[kernel-sec-discuss] r780 - dsa-texts

Dann Frazier dannf at alioth.debian.org
Mon Apr 30 22:17:55 UTC 2007


Author: dannf
Date: 2007-04-30 22:17:52 +0000 (Mon, 30 Apr 2007)
New Revision: 780

Added:
   dsa-texts/2.6.8-sarge7
Log:
create dsa text for 2.6.8-sarge7, dropping the fai-kernel rebuild until the 2.4 source is ready as well

Copied: dsa-texts/2.6.8-sarge7 (from rev 778, dsa-texts/2.6.8-sarge6)
===================================================================
--- dsa-texts/2.6.8-sarge6	2007-04-30 17:22:37 UTC (rev 778)
+++ dsa-texts/2.6.8-sarge7	2007-04-30 22:17:52 UTC (rev 780)
@@ -0,0 +1,154 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA XXX-1                     security at debian.org
+http://www.debian.org/security/                               Dann Frazier
+XXXXX Xth, 2007                         http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package        : kernel-source-2.6.8
+Vulnerability  : several
+Problem-Type   : local/remote
+Debian-specific: no
+CVE ID         : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
+                 CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
+                 CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
+                 CVE-2007-1357 CVE-2007-1592
+
+Several local and remote vulnerabilities have been discovered in the Linux
+kernel that may lead to a denial of service or the execution of arbitrary
+code. 
+
+This update also fixes a regression in the smbfs subsystem which was introduced
+in DSA-1233.
+
+The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2005-4811
+
+    David Gibson reported an issue in the hugepage code which could permit
+    a local DoS (system crash) on appropriately configured systems.
+
+CVE-2006-4814
+
+    Doug Chapman discovered a potential local DoS (deadlock) in the mincore
+    function caused by improper lock handling.
+
+CVE-2006-4623
+
+    Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
+    can be triggered by a ULE package with an SNDU length of 0.
+
+CVE-2006-5753
+
+    Eric Sandeen provided a fix for a local memory corruption vulnerability
+    resulting from a misinterpretation of return values when operating on
+    inodes which have been marked bad.
+
+CVE-2006-5754
+
+    Darrick Wong discovered a local DoS (crash) vulnerability resulting from
+    the incorrect initialization of "nr_pages" in aio_setup_ring().
+
+CVE-2006-5757
+
+    LMH reported a potential local DoS which could be exploited by a malicious
+    user with the privileges to mount and read a corrupted iso9660 filesystem.
+
+CVE-2006-6053
+
+    LMH reported a potential local DoS which could be exploited by a malicious
+    user with the privileges to mount and read a corrupted ext3 filesystem.
+
+CVE-2006-6056
+
+    LMH reported a potential local DoS which could be exploited by a malicious
+    user with the privileges to mount and read a corrupted hfs filesystem on
+    systems with SELinux hooks enabled (Debian does not enable SELinux by
+    default).
+
+CVE-2006-6060
+
+    LMH reported a potential local DoS (infinie loop) which could be exploited
+    by a malicious user with the privileges to mount and read a corrupted NTFS
+    filesystem.
+
+CVE-2006-6106
+
+    Marcel Holtman discovered multiple buffer overflows in the Bluetooth
+    subsystem which can be used to trigger a remote DoS (crash) and potentially
+    execute arbitray code.
+
+CVE-2006-6535
+
+    Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
+    which could be exploited by a local user to cause data corruption.
+
+CVE-2007-0958
+
+    Santosh Eraniose reported a vulnerability that allows local users to read
+    otherwise unreadable files by triggering a core dump while using PT_INTERP.
+    This is related to CVE-2004-1073.
+
+CVE-2007-1357
+
+    Jean Delvare reported a vulnerability in the appletalk subsystem.
+    Systems with the appletalk module loaded can be triggered to crash
+    by other systems on the local network via a malformed frame.
+
+CVE-2007-1592
+
+    Masayuki Nakagawa discovered that flow labels were inadvertently
+    being shared between listening sockets and child sockets. This defect
+    can be exploited by local users to cause a DoS (Oops).
+
+The following matrix explains which kernel version for which architecture
+fix the problems mentioned above:
+
+                                 Debian 3.1 (sarge)
+     Source                      2.6.8-16sarge7
+     Alpha architecture          2.6.8-16sarge7
+     AMD64 architecture          2.6.8-16sarge7
+     HP Precision architecture   2.6.8-6sarge7
+     Intel IA-32 architecture    2.6.8-16sarge7
+     Intel IA-64 architecture    2.6.8-14sarge7
+     Motorola 680x0 architecture 2.6.8-4sarge7
+     PowerPC architecture        2.6.8-12sarge7
+     IBM S/390 architecture      2.6.8-5sarge7
+     Sun Sparc architecture      2.6.8-15sarge7
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+        will fetch the file for you
+dpkg -i file.deb
+        will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+        will update the internal database
+apt-get upgrade
+        will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 3.1 alias sarge
+--------------------------------
+
+
+  These files will probably be moved into the stable distribution on
+  its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>




More information about the kernel-sec-discuss mailing list