USN-625-1: Linux kernel vulnerabilities

iBot · #1 (**permalink**) 07-15-2008

Referenced CVEs:
CVE-2007-6282, CVE-2007-6712, CVE-2008-0598, CVE-2008-1615, CVE-2008-1673, CVE-2008-2136, CVE-2008-2137, CVE-2008-2148, CVE-2008-2358, CVE-2008-2365, CVE-2008-2729, CVE-2008-2750, CVE-2008-2826

Description:
=========================================================== Ubuntu Security Notice USN-625-1 July 15, 2008 linux, linux-source-2.6.15/20/22 vulnerabilities CVE-2007-6282, CVE-2007-6712, CVE-2008-0598, CVE-2008-1615, CVE-2008-1673, CVE-2008-2136, CVE-2008-2137, CVE-2008-2148, CVE-2008-2358, CVE-2008-2365, CVE-2008-2729, CVE-2008-2750, CVE-2008-2826 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.69 linux-image-2.6.15-52-686 2.6.15-52.69 linux-image-2.6.15-52-amd64-generic 2.6.15-52.69 linux-image-2.6.15-52-amd64-k8 2.6.15-52.69 linux-image-2.6.15-52-amd64-server 2.6.15-52.69 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.69 linux-image-2.6.15-52-hppa32 2.6.15-52.69 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.69 linux-image-2.6.15-52-hppa64 2.6.15-52.69 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.69 linux-image-2.6.15-52-itanium 2.6.15-52.69 linux-image-2.6.15-52-itanium-smp 2.6.15-52.69 linux-image-2.6.15-52-k7 2.6.15-52.69 linux-image-2.6.15-52-mckinley 2.6.15-52.69 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.69 linux-image-2.6.15-52-powerpc 2.6.15-52.69 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.69 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.69 linux-image-2.6.15-52-server 2.6.15-52.69 linux-image-2.6.15-52-server-bigiron 2.6.15-52.69 linux-image-2.6.15-52-sparc64 2.6.15-52.69 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.69 Ubuntu 7.04: linux-image-2.6.20-17-386 2.6.20-17.37 linux-image-2.6.20-17-generic 2.6.20-17.37 linux-image-2.6.20-17-hppa32 2.6.20-17.37 linux-image-2.6.20-17-hppa64 2.6.20-17.37 linux-image-2.6.20-17-itanium 2.6.20-17.37 linux-image-2.6.20-17-lowlatency 2.6.20-17.37 linux-image-2.6.20-17-mckinley 2.6.20-17.37 linux-image-2.6.20-17-powerpc 2.6.20-17.37 linux-image-2.6.20-17-powerpc-smp 2.6.20-17.37 linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.37 linux-image-2.6.20-17-server 2.6.20-17.37 linux-image-2.6.20-17-server-bigiron 2.6.20-17.37 linux-image-2.6.20-17-sparc64 2.6.20-17.37 linux-image-2.6.20-17-sparc64-smp 2.6.20-17.37 Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.56 linux-image-2.6.22-15-cell 2.6.22-15.56 linux-image-2.6.22-15-generic 2.6.22-15.56 linux-image-2.6.22-15-hppa32 2.6.22-15.56 linux-image-2.6.22-15-hppa64 2.6.22-15.56 linux-image-2.6.22-15-itanium 2.6.22-15.56 linux-image-2.6.22-15-lpia 2.6.22-15.56 linux-image-2.6.22-15-lpiacompat 2.6.22-15.56 linux-image-2.6.22-15-mckinley 2.6.22-15.56 linux-image-2.6.22-15-powerpc 2.6.22-15.56 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.56 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.56 linux-image-2.6.22-15-rt 2.6.22-15.56 linux-image-2.6.22-15-server 2.6.22-15.56 linux-image-2.6.22-15-sparc64 2.6.22-15.56 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.56 linux-image-2.6.22-15-ume 2.6.22-15.56 linux-image-2.6.22-15-virtual 2.6.22-15.56 linux-image-2.6.22-15-xen 2.6.22-15.56 Ubuntu 8.04 LTS: linux-image-2.6.24-19-386 2.6.24-19.36 linux-image-2.6.24-19-generic 2.6.24-19.36 linux-image-2.6.24-19-hppa32 2.6.24-19.36 linux-image-2.6.24-19-hppa64 2.6.24-19.36 linux-image-2.6.24-19-itanium 2.6.24-19.36 linux-image-2.6.24-19-lpia 2.6.24-19.36 linux-image-2.6.24-19-lpiacompat 2.6.24-19.36 linux-image-2.6.24-19-mckinley 2.6.24-19.36 linux-image-2.6.24-19-openvz 2.6.24-19.36 linux-image-2.6.24-19-powerpc 2.6.24-19.36 linux-image-2.6.24-19-powerpc-smp 2.6.24-19.36 linux-image-2.6.24-19-powerpc64-smp 2.6.24-19.36 linux-image-2.6.24-19-rt 2.6.24-19.36 linux-image-2.6.24-19-server 2.6.24-19.36 linux-image-2.6.24-19-sparc64 2.6.24-19.36 linux-image-2.6.24-19-sparc64-smp 2.6.24-19.36 linux-image-2.6.24-19-virtual 2.6.24-19.36 linux-image-2.6.24-19-xen 2.6.24-19.36 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2007-6282) Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712) Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598) Jan Kratochvil discovered that PTRACE did not correctly handle certain calls when running under 64bit kernels. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-1615) Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT did not correctly handle certain length values. Remote attackers could exploit this to execute arbitrary code or crash the system. (CVE-2008-1673) Paul Marks discovered that the SIT interfaces did not correctly manage allocated memory. A remote attacker could exploit this to fill all available memory, leading to a denial of service. (CVE-2008-2136) David Miller and Jan Lieskovsky discovered that the Sparc kernel did not correctly range-check memory regions allocated with mmap. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2137) The sys_utimensat system call did not correctly check file permissions in certain situations. A local attacker could exploit this to modify the file times of arbitrary files which could lead to a denial of service. (CVE-2008-2148) Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code. (CVE-2008-2358) A race condition was discovered between ptrace and utrace in the kernel. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2365) The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729) The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750) Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826)

More...

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
USN-618-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	06-19-2008 07:40 PM
USN-614-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	06-03-2008 04:09 PM
USN-578-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	02-14-2008 01:00 AM
USN-574-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	02-04-2008 02:50 PM
USN-558-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	12-24-2007 12:52 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode	Rate This Thread:


	Powered by