The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-47-1] Linux kernel vulnerabilities


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Thu, 23 Dec 2004 08:54:49 +0100
From: Martin Pitt <martin.pitt@canonical.com.>
To: [email protected]
Subject: [USN-47-1] Linux kernel vulnerabilities
Cc: [email protected], [email protected]


--UHN/qo2QbUvPLonB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


Ubuntu Security Notice USN-47-1 December 23, 2004 linux-source-2.6.8.1 vulnerabilities http://lists.netsys.com/pipermail/full-disclosure/2004-December/030011.html
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: linux-image-2.6.8.1-4-386 linux-image-2.6.8.1-4-686 linux-image-2.6.8.1-4-686-smp linux-image-2.6.8.1-4-amd64-generic linux-image-2.6.8.1-4-amd64-k8 linux-image-2.6.8.1-4-amd64-k8-smp linux-image-2.6.8.1-4-amd64-xeon linux-image-2.6.8.1-4-k7 linux-image-2.6.8.1-4-k7-smp linux-image-2.6.8.1-4-power3 linux-image-2.6.8.1-4-power3-smp linux-image-2.6.8.1-4-power4 linux-image-2.6.8.1-4-power4-smp linux-image-2.6.8.1-4-powerpc linux-image-2.6.8.1-4-powerpc-smp The problem can be corrected by upgrading the affected package to version 2.6.8.1-16.5. You need to reboot the computer after doing a standard system upgrade to effect the necessary changes. Details follow: Georgi Guninski discovered two Denial of Service vulnerabilities in the Linux kernel. An integer overflow in the vc_resize() function caused the memory allocation for the new screen being too short, thus causing a buffer overflow and a kernel crash. There was also a memory leak in the ip_options_get() function. Calling ip_cmsg_send() very often would gradually exhaust memory. Note: The original advisory (see URL above) also mentions a "ip_options_get integer overflow". This was already fixed in USN-38-1 (known as CAN-2004-1016). Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.5.diff.gz Size/MD5: 3123334 d7a3634a7139758ecc0f5a0dbbb29ef2 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.5.dsc Size/MD5: 1981 68671156b865baab309269c3fd080ca9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1.orig.tar.gz Size/MD5: 44728688 79730a3ad4773ba65fab65515369df84 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-doc-2.6.8.1_2.6.8.1-16.5_all.deb Size/MD5: 6161580 f433a82382d1fbba3c96812b38fe58db http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-patch-debian-2.6.8.1_2.6.8.1-16.5_all.deb Size/MD5: 1472240 0f2665773cf070f4ddc42cc77453bf2c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.5_all.deb Size/MD5: 36717112 8d5fa2c345279e74ec75040e6a146b08 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-tree-2.6.8.1_2.6.8.1-16.5_all.deb Size/MD5: 306836 1319cea25c4fddbf9e360895a099721c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-generic_2.6.8.1-16.5_amd64.deb Size/MD5: 247126 4e685fd7ad6f4a9d45748421ffeca3f3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.5_amd64.deb Size/MD5: 242652 8e7c2a39923255281b033fa78b19ad52 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8_2.6.8.1-16.5_amd64.deb Size/MD5: 246192 8df8b12706511e0b6f239ec13124f96b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-xeon_2.6.8.1-16.5_amd64.deb Size/MD5: 241166 7867551ef24da00c7438ae33fdafc529 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.5_amd64.deb Size/MD5: 3177688 c40945672004fef7691c4165c4d5241c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-generic_2.6.8.1-16.5_amd64.deb Size/MD5: 14352924 0d4270aa409bcb2ded722b7b370e7939 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.5_amd64.deb Size/MD5: 14827756 7b723ef0e66dc38c3f03efcd2252b5e0 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8_2.6.8.1-16.5_amd64.deb Size/MD5: 14861110 69eb4d9270f729ee268d8d929750771c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-xeon_2.6.8.1-16.5_amd64.deb Size/MD5: 14680104 c355cf90c5a3ead96e30a5c77ee46500 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-386_2.6.8.1-16.5_i386.deb Size/MD5: 275848 7f0118b997b752596e2aeca307a852d9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686-smp_2.6.8.1-16.5_i386.deb Size/MD5: 270434 005ee0b62cbfdd73638e83e617e3b6a6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686_2.6.8.1-16.5_i386.deb Size/MD5: 273676 9b3b9bd2af291b33fc0d935e48d0b7a5 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7-smp_2.6.8.1-16.5_i386.deb Size/MD5: 270924 4e0233fa9b043c3eaabf0f2f5c7e1e61 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7_2.6.8.1-16.5_i386.deb Size/MD5: 273658 eddcbdeaa3161aedb69642c3d734905c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.5_i386.deb Size/MD5: 3218274 cf558c97e570560ea6c34545fffcafc6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-386_2.6.8.1-16.5_i386.deb Size/MD5: 15495552 c74bd1e9f1de14af34b942e3f6479016 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686-smp_2.6.8.1-16.5_i386.deb Size/MD5: 16344414 d9ba499c886b3bfbb1e2be287aa6e122 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686_2.6.8.1-16.5_i386.deb Size/MD5: 16509784 7b20e5fbc804d737208fea155e468a20 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7-smp_2.6.8.1-16.5_i386.deb Size/MD5: 16446628 b9312c77ce6e9c63994ed35f85cb0f3b http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7_2.6.8.1-16.5_i386.deb Size/MD5: 16572214 86783b3d3dc5b07fb736ffa1028235eb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 211822 e65803533cc1d5c51b2a410fd9c5cfe4 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3_2.6.8.1-16.5_powerpc.deb Size/MD5: 212626 d2243871347cb3b5255010756a460aac http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 211652 1ecd860f9b13dcc0cdc30a656577f602 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4_2.6.8.1-16.5_powerpc.deb Size/MD5: 212354 60d82bdb2dc1feb3649d465d64226c8d http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 212282 d5fe841e0ea11b1999f5c1a8d66339f1 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc_2.6.8.1-16.5_powerpc.deb Size/MD5: 213872 02f0845a7bbe951869619d703ec6c68c http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.5_powerpc.deb Size/MD5: 3295926 98bad75561e8a21eee0231678a6186b3 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 16365334 3a62029e7d42a4b59d93cdba13fbbce9 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3_2.6.8.1-16.5_powerpc.deb Size/MD5: 15942648 5eeb0c701107adc8cc5e5d41e8505133 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 16351052 c858fd5db92bc6c2d599243049667d95 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4_2.6.8.1-16.5_powerpc.deb Size/MD5: 15921960 abcf6b1e43a5153888530106ef6b27b6 http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc-smp_2.6.8.1-16.5_powerpc.deb Size/MD5: 16288522 3877efda049610da6a0aea0b7afec4cf http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc_2.6.8.1-16.5_powerpc.deb Size/MD5: 15976844 e13c0c2cbb49c95dd9fd78191858add0 --UHN/qo2QbUvPLonB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBynnJDecnbV4Fd/IRAuXvAKCHNxpOwbDKCeLG99U221VpPfgrrQCgspe8 9geJd/44KL0zgRHoGMdyrew= =CGZs -----END PGP SIGNATURE----- --UHN/qo2QbUvPLonB--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру