[kernel-sec-discuss] r780 - dsa-texts
Dann Frazier
dannf at alioth.debian.org
Mon Apr 30 22:17:55 UTC 2007
Author: dannf
Date: 2007-04-30 22:17:52 +0000 (Mon, 30 Apr 2007)
New Revision: 780
Added:
dsa-texts/2.6.8-sarge7
Log:
create dsa text for 2.6.8-sarge7, dropping the fai-kernel rebuild until the 2.4 source is ready as well
Copied: dsa-texts/2.6.8-sarge7 (from rev 778, dsa-texts/2.6.8-sarge6)
===================================================================
--- dsa-texts/2.6.8-sarge6 2007-04-30 17:22:37 UTC (rev 778)
+++ dsa-texts/2.6.8-sarge7 2007-04-30 22:17:52 UTC (rev 780)
@@ -0,0 +1,154 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+XXXXX Xth, 2007 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : kernel-source-2.6.8
+Vulnerability : several
+Problem-Type : local/remote
+Debian-specific: no
+CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
+ CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
+ CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
+ CVE-2007-1357 CVE-2007-1592
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code.
+
+This update also fixes a regression in the smbfs subsystem which was introduced
+in DSA-1233.
+
+The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-4811
+
+ David Gibson reported an issue in the hugepage code which could permit
+ a local DoS (system crash) on appropriately configured systems.
+
+CVE-2006-4814
+
+ Doug Chapman discovered a potential local DoS (deadlock) in the mincore
+ function caused by improper lock handling.
+
+CVE-2006-4623
+
+ Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
+ can be triggered by a ULE package with an SNDU length of 0.
+
+CVE-2006-5753
+
+ Eric Sandeen provided a fix for a local memory corruption vulnerability
+ resulting from a misinterpretation of return values when operating on
+ inodes which have been marked bad.
+
+CVE-2006-5754
+
+ Darrick Wong discovered a local DoS (crash) vulnerability resulting from
+ the incorrect initialization of "nr_pages" in aio_setup_ring().
+
+CVE-2006-5757
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted iso9660 filesystem.
+
+CVE-2006-6053
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted ext3 filesystem.
+
+CVE-2006-6056
+
+ LMH reported a potential local DoS which could be exploited by a malicious
+ user with the privileges to mount and read a corrupted hfs filesystem on
+ systems with SELinux hooks enabled (Debian does not enable SELinux by
+ default).
+
+CVE-2006-6060
+
+ LMH reported a potential local DoS (infinie loop) which could be exploited
+ by a malicious user with the privileges to mount and read a corrupted NTFS
+ filesystem.
+
+CVE-2006-6106
+
+ Marcel Holtman discovered multiple buffer overflows in the Bluetooth
+ subsystem which can be used to trigger a remote DoS (crash) and potentially
+ execute arbitray code.
+
+CVE-2006-6535
+
+ Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
+ which could be exploited by a local user to cause data corruption.
+
+CVE-2007-0958
+
+ Santosh Eraniose reported a vulnerability that allows local users to read
+ otherwise unreadable files by triggering a core dump while using PT_INTERP.
+ This is related to CVE-2004-1073.
+
+CVE-2007-1357
+
+ Jean Delvare reported a vulnerability in the appletalk subsystem.
+ Systems with the appletalk module loaded can be triggered to crash
+ by other systems on the local network via a malformed frame.
+
+CVE-2007-1592
+
+ Masayuki Nakagawa discovered that flow labels were inadvertently
+ being shared between listening sockets and child sockets. This defect
+ can be exploited by local users to cause a DoS (Oops).
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+ Debian 3.1 (sarge)
+ Source 2.6.8-16sarge7
+ Alpha architecture 2.6.8-16sarge7
+ AMD64 architecture 2.6.8-16sarge7
+ HP Precision architecture 2.6.8-6sarge7
+ Intel IA-32 architecture 2.6.8-16sarge7
+ Intel IA-64 architecture 2.6.8-14sarge7
+ Motorola 680x0 architecture 2.6.8-4sarge7
+ PowerPC architecture 2.6.8-12sarge7
+ IBM S/390 architecture 2.6.8-5sarge7
+ Sun Sparc architecture 2.6.8-15sarge7
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
More information about the kernel-sec-discuss
mailing list