USN-577-1: Linux kernel vulnerability - Security Advisories (RSS)

iBot · #1 02-12-2008

Referenced CVEs:
CVE-2008-0600

Description:
=========================================================== Ubuntu Security Notice USN-577-1 February 12, 2008linux-source-2.6.17/20/22 vulnerabilityCVE-2008-0600===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.10: linux-image-2.6.17-12-386 2.6.17.1-12.44 linux-image-2.6.17-12-generic 2.6.17.1-12.44 linux-image-2.6.17-12-hppa32 2.6.17.1-12.44 linux-image-2.6.17-12-hppa64 2.6.17.1-12.44 linux-image-2.6.17-12-itanium 2.6.17.1-12.44 linux-image-2.6.17-12-mckinley 2.6.17.1-12.44 linux-image-2.6.17-12-powerpc 2.6.17.1-12.44 linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.44 linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.44 linux-image-2.6.17-12-server 2.6.17.1-12.44 linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.44 linux-image-2.6.17-12-sparc64 2.6.17.1-12.44 linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.44Ubuntu 7.04: linux-image-2.6.20-16-386 2.6.20-16.35 linux-image-2.6.20-16-generic 2.6.20-16.35 linux-image-2.6.20-16-hppa32 2.6.20-16.35 linux-image-2.6.20-16-hppa64 2.6.20-16.35 linux-image-2.6.20-16-itanium 2.6.20-16.35 linux-image-2.6.20-16-lowlatency 2.6.20-16.35 linux-image-2.6.20-16-mckinley 2.6.20-16.35 linux-image-2.6.20-16-powerpc 2.6.20-16.35 linux-image-2.6.20-16-powerpc-smp 2.6.20-16.35 linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.35 linux-image-2.6.20-16-server 2.6.20-16.35 linux-image-2.6.20-16-server-bigiron 2.6.20-16.35 linux-image-2.6.20-16-sparc64 2.6.20-16.35 linux-image-2.6.20-16-sparc64-smp 2.6.20-16.35Ubuntu 7.10: linux-image-2.6.22-14-386 2.6.22-14.52 linux-image-2.6.22-14-cell 2.6.22-14.52 linux-image-2.6.22-14-generic 2.6.22-14.52 linux-image-2.6.22-14-hppa32 2.6.22-14.52 linux-image-2.6.22-14-hppa64 2.6.22-14.52 linux-image-2.6.22-14-itanium 2.6.22-14.52 linux-image-2.6.22-14-lpia 2.6.22-14.52 linux-image-2.6.22-14-lpiacompat 2.6.22-14.52 linux-image-2.6.22-14-mckinley 2.6.22-14.52 linux-image-2.6.22-14-powerpc 2.6.22-14.52 linux-image-2.6.22-14-powerpc-smp 2.6.22-14.52 linux-image-2.6.22-14-powerpc64-smp 2.6.22-14.52 linux-image-2.6.22-14-rt 2.6.22-14.52 linux-image-2.6.22-14-server 2.6.22-14.52 linux-image-2.6.22-14-sparc64 2.6.22-14.52 linux-image-2.6.22-14-sparc64-smp 2.6.22-14.52 linux-image-2.6.22-14-ume 2.6.22-14.52 linux-image-2.6.22-14-virtual 2.6.22-14.52 linux-image-2.6.22-14-xen 2.6.22-14.52After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:Wojciech Purczynski discovered that the vmsplice system call didnot properly perform verification of user-memory pointers. A localattacker could exploit this to overwrite arbitrary kernel memoryand gain root privileges. (CVE-2008-0600)

More...

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
Kernel Mode Linux 2.6.25_001 (For Linux 2.6 branch)	iBot	Software Releases - RSS News	0	04-24-2008 01:00 AM
Mandriva: Updated kernel packages fix vulnerability	iBot	Security Advisories (RSS)	0	04-16-2008 05:20 AM
S-258: Vulnerability in Windows Kernel	iBot	Security Advisories (RSS)	0	04-09-2008 03:00 PM
Ubuntu: Linux kernel vulnerability	iBot	Security Advisories (RSS)	0	02-12-2008 02:00 PM
S-079: Vulnerability in Windows Kernel	iBot	Security Advisories (RSS)	0	12-24-2007 06:40 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode