To: [email protected]Subject: [ MDKSA-2006:182 ] - Updated kernel packages fix multiple vulnerabilities and bugs
Date: Wed, 11 Oct 2006 13:31:01 -0600
From: [email protected]
Reply-To: <xsecurity@mandriva.com.>
Message-Id: <E1GXjnB-0001mn-4Y@mercury.mandriva.com.>
Sender: QATeam User <qateam@mercury.mandriva.com.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:182
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kernel
Date : October 11, 2006
Affected: 2006.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
A number of vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
Stephane Eranian discovered an issue with permon2.0 where, under
certain circumstances, the perfmonctl() system call may not correctly
manage the file descriptor reference count, resulting in the system
possibly running out of file structure (CVE-2006-3741).
Prior to and including 2.6.17, the Universal Disk Format (UDF)
filesystem driver allowed local users to cause a DoS (hang and crash)
via certain operations involving truncated files (CVE-2006-4145).
Various versions of the Linux kernel allowed local users to cause a DoS
(crash) via an SCTP socket with a certain SO_LINGER value, which is
possibly related to the patch used to correct CVE-2006-3745
(CVE-2006-4535).
The Unidirectional Lightweight Encapsulation (ULE) decapsulation
component in the dvb driver allows remote attackers to cause a DoS
(crash) via an SNDU length of 0 in a ULE packet (CVE-2006-4623).
The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels immediately
and reboot to effect the fixes.
In addition to these security fixes, other fixes have been included
such as:
- added support for new devices: o NetXtreme BCM5715 gigabit ethernet o
NetXtreme II BCM5708 gigabit ethernet - enabled the CISS driver for Xen
kernels - updated ich8 support in ata_piix - enabled support for 1078
type controller in megaraid_sas - multiple fixes for RSBAC support
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3741http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4145http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4535http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4623
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2006.0:
d8faf35e32cfc95568dbd2ce8d1f6e92 2006.0/i586/kernel-2.6.12.27mdk-1-1mdk.i586.rpm
3ec9cc58717ccb16c5d743497d45aee5 2006.0/i586/kernel-BOOT-2.6.12.27mdk-1-1mdk.i586.rpm
050c572842f5320c1cb104d4008389a8 2006.0/i586/kernel-i586-up-1GB-2.6.12.27mdk-1-1mdk.i586.rpm
7ac9bee9d6ff4f213a682b7735a34082 2006.0/i586/kernel-i686-up-4GB-2.6.12.27mdk-1-1mdk.i586.rpm
a821b5a4aa6c7c91b45253e957f9ec3c 2006.0/i586/kernel-smp-2.6.12.27mdk-1-1mdk.i586.rpm
0e51831cb1a7967f2a2f3d09e1d6238b 2006.0/i586/kernel-source-2.6.12.27mdk-1-1mdk.i586.rpm
e6925888d3786d0c155e4f4adc7a0142 2006.0/i586/kernel-source-stripped-2.6.12.27mdk-1-1mdk.i586.rpm
1abfb3e150de3770f8356a105ecd5e55 2006.0/i586/kernel-xbox-2.6.12.27mdk-1-1mdk.i586.rpm
86d860464470c99ac3f6871e4767dfdb 2006.0/i586/kernel-xen0-2.6.12.27mdk-1-1mdk.i586.rpm
34f20f11bee8c983bbeb2b1be3bfef3b 2006.0/i586/kernel-xenU-2.6.12.27mdk-1-1mdk.i586.rpm
64ab6e424dd038ed0e88621fa81e35ed 2006.0/i586/librsbac1-1.2.4-2.2.20060mdk.i586.rpm
fbbf95ab0182abb136a4af282a590712 2006.0/i586/librsbac1-devel-1.2.4-2.2.20060mdk.i586.rpm
d4444ef71f26879a113290c043ca51a2 2006.0/i586/librsbac1-static-devel-1.2.4-2.2.20060mdk.i586.rpm
d4b1a61682997d8380a63a0203290fc8 2006.0/i586/rsbac-admin-1.2.4-2.2.20060mdk.i586.rpm
6fb3bdd2d5b644d4ecf34cb990cddba3 2006.0/i586/rsbac-admin-doc-1.2.4-2.2.20060mdk.i586.rpm
54eac72281d29e43fd15bd799ee035cc 2006.0/i586/xen-3.0.1-3.1.20060mdk.i586.rpm
b236c725547bdb34f42976809775bc80 2006.0/SRPMS/kernel-2.6.12.27mdk-1-1mdk.src.rpm
f8e1e2c9308f446f8d82672bd54a31c2 2006.0/SRPMS/rsbac-admin-1.2.4-2.2.20060mdk.src.rpm
5c15a1e42a872e50190e54707d86b905 2006.0/SRPMS/xen-3.0.1-3.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
f2972f89bf730a0bbd002094f96a3caa 2006.0/x86_64/kernel-2.6.12.27mdk-1-1mdk.x86_64.rpm
4f2c7977937f1df259112e2fb8cc26f7 2006.0/x86_64/kernel-BOOT-2.6.12.27mdk-1-1mdk.x86_64.rpm
fe8c8d296895b4222cb2b874c259b107 2006.0/x86_64/kernel-smp-2.6.12.27mdk-1-1mdk.x86_64.rpm
290b64f31677e30a9f13ec813232dae2 2006.0/x86_64/kernel-source-2.6.12.27mdk-1-1mdk.x86_64.rpm
8eabcaa13a8059e770b78471996f40de 2006.0/x86_64/kernel-source-stripped-2.6.12.27mdk-1-1mdk.x86_64.rpm
f1ba06f6fa1a14ff9398ab78689896f1 2006.0/x86_64/kernel-xen0-2.6.12.27mdk-1-1mdk.x86_64.rpm
2fb4bfde90f82c7e11732c7a3db1ef3d 2006.0/x86_64/kernel-xenU-2.6.12.27mdk-1-1mdk.x86_64.rpm
386e0cda535c19f82a515ce3ed797229 2006.0/x86_64/lib64rsbac1-1.2.4-2.2.20060mdk.x86_64.rpm
29f7f84683e216b7d49b2e9710cd5940 2006.0/x86_64/lib64rsbac1-devel-1.2.4-2.2.20060mdk.x86_64.rpm
ed97cb6ad0b05b3d5c5747882d557d6c 2006.0/x86_64/lib64rsbac1-static-devel-1.2.4-2.2.20060mdk.x86_64.rpm
6d7d10cecdb2aca8d0bbbbbe6abcc9fc 2006.0/x86_64/rsbac-admin-1.2.4-2.2.20060mdk.x86_64.rpm
cb8ae483fa0acbf907db110cbef8e541 2006.0/x86_64/rsbac-admin-doc-1.2.4-2.2.20060mdk.x86_64.rpm
b51fa9245d08903dbc831bee40ccab0b 2006.0/x86_64/xen-3.0.1-3.1.20060mdk.x86_64.rpm
b236c725547bdb34f42976809775bc80 2006.0/SRPMS/kernel-2.6.12.27mdk-1-1mdk.src.rpm
f8e1e2c9308f446f8d82672bd54a31c2 2006.0/SRPMS/rsbac-admin-1.2.4-2.2.20060mdk.src.rpm
5c15a1e42a872e50190e54707d86b905 2006.0/SRPMS/xen-3.0.1-3.1.20060mdk.src.rpm
Corporate 4.0:
3b2adac329c9dfdd5875a66327f6c506 corporate/4.0/i586/kernel-2.6.12.27mdk-1-1mdk.i586.rpm
7e4d5c3db171cb62f012f508736ca736 corporate/4.0/i586/kernel-BOOT-2.6.12.27mdk-1-1mdk.i586.rpm
0b5f661f85521d01c52329b141cebd9f corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.27mdk-1-1mdk.i586.rpm
538152322cfeda563bebb919970a63af corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.27mdk-1-1mdk.i586.rpm
b3f27f71a3a69e3d76d3f46d34ee0591 corporate/4.0/i586/kernel-smp-2.6.12.27mdk-1-1mdk.i586.rpm
8b5854dd9a79bb61b110e10c1e2e7d83 corporate/4.0/i586/kernel-source-2.6.12.27mdk-1-1mdk.i586.rpm
8c50838b026549cb92b5e2de5f202249 corporate/4.0/i586/kernel-source-stripped-2.6.12.27mdk-1-1mdk.i586.rpm
3a9ca53e1aad4ba927120b607cf553ea corporate/4.0/i586/kernel-xbox-2.6.12.27mdk-1-1mdk.i586.rpm
92813f5d123c492559c94f08aa5aa898 corporate/4.0/i586/kernel-xen0-2.6.12.27mdk-1-1mdk.i586.rpm
e05f283aa3513c6c6059535f18edd3df corporate/4.0/i586/kernel-xenU-2.6.12.27mdk-1-1mdk.i586.rpm
d45d9c28807552aaef5ae0ecbe4f05b6 corporate/4.0/SRPMS/kernel-2.6.12.27mdk-1-1mdk.src.rpm
Corporate 4.0/X86_64:
7dbe002fd4f2a61b26f64d9cff1bd096 corporate/4.0/x86_64/kernel-2.6.12.27mdk-1-1mdk.x86_64.rpm
644f841f2523a00613f63bd10a49ec74 corporate/4.0/x86_64/kernel-BOOT-2.6.12.27mdk-1-1mdk.x86_64.rpm
7a749e0e889eb5f62a0c9ef8925a522d corporate/4.0/x86_64/kernel-smp-2.6.12.27mdk-1-1mdk.x86_64.rpm
15683140a8b3dad7a8f2a9794330ed02 corporate/4.0/x86_64/kernel-source-2.6.12.27mdk-1-1mdk.x86_64.rpm
cd90d18a81263272d54caf5d681bf54b corporate/4.0/x86_64/kernel-source-stripped-2.6.12.27mdk-1-1mdk.x86_64.rpm
e3520cae9708f9227e80cb1e8547cc9f corporate/4.0/x86_64/kernel-xen0-2.6.12.27mdk-1-1mdk.x86_64.rpm
c06207ecd4bb9e8db56bd326094bb1b1 corporate/4.0/x86_64/kernel-xenU-2.6.12.27mdk-1-1mdk.x86_64.rpm
d45d9c28807552aaef5ae0ecbe4f05b6 corporate/4.0/SRPMS/kernel-2.6.12.27mdk-1-1mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFLRpcmqjQ0CJFipgRAjonAKDoIpBRmHDbBjXUwTldz0p058MTNwCfVN+6
ogecuevMVAmFsi+7s2EyoIE=
=vjmQ
-----END PGP SIGNATURE-----