User: Password:
Subscribe / Log in / New account

Debian alert DSA-1928-1 (linux-2.6.24)

From:  dann frazier <>
Subject:  [SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
Date:  Thu, 5 Nov 2009 15:03:48 -0700
Message-ID:  <>
Archive-link:  Article, Thread

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1928-1 Dann Frazier November 5, 2009 - ---------------------------------------------------------------------- Package : linux-2.6.24 Vulnerability : privilege escalation/denial of service/sensitive memory leak Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2009-2846 CVE-2009-2847 CVE-2009-2848 CVE-2009-2849 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2846 Michael Buesch noticed a typing issue in the eisa-eeprom driver for the hppa architecture. Local users could exploit this issue to gain access to restricted memory. CVE-2009-2847 Ulrich Drepper noticed an issue in the do_sigalstack routine on 64-bit systems. This issue allows local users to gain access to potentially sensitive memory on the kernel stack. CVE-2009-2848 Eric Dumazet discovered an issue in the execve path, where the clear_child_tid variable was not being properly cleared. Local users could exploit this issue to cause a denial of service (memory corruption). CVE-2009-2849 Neil Brown discovered an issue in the sysfs interface to md devices. When md arrays are not active, local users can exploit this vulnerability to cause a denial of service (oops). CVE-2009-2903 Mark Smith discovered a memory leak in the appletalk implementation. When the appletalk and ipddp modules are loaded, but no ipddp"N" device is found, remote attackers can cause a denial of service by consuming large amounts of system memory. CVE-2009-2908 Loic Minier discovered an issue in the eCryptfs filesystem. A local user can cause a denial of service (kernel oops) by causing a dentry value to go negative. CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt() can result in a denial of service (kernel oops). CVE-2009-2910 Jan Beulich discovered the existence of a sensitive kernel memory leak. Systems running the 'amd64' kernel do not properly sanitize registers for 32-bit processes. CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue. CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area Network (CAN) implementations. Local users can exploit these issues to gain access to kernel memory. CVE-2009-3228 Eric Dumazet reported an instance of uninitialized kernel memory in the network packet scheduler. Local users may be able to exploit this issue to read the contents of sensitive kernel memory. CVE-2009-3238 Linus Torvalds provided a change to the get_random_int() function to increase its randomness. CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users. CVE-2009-3547 Earl Chew discovered a NULL pointer dereference issue in the pipe_rdwr_open function which can be used by local users to gain elevated privileges. CVE-2009-3612 Jiri Pirko discovered a typo in the initialization of a structure in the netlink subsystem that may allow local users to gain access to sensitive kernel memory. CVE-2009-3613 Alistair Strachan reported an issue in the r8169 driver. Remote users can cause a denial of service (IOMMU space exhaustion and system crash) by transmitting a large amount of jumbo frames. CVE-2009-3620 Ben Hutchings discovered an issue in the DRM manager for ATI Rage 128 graphics adapters. Local users may be able to exploit this vulnerability to cause a denial of service (NULL pointer dereference). CVE-2009-3621 Tomoki Sekiyama discovered a deadlock condition in the UNIX domain socket implementation. Local users can exploit this vulnerability to cause a denial of service (system hang). For the oldstable distribution (etch), this problem has been fixed in version 2.6.24-6~etchnhalf.9etch1. We recommend that you upgrade your linux-2.6.24 packages. Note: Debian 'etch' includes linux kernel packages based upon both the 2.6.18 and 2.6.24 linux releases. All known security issues are carefully tracked against both packages and both packages will receive security updates until security support for Debian 'etch' concludes. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, lower severity 2.6.18 and 2.6.24 updates will typically release in a staggered or "leap-frog" fashion. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Oldstable updates are available for alpha, amd64, hppa, i386, ia64, and mipsel. Updates for other architectures will be released as the they become available. Source archives: Size/MD5 checksum: 5118 11c39e0f0505c5a71453ba177ec2f780 Size/MD5 checksum: 4062851 38835b393eaf53915dbee39ef0ef0bce Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af Architecture independent packages: Size/MD5 checksum: 4262022 bb1c503dcb847b700814d433cdddb1f9 Size/MD5 checksum: 83302 2a8576eb3003b7ba1ead19ad7ef6ce0c Size/MD5 checksum: 1548296 3e044fb0d0bb8614f787f78fee86ce04 Size/MD5 checksum: 46864328 20c0417498421842a7175074aea06a0f Size/MD5 checksum: 97672 b1aa55ab4464293f5dac5b38e05948bb Size/MD5 checksum: 964124 a40463a66e93920bdd639d2c70d870cb alpha architecture (DEC Alpha) Size/MD5 checksum: 82894 819512914da24a2d82d471a17a6126ea Size/MD5 checksum: 332670 c249c0b58448936c450c26b1340994d0 Size/MD5 checksum: 26758158 1a5497e6cd4f62b36f4cfdae9a606e24 Size/MD5 checksum: 26737882 fc949e1dbc0d0c6c7688148babdfd5d1 Size/MD5 checksum: 3454880 83a5e26b99def049eec7571242778961 Size/MD5 checksum: 332158 8f3a3adf61a6e150763a383d4b566db2 Size/MD5 checksum: 330952 0ec11881ba63842e135d3752a765177d Size/MD5 checksum: 82868 b5396790365bab5a2d032d1b3bece1ed Size/MD5 checksum: 27341634 d11f40ed34af0197de7f61ef07d30abb amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 354620 0decd6646f19383f6958e5d90b92e87b Size/MD5 checksum: 82864 2869e673de24c9741042e2bb37f84d58 Size/MD5 checksum: 3650612 1b0f205b955558d402611693f783c495 Size/MD5 checksum: 19598112 ed3b7a91d93a116a4b175d173ad0f078 Size/MD5 checksum: 82872 c560fbca727844a090f88f9d6569ed0b hppa architecture (HP PA RISC) Size/MD5 checksum: 82992 1604c10382bd677723af0a811fdb466f Size/MD5 checksum: 258316 90502abd75a09ceed13a5efd22e996c5 Size/MD5 checksum: 3445284 32e69244553a870750d771254d1c95bd Size/MD5 checksum: 258996 fc63f1ef7e55c899b9ef2d736bc5e648 Size/MD5 checksum: 260542 97df4eda2fbd582dd6951bb1b7f31e85 Size/MD5 checksum: 14830274 fb45fe9d1b77d908d5adbb353b211994 Size/MD5 checksum: 261064 f5d2cbb6216c1ffebbd73153a75e75a5 Size/MD5 checksum: 83020 103285de6aad099908a2fedbbca24069 Size/MD5 checksum: 13847626 3c429ea0e61a446b3e7b13b943eafcb5 Size/MD5 checksum: 14374844 760d7850faff110d14494c86095aa45c Size/MD5 checksum: 13335298 2b476692a155f3f735f3af76f7170cd8 i386 architecture (Intel ia32) Size/MD5 checksum: 358770 0778828f3b2061e293f3aabc0aa78315 Size/MD5 checksum: 358342 3c8b34971bd6f2b69854328888aa4349 Size/MD5 checksum: 19146708 1818f00a12bc38f393e6d84f71afae73 Size/MD5 checksum: 82890 318cd7ef9d8b39d02da83a3a982f7c40 Size/MD5 checksum: 19481866 bb86c9b5a4944b48492a38f81ea38026 Size/MD5 checksum: 3655456 fb818a8696c619e5c9c7af73eec2b3c3 Size/MD5 checksum: 358104 388750612fda29fb362771823e54993c Size/MD5 checksum: 19213920 bc5f6ef45349d25064125c5c34e78fde Size/MD5 checksum: 19215890 868b1eb9c46677d9d97d0678b4a21894 Size/MD5 checksum: 346092 1874a566f494c8fa93946f7cdf71557f Size/MD5 checksum: 82864 321874f0f13b6e236c428568a492cb90 ia64 architecture (Intel ia64) Size/MD5 checksum: 82866 410b7f438b9b8468e3789058dcb31d63 Size/MD5 checksum: 32208224 154e3adb6765a43a000dcb9f9256db56 Size/MD5 checksum: 3568326 aa15646940c12e9f722d3668cca00270 Size/MD5 checksum: 82888 31354bcffa90ddfd3dd3905f37b53685 Size/MD5 checksum: 319102 7e62e5eadf5b3b8eecc22ccdfa57b19a Size/MD5 checksum: 319462 44040aba13eedc65922aa25a05fc8b86 Size/MD5 checksum: 32025040 474e2842ef8f69677380db67882b0fb0 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 13317670 61df26ad246695fad18f2f76c3c5163f Size/MD5 checksum: 3804192 393d33cc947f3e091c5858ef9179a70a Size/MD5 checksum: 308984 157b8af3aa5634f7a516cdf5cc220836 Size/MD5 checksum: 309750 d7ff28e982746494de3626cd747287c5 Size/MD5 checksum: 21737172 78c5c433465bc97c6c16a49fea05b575 Size/MD5 checksum: 246818 884f377e13d22f6633a49d4c0367f848 Size/MD5 checksum: 82870 cacc5fac473c021a7e0c0f7103e1efc0 Size/MD5 checksum: 246614 31c1c45fab75abb6221285c152b23cfd Size/MD5 checksum: 16567458 f1da961b02a1c60672349c1a9c19c9d1 Size/MD5 checksum: 82916 4b4d12b65b14c90ac9dda0c6303f9f5c Size/MD5 checksum: 16631254 b956adbf57f77bc34f06ca58d0d6a73f Size/MD5 checksum: 26990038 bd115b24191672415033fb0d077e33e8 Size/MD5 checksum: 247676 99d036e308655b4fb11d460fd50c4dd1 These changes will probably be included in the oldstable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: Package info: `apt-cache show <pkg>' and<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFK80tBhuANDBmkLRkRAj8vAJ9fKUFHKAQOSNoUzwbDY1ep4gqF0wCfcyxM YnZRXAn8UGyZzqSA660Vm/o= =Ey4e -----END PGP SIGNATURE-----

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds