Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[Security Announce] [ MDVSA-2008:174 ] kernel

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

This is a multi-part message in MIME format...

 

------------=_1219194937-11275-8291

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2008:174

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : kernel

Date : August 19, 2008

Affected: Corporate 4.0

_______________________________________________________________________

 

Problem Description:

 

Some vulnerabilities were discovered and corrected in the Linux

2.6 kernel:

 

Linux kernel before 2.6.22.17, when using certain drivers that register

a fault handler that does not perform range checks, allows local users

to access kernel memory via an out-of-range offset. (CVE-2008-0007)

 

The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and

2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules;

and (B) the gxsnmp package; does not properly validate length values

during decoding of ASN.1 BER data, which allows remote attackers

to cause a denial of service (crash) or execute arbitrary code via

(1) a length greater than the working buffer, which can lead to an

unspecified overflow; (2) an oid length of zero, which can lead to

an off-by-one error; or (3) an indefinite length for a primitive

encoding. (CVE-2008-1673)

 

Linux kernel 2.6.18, and possibly other versions, when running on

AMD64 architectures, allows local users to cause a denial of service

(crash) via certain ptrace calls. (CVE-2008-1615)

 

Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the

Linux kernel before 2.6.25.3 allows remote attackers to cause a

denial of service (memory consumption) via network traffic to a

Simple Internet Transition (SIT) tunnel interface, related to the

pskb_may_pull and kfree_skb functions, and management of an skb

reference count. (CVE-2008-2136)

 

Integer overflow in the sctp_getsockopt_local_addrs_old function in

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp)

functionality in the Linux kernel before 2.6.25.9 allows local users

to cause a denial of service (resource consumption and system outage)

via vectors involving a large addr_num field in an sctp_getaddrs_old

data structure. (CVE-2008-2826)

 

arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on

some AMD64 systems does not erase destination memory locations after

an exception during kernel memory copy, which allows local users to

obtain sensitive information. (CVE-2008-2729)

 

To update your kernel, please follow the directions located at:

 

http://www.mandriva.com/en/security/kernelupdate

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1615

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2826

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2729

_______________________________________________________________________

 

Updated Packages:

 

Corporate 4.0:

aca649de138ecacc1118ffeb85a8585a corporate/4.0/i586/kernel-2.6.12.36mdk-1-1mdk.i586.rpm

4fe3d387ed0da34cafd6cce37296b105 corporate/4.0/i586/kernel-BOOT-2.6.12.36mdk-1-1mdk.i586.rpm

d1f4ea6bced7542e9ae13fe587550cef corporate/4.0/i586/kernel-doc-2.6.12.36mdk-1-1mdk.i586.rpm

c8981c9817e8f0cb532f33ae7a7f309a corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.36mdk-1-1mdk.i586.rpm

40b1b582f84d04cbbe7d80c03db8caf7 corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.36mdk-1-1mdk.i586.rpm

d215dccb6a76fa5f783397fddbfc6f14 corporate/4.0/i586/kernel-smp-2.6.12.36mdk-1-1mdk.i586.rpm

b64cf23b05ec50253a05d190b7663ef7 corporate/4.0/i586/kernel-source-2.6.12.36mdk-1-1mdk.i586.rpm

9473bec94760af7a36c9a67714363480 corporate/4.0/i586/kernel-source-stripped-2.6.12.36mdk-1-1mdk.i586.rpm

df75cfb33266eb4a18d75e367a9f0c11 corporate/4.0/i586/kernel-xbox-2.6.12.36mdk-1-1mdk.i586.rpm

cb8bbb9f2daff324ec085ac80b146101 corporate/4.0/i586/kernel-xen0-2.6.12.36mdk-1-1mdk.i586.rpm

d8e3b3c456c8ba162b957d22b6313b14 corporate/4.0/i586/kernel-xenU-2.6.12.36mdk-1-1mdk.i586.rpm

cf443a0b3549d4868171933bb6504d03 corporate/4.0/SRPMS/kernel-2.6.12.36mdk-1-1mdk.src.rpm

 

Corporate 4.0/X86_64:

181a597366b6c12d437148b9ba4e42da corporate/4.0/x86_64/kernel-2.6.12.36mdk-1-1mdk.x86_64.rpm

4bc50966cf92867ebe5031a271b2f792 corporate/4.0/x86_64/kernel-BOOT-2.6.12.36mdk-1-1mdk.x86_64.rpm

f67a89cd2715ab7444803532d9aa9f5c corporate/4.0/x86_64/kernel-doc-2.6.12.36mdk-1-1mdk.x86_64.rpm

12c6df680e33523ab403d01202e9ffc8 corporate/4.0/x86_64/kernel-smp-2.6.12.36mdk-1-1mdk.x86_64.rpm

ea697bdc33252e1b7fba82352c91b21b corporate/4.0/x86_64/kernel-source-2.6.12.36mdk-1-1mdk.x86_64.rpm

8c1d20d6bc3fb30f7b5a51f97af6419a corporate/4.0/x86_64/kernel-source-stripped-2.6.12.36mdk-1-1mdk.x86_64.rpm

454cafa0ee5243852a1ce9f56f9cfd42 corporate/4.0/x86_64/kernel-xen0-2.6.12.36mdk-1-1mdk.x86_64.rpm

f52a9f3a0ff8f7f1ad7c043ca1d424c4 corporate/4.0/x86_64/kernel-xenU-2.6.12.36mdk-1-1mdk.x86_64.rpm

cf443a0b3549d4868171933bb6504d03 corporate/4.0/SRPMS/kernel-2.6.12.36mdk-1-1mdk.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFIq0UqmqjQ0CJFipgRAtriAKDvPd3HDF/Ehp2Pc57TIgyrxGDrrACfQsbE

SoRHOC2z/efxfNww6sH1o+0=

=cA9G

-----END PGP SIGNATURE-----

 

 

------------=_1219194937-11275-8291

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1219194937-11275-8291--

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×