USN-679-1: Linux kernel vulnerabilities

iBot · #1 (**permalink**) 11-27-2008

Referenced CVEs:
CVE-2007-5498, CVE-2008-3831, CVE-2008-4210, CVE-2008-4554, CVE-2008-4576, CVE-2008-4618, CVE-2008-4933, CVE-2008-4934, CVE-2008-5025, CVE-2008-5029, CVE-2008-5033

Description:
===========================================================Ubuntu Security Notice USN-679-1 November 27, 2008linux, linux-source-2.6.15/22 vulnerabilitiesCVE-2007-5498, CVE-2008-3831, CVE-2008-4210, CVE-2008-4554,CVE-2008-4576, CVE-2008-4618, CVE-2008-4933, CVE-2008-4934,CVE-2008-5025, CVE-2008-5029, CVE-2008-5033===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: linux-image-2.6.15-53-386 2.6.15-53.74 linux-image-2.6.15-53-686 2.6.15-53.74 linux-image-2.6.15-53-amd64-generic 2.6.15-53.74 linux-image-2.6.15-53-amd64-k8 2.6.15-53.74 linux-image-2.6.15-53-amd64-server 2.6.15-53.74 linux-image-2.6.15-53-amd64-xeon 2.6.15-53.74 linux-image-2.6.15-53-hppa32 2.6.15-53.74 linux-image-2.6.15-53-hppa32-smp 2.6.15-53.74 linux-image-2.6.15-53-hppa64 2.6.15-53.74 linux-image-2.6.15-53-hppa64-smp 2.6.15-53.74 linux-image-2.6.15-53-itanium 2.6.15-53.74 linux-image-2.6.15-53-itanium-smp 2.6.15-53.74 linux-image-2.6.15-53-k7 2.6.15-53.74 linux-image-2.6.15-53-mckinley 2.6.15-53.74 linux-image-2.6.15-53-mckinley-smp 2.6.15-53.74 linux-image-2.6.15-53-powerpc 2.6.15-53.74 linux-image-2.6.15-53-powerpc-smp 2.6.15-53.74 linux-image-2.6.15-53-powerpc64-smp 2.6.15-53.74 linux-image-2.6.15-53-server 2.6.15-53.74 linux-image-2.6.15-53-server-bigiron 2.6.15-53.74 linux-image-2.6.15-53-sparc64 2.6.15-53.74 linux-image-2.6.15-53-sparc64-smp 2.6.15-53.74Ubuntu 7.10: linux-image-2.6.22-16-386 2.6.22-16.60 linux-image-2.6.22-16-cell 2.6.22-16.60 linux-image-2.6.22-16-generic 2.6.22-16.60 linux-image-2.6.22-16-hppa32 2.6.22-16.60 linux-image-2.6.22-16-hppa64 2.6.22-16.60 linux-image-2.6.22-16-itanium 2.6.22-16.60 linux-image-2.6.22-16-lpia 2.6.22-16.60 linux-image-2.6.22-16-lpiacompat 2.6.22-16.60 linux-image-2.6.22-16-mckinley 2.6.22-16.60 linux-image-2.6.22-16-powerpc 2.6.22-16.60 linux-image-2.6.22-16-powerpc-smp 2.6.22-16.60 linux-image-2.6.22-16-powerpc64-smp 2.6.22-16.60 linux-image-2.6.22-16-rt 2.6.22-16.60 linux-image-2.6.22-16-server 2.6.22-16.60 linux-image-2.6.22-16-sparc64 2.6.22-16.60 linux-image-2.6.22-16-sparc64-smp 2.6.22-16.60 linux-image-2.6.22-16-ume 2.6.22-16.60 linux-image-2.6.22-16-virtual 2.6.22-16.60 linux-image-2.6.22-16-xen 2.6.22-16.60Ubuntu 8.04 LTS: linux-image-2.6.24-22-386 2.6.24-22.45 linux-image-2.6.24-22-generic 2.6.24-22.45 linux-image-2.6.24-22-hppa32 2.6.24-22.45 linux-image-2.6.24-22-hppa64 2.6.24-22.45 linux-image-2.6.24-22-itanium 2.6.24-22.45 linux-image-2.6.24-22-lpia 2.6.24-22.45 linux-image-2.6.24-22-lpiacompat 2.6.24-22.45 linux-image-2.6.24-22-mckinley 2.6.24-22.45 linux-image-2.6.24-22-openvz 2.6.24-22.45 linux-image-2.6.24-22-powerpc 2.6.24-22.45 linux-image-2.6.24-22-powerpc-smp 2.6.24-22.45 linux-image-2.6.24-22-powerpc64-smp 2.6.24-22.45 linux-image-2.6.24-22-rt 2.6.24-22.45 linux-image-2.6.24-22-server 2.6.24-22.45 linux-image-2.6.24-22-sparc64 2.6.24-22.45 linux-image-2.6.24-22-sparc64-smp 2.6.24-22.45 linux-image-2.6.24-22-virtual 2.6.24-22.45 linux-image-2.6.24-22-xen 2.6.24-22.45Ubuntu 8.10: linux-image-2.6.27-9-generic 2.6.27-9.19 linux-image-2.6.27-9-server 2.6.27-9.19 linux-image-2.6.27-9-virtual 2.6.27-9.19After a standard system upgrade you need to reboot your computer toeffect the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed. Ifyou use linux-restricted-modules, you have to update that package aswell to get modules which work with the new kernel version. Unless youmanually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-server, linux-powerpc), a standard system upgrade will automaticallyperform this as well.Details follow:It was discovered that the Xen hypervisor block driver did not correctlyvalidate requests. A user with root privileges in a guest OS could make amalicious IO request with a large number of blocks that would crash thehost OS, leading to a denial of service. This only affected Ubuntu 7.10.(CVE-2007-5498)It was discovered the the i915 video driver did not correctly validatememory addresses. A local attacker could exploit this to remap memory thatcould cause a system crash, leading to a denial of service. This issue didnot affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 inUSN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831)David Watson discovered that the kernel did not correctly strip permissionswhen creating files in setgid directories. A local user could exploit thisto gain additional group privileges. This issue only affected Ubuntu 6.06.(CVE-2008-4210)Olaf Kirch and Miklos Szeredi discovered that the Linux kernel didnot correctly reject the "append" flag when handling file splicerequests. A local attacker could bypass append mode and make changes toarbitrary locations in a file. This issue only affected Ubuntu 7.10 and8.04. (CVE-2008-4554)It was discovered that the SCTP stack did not correctly handle INIT-ACK. Aremote user could exploit this by sending specially crafted SCTP trafficwhich would trigger a crash in the system, leading to a denial of service.This issue did not affect Ubuntu 8.10. (CVE-2008-4576)It was discovered that the SCTP stack did not correctly handle bad packetlengths. A remote user could exploit this by sending specially crafted SCTPtraffic which would trigger a crash in the system, leading to a denial ofservice. This issue did not affect Ubuntu 8.10. (CVE-2008-4618)Eric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If alocal user or automated system were tricked into mounting a malicious HFS+filesystem, the system could crash, leading to a denial of service.(CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)It was discovered that the Unix Socket handler did not correctly processthe SCM_RIGHTS message. A local attacker could make a malicious socketrequest that would crash the system, leading to a denial of service.(CVE-2008-5029)It was discovered that the driver for simple i2c audio interfaces did notcorrectly validate certain function pointers. A local user could exploitthis to gain root privileges or crash the system, leading to a denial ofservice. (CVE-2008-5033)

More...

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
USN-659-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	10-27-2008 07:40 PM
USN-637-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	08-25-2008 05:00 PM
USN-614-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	06-03-2008 05:09 PM
USN-578-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	02-14-2008 01:00 AM
USN-574-1: Linux kernel vulnerabilities	iBot	Security Advisories (RSS)	0	02-04-2008 02:50 PM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Switch to Hybrid Mode Threaded Mode	Rate This Thread:


	Powered by