Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1304-1 security@debian.org
http://www.debian.org/security/
Dann Frazier
June 16th, 2007
http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : kernel-source-2.6.8
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
CVE-2007-1357 CVE-2007-1592
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.
This update also fixes a regression in the smbfs subsystem which was introduced
in DSA-1233 which caused symlinks to be interpreted as regular files.
The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2005-4811
David Gibson reported an issue in the hugepage code which could permit
a local DoS (system crash) on appropriately configured systems.
CVE-2006-4814
Doug Chapman discovered a potential local DoS (deadlock) in the mincore
function caused by improper lock handling.
CVE-2006-4623
Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
can be triggered by a ULE package with an SNDU length of 0.
CVE-2006-5753
Eric Sandeen provided a fix for a local memory corruption vulnerability
resulting from a misinterpretation of return values when operating on
inodes which have been marked bad.
CVE-2006-5754
Darrick Wong discovered a local DoS (crash) vulnerability resulting from
the incorrect initialization of "nr_pages" in aio_setup_ring().
CVE-2006-5757
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted iso9660 filesystem.
CVE-2006-6053
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted ext3 filesystem.
CVE-2006-6056
LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted hfs filesystem on
systems with SELinux hooks enabled (Debian does not enable SELinux by
default).
CVE-2006-6060
LMH reported a potential local DoS (infinie loop) which could be exploited
by a malicious user with the privileges to mount and read a corrupted NTFS
filesystem.
CVE-2006-6106
Marcel Holtman discovered multiple buffer overflows in the Bluetooth
subsystem which can be used to trigger a remote DoS (crash) and potentially
execute arbitray code.
CVE-2006-6535
Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
which could be exploited by a local user to cause data corruption.
CVE-2007-0958
Santosh Eraniose reported a vulnerability that allows local users to read
otherwise unreadable files by triggering a core dump while using PT_INTERP.
This is related to CVE-2004-1073.
CVE-2007-1357
Jean Delvare reported a vulnerability in the appletalk subsystem.
Systems with the appletalk module loaded can be triggered to crash
by other systems on the local network via a malformed frame.
CVE-2007-1592
Masayuki Nakagawa discovered that flow labels were inadvertently
being shared between listening sockets and child sockets. This defect
can be exploited by local users to cause a DoS (Oops).
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.1 (sarge)
Source 2.6.8-16sarge7
Alpha architecture 2.6.8-16sarge7
AMD64 architecture 2.6.8-16sarge7
HP Precision architecture 2.6.8-6sarge7
Intel IA-32 architecture 2.6.8-16sarge7
Intel IA-64 architecture 2.6.8-14sarge7
Motorola 680x0 architecture 2.6.8-4sarge7
PowerPC architecture 2.6.8-12sarge7
IBM S/390 architecture 2.6.8-5sarge7
Sun Sparc architecture 2.6.8-15sarge7
We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc
Size/MD5 checksum: 621 5549801d7afb55815fdbdab176ca876e
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz
Size/MD5 checksum: 30783 ca74ee036a13e209a496d86cfa216a3a
Size/MD5 checksum: 1092 5873dba0c647976525db473f74acb9e0
Size/MD5 checksum: 2310 77fa2acc4981a8139a83ab5ba38b2496
Size/MD5 checksum: 812 31724186421d5e75b4d30bc4c5ac4cfe
Size/MD5 checksum: 41795 5cf6d42b220f46f3dac97d1c04a8f259
Size/MD5 checksum: 1103 375e1122fd79645e41edab034be9de0f
Size/MD5 checksum: 79256 ca9f65f94ea59b6d7edaf6b78de20adb
Size/MD5 checksum: 1013 f815fd7077a24a9bc1639e8965ac8436
Size/MD5 checksum: 70389 9ebd6b53dfe6592d0783727b994c093e
Size/MD5 checksum: 1047 77659b43aa4f6e16200a2fc7c965f38d
Size/MD5 checksum: 93525 8def6bcf41cc21b34233d64a91fd3711
Size/MD5 checksum: 1191 672189ecf8912c0c58dc83dee1db8c43
Size/MD5 checksum: 67022 d9201644c379a6014c0cc604bfb8e0ab
Size/MD5 checksum: 874 faf43ca53f82737f123afab17a74f052
Size/MD5 checksum: 20214 82cb545e2b7abbb013cae38deebf4e08
Size/MD5 checksum: 846 64007a13f7e337cbf008bc2c74b52ea1
Size/MD5 checksum: 15750 201c22a6234947a99c468f2779160b33
Size/MD5 checksum: 1036 354dca83df1ed4b6fd9eb056aa868a0e
Size/MD5 checksum: 29718 2238b6f81d4b7c64e75d21749a2c9c71
Size/MD5 checksum: 1071 1bc90c9c9a884ca21de67e47f7f71831
Size/MD5 checksum: 29824 c5af34b00421bbf54f73210fae7da80a
Size/MD5 checksum: 1002 045ef1474c1a353d5aa48dea8c67183b
Size/MD5 checksum: 1086810 4d9a1726c26fb571d1b10bc94f4ee102
Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
Size/MD5 checksum: 703 adb50819acd30f02a8c22f0397675bb5
Size/MD5 checksum: 4358 469b36e05242fb4ce2adfc0d102fa2aa
Architecture independent components:
Size/MD5 checksum: 13864 651d60ecebfed7a105e0263f6fe5478e
Size/MD5 checksum: 6185220 661002c3ad09bbd5dcab929d531041b2
Size/MD5 checksum: 1142308 4cbfb30ffaf7e431cf8b162a37c543a3
Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88
Size/MD5 checksum: 37742 9d7013f35ef4f2720147f393efa265a4
Alpha architecture:
Size/MD5 checksum: 2762560 84e7e74114738170f4d9f7df9e270b78
Size/MD5 checksum: 234956 23c852ab91eb4a3ac982c9cbe04eff84
Size/MD5 checksum: 229566 aa37cc2ff3b38f45f0e83bed8d177b47
Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711
Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889
AMD64 architecture:
Size/MD5 checksum: 2725500 3f3ab58e8870ab61b9e23c23761a4604
Size/MD5 checksum: 228840 d16b8661666cdde1b13b566da719f49e
Size/MD5 checksum: 228024 afcb92db3b32fcef246cfdbaebc7c488
Size/MD5 checksum: 224084 d726ad34628dce5f56a292726ef77418
Size/MD5 checksum: 225808 d284e53c3827339b685be9c0b2c2bfb0
Size/MD5 checksum: 222522 97e162f7245121533a0a20fd6e439b1f
Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b
Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d
Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2
Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c
Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27
HP Precision architecture:
Size/MD5 checksum: 2803824 0eb5a4184865094e9e835cd6f199b00c
Size/MD5 checksum: 214636 3292ec383938984d8131a40f277319a5
Size/MD5 checksum: 213972 61f3fc8bb2046797b43a00c2221e1171
Size/MD5 checksum: 213562 ee18d9c16cc6331dbb298d9262abbc9e
Size/MD5 checksum: 212888 698a340ca8a5e1d1609dc6352b0199ae
Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1
Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406
Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50
Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb
Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576
Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5
Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d
Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb
Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91
Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2
Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0
Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff
Size/MD5 checksum: 147778 16e794df6938137a2bd066f4765c5cb2
Size/MD5 checksum: 165352 c92a69dee0c20259819ff4a6e1ce127f
Size/MD5 checksum: 169670 fa480aa39abd471188776c526fd168fc
Size/MD5 checksum: 163782 ae0f354c82688de2119cd9ade09e74c7
Size/MD5 checksum: 168098 bf6e5340a8f9c1484ee5ec72def36707
Size/MD5 checksum: 2782142 060404a3576c79845753ca1d7fd32a20
Size/MD5 checksum: 260950 875fa8dd31aa4ec2cd60789028b8998a
Size/MD5 checksum: 259062 0aec026194b11813344b17bfcce1f891
Size/MD5 checksum: 256060 8bb21af70c57b6dce4f6e21e1681e1f9
Size/MD5 checksum: 259116 d894737b2d3bd873362fe8df8ec413b2
Size/MD5 checksum: 256212 7bbbee51dae99f8a71d85284311bef37
Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff
Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f
Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e
Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2
Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493
Size/MD5 checksum: 2725464 90eeb0a9f5709f84c3c938616b1fccb5
Size/MD5 checksum: 228766 ffbb8044767a4e03782e14941b72f96d
Size/MD5 checksum: 227862 5a0d244abec1d92b8405c2d55f8d8ccc
Size/MD5 checksum: 224060 bbd653fcc567ce1c4c39af98e4e14f5c
Size/MD5 checksum: 225776 52376bf8dc98cbd4729ca25461efb079
Size/MD5 checksum: 222518 39139014fc8b44bbc87db457a49ac084
Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0
Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50
Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549
Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683
Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c
Intel IA-64 architecture:
Size/MD5 checksum: 9496 bd1b20781c0a0261864cb25bfd65d9a4
Size/MD5 checksum: 9560 7e3ff1e6eee69c81f42dd9912dce7baf
Size/MD5 checksum: 9526 4d29c68fcde4f1164f310a8071783953
Size/MD5 checksum: 9586 4b0c7ca8651f9c785eccce8b356f766b
Size/MD5 checksum: 3101574 b38d525273063519f869b8025e586bf5
Size/MD5 checksum: 203348 25239d213c84ee50c68884e6285a95c4
Size/MD5 checksum: 202850 8dc59012398a37e508bb33ed5088addd
Size/MD5 checksum: 202972 4370ad87aa8f711509fec39878608621
Size/MD5 checksum: 202650 804b0b5408cf7d67187f620bf7c0c6c1
Size/MD5 checksum: 9486 f2391dc971232c3c8a8ab0de5b551fe6
Size/MD5 checksum: 9556 3cae8e8cdf69ec485d731937ff6f0c30
Size/MD5 checksum: 9516 1febb236a0987f6a4be151e3923a7ed5
Size/MD5 checksum: 9582 275b6170b6857bd1af929448dc54436c
Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f
Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9
Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a
Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31
Motorola 680x0 architecture:
Size/MD5 checksum: 3308982 e5231d0f463e8cfad8a2b0affc640639
Size/MD5 checksum: 3106740 4cb685cf5ba010c1af6c345b72bf9a09
Size/MD5 checksum: 3019810 daedbf476546953537e8b2fd0947bac4
Size/MD5 checksum: 2991960 7f83fcf87edd48606c27e6e539c5e8ab
Size/MD5 checksum: 3180758 479afd4614662b56a7f877a16c5733a8
Size/MD5 checksum: 2984108 246b0da97b814115941b6b367a5a6d69
Size/MD5 checksum: 3052328 2a85ffeca76f8a87c09aab9da0365b35
Size/MD5 checksum: 3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37
Size/MD5 checksum: 2998472 665ea6e94f3e3215bdddde333a8e9109
PowerPC architecture:
Size/MD5 checksum: 409476 5e7a4e3b2ed13f34b1e2677a497ee1e9
Size/MD5 checksum: 409404 20c20aa48f210bda7407c38b025aa55e
Size/MD5 checksum: 409410 f334dac64177c488d67f466ebcf3e169
Size/MD5 checksum: 409324 de89552c4f4a5b12c56653cd50fc7f95
Size/MD5 checksum: 409688 fcafa2cd922a131165ab0595375426ab
Size/MD5 checksum: 409482 034ca72a697bfaaaf3f2594a5403f59c
Size/MD5 checksum: 5150300 70cca6665a0fc4f994c5ce7fda3a59e6
Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9
Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d
Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e
Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388
Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c
Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef
Size/MD5 checksum: 38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c
Size/MD5 checksum: 39372 4edd33511d47ff9e6cf971b0e930374e
IBM S/390 architecture:
Size/MD5 checksum: 5089222 1df72a6dadb3d4c860e7fb98b8059055
Size/MD5 checksum: 2987292 c1defc5cabc10eaaf039513911ef0bb1
Size/MD5 checksum: 1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba
Size/MD5 checksum: 3194032 d8e5e1f978e0342345190501e22bce49
Sun Sparc architecture:
Size/MD5 checksum: 8128 2c3760c5ad3d06d389c33f5fc4cb0bca
Size/MD5 checksum: 2893516 02e8eca22069fc8d5ccaf3fb20ac3c52
Size/MD5 checksum: 113334 ed0eb1de3b97b909c45dffeed89d40fb
Size/MD5 checksum: 148128 bafc5bf78fae912f73a38d927a2cbd47
Size/MD5 checksum: 148594 2d01718f8cd038942004778a23ce91b4
Size/MD5 checksum: 4556924 0061d182061c7b821fb208f348ed870f
Size/MD5 checksum: 7440258 ce79e30d9a4807a8bf565b9045b47f9c
Size/MD5 checksum: 7638478 306f0c1fc183597513943c030c06505a
These files will probably be moved into the stable distribution on
its next update.
- --------------------------------------------------------------------------------- iD8DBQFGc8ELhuANDBmkLRkRAoAeAJ9DhVYUpgbEz0vyzcAIgB1R1mh6TwCfVe9J
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Xpx/hYZXDzSFh1rTiB8U7jQ=
=tX8W
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment