-12.43 linux-image-2.6.17-12-generic 2.6.17.1-12.43 linux-image-2.6.17-12-hppa32 2.6.17.1-12.43 linux-image-2.6.17-12-hppa64 2.6.17.1-12.43 linux-image-2.6.17-12-itanium 2.6.17.1-12.43 linux-image-2.6.17-12-mckinley 2.6.17.1-12.43 linux-image-2.6.17-12-powerpc 2.6.17.1-12.43 linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.43 linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.43 linux-image-2.6.17-12-server 2.6.17.1-12.43 linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.43 linux-image-2.6.17-12-sparc64 2.6.17.1-12.43 linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.43Ubuntu 7.04: linux-image-2.6.20-16-386 2.6.20-16.34 linux-image-2.6.20-16-generic 2.6.20-16.34 linux-image-2.6.20-16-hppa32 2.6.20-16.34 linux-image-2.6.20-16-hppa64 2.6.20-16.34 linux-image-2.6.20-16-itanium 2.6.20-16.34 linux-image-2.6.20-16-lowlatency 2.6.20-16.34 linux-image-2.6.20-16-mckinley 2.6.20-16.34 linux-image-2.6.20-16-powerpc 2.6.20-16.34 linux-image-2.6.20-16-powerpc-smp 2.6.20-16.34 linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.34 linux-image-2.6.20-16-server 2.6.20-16.34 linux-image-2.6.20-16-server-bigiron 2.6.20-16.34 linux-image-2.6.20-16-sparc64 2.6.20-16.34 linux-image-2.6.20-16-sparc64-smp 2.6.20-16.34Ubuntu 7.10: linux-image-2.6.22-14-386 2.6.22-14.51 linux-image-2.6.22-14-cell 2.6.22-14.51 linux-image-2.6.22-14-generic 2.6.22-14.51 linux-image-2.6.22-14-hppa32 2.6.22-14.51 linux-image-2.6.22-14-hppa64 2.6.22-14.51 linux-image-2.6.22-14-itanium 2.6.22-14.51 linux-image-2.6.22-14-lpia 2.6.22-14.51 linux-image-2.6.22-14-lpiacompat 2.6.22-14.51 linux-image-2.6.22-14-mckinley 2.6.22-14.51 linux-image-2.6.22-14-powerpc 2.6.22-14.51 linux-image-2.6.22-14-powerpc-smp 2.6.22-14.51 linux-image-2.6.22-14-powerpc64-smp 2.6.22-14.51 linux-image-2.6.22-14-rt 2.6.22-14.51 linux-image-2.6.22-14-server 2.6.22-14.51 linux-image-2.6.22-14-sparc64 2.6.22-14.51 linux-image-2.6.22-14-sparc64-smp 2.6.22-14.51 linux-image-2.6.22-14-ume 2.6.22-14.51 linux-image-2.6.22-14-virtual 2.6.22-14.51 linux-image-2.6.22-14-xen 2.6.22-14.51After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:The minix filesystem did not properly validate certain filesystemvalues. If a local attacker could trick the system into attemptingto mount a corrupted minix filesystem, the kernel could be made tohang for long periods of time, resulting in a denial of service.This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2006-6058)The signal handling on PowerPC systems using HTX allowed local usersto cause a denial of service via floating point corruption. This wasonly vulnerable in Ubuntu 6.10 and 7.04. (CVE-2007-3107)The Linux kernel did not properly validate the hop-by-hop IPv6extended header. Remote attackers could send a crafted IPv6 packetand cause a denial of service via kernel panic. This was onlyvulnerable in Ubuntu 7.04. (CVE-2007-4567)The JFFS2 filesystem with ACL support enabled did not properly storepermissions during inode creation and ACL setting. Local users couldpossibly access restricted files after a remount. This was onlyvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4849)Chris Evans discovered an issue with certain drivers that use theieee80211_rx function. Remote attackers could send a crafted 802.11frame and cause a denial of service via crash. This was onlyvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-4997)Alex Smith discovered an issue with the pwc driver for certain webcamdevices. A local user with physical access to the system could removethe device while a userspace application had it open and cause the USBsubsystem to block. This was only vulnerable in Ubuntu 7.04.(CVE-2007-5093)Scott James Remnant discovered a coding error in ptrace. Local userscould exploit this and cause the kernel to enter an infinite loop.This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-5500)It was discovered that the Linux kernel could dereference a NULLpointer when processing certain IPv4 TCP packets. A remote attackercould send a crafted TCP ACK response and cause a denial of servicevia crash. This was only vulnerable in Ubuntu 7.10. (CVE-2007-5501)Warren Togami discovered that the hrtimer subsystem did not properlycheck for large relative timeouts. A local user could exploit this andcause a denial of service via soft lockup. (CVE-2007-5966)Venustech AD-LAB discovered a buffer overflow in the isdn netsubsystem. This issue is exploitable by local users via crafted inputto the isdn_ioctl function. (CVE-2007-6063)It was discovered that the isdn subsystem did not properly check forNULL termination when performing ioctl handling. A local user couldexploit this to cause a denial of service. (CVE-2007-6151)Blake Frantz discovered that when a root process overwrote an existingcore file, the resulting core file retained the previous core file'sownership. Local users could exploit this to gain access to sensitiveinformation. (CVE-2007-6206)Hugh Dickins discovered the when using the tmpfs filesystem, underrare circumstances, a kernel page may be improperly cleared. A localuser may be able to exploit this and read sensitive kernel data orcause a denial of service via crash. (CVE-2007-6417)Bill Roman discovered that the VFS subsystem did not properly checkaccess modes. A local user may be able to gain removal privileges ondirectories. (CVE-2008-0001)





More...
Reply With Quote
Google The UNIX and Linux Forums
Forum Sponsor
Reply

« Mandriva: Updated ruby-gnome2 packages fix arbitrary code | Ubuntu: Linux kernel vulnerabilities »
Thread Tools
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 12:09 AM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008 The CEP Blog All Rights Reserved -Ad Management by RedTyger Visit The Global Fact Book

Content Relevant URLs by vBSEO 3.2.0