[kernel-sec-discuss] r985 - dsa-texts
dannf at alioth.debian.org
dannf at alioth.debian.org
Wed Oct 3 02:03:09 UTC 2007
Author: dannf
Date: 2007-10-03 02:03:09 +0000 (Wed, 03 Oct 2007)
New Revision: 985
Added:
dsa-texts/2.6.18.dfsg.1-13etch4
Log:
new dsa text
Copied: dsa-texts/2.6.18.dfsg.1-13etch4 (from rev 984, dsa-texts/2.6.18.dfsg.1-13etch3)
===================================================================
--- dsa-texts/2.6.18.dfsg.1-13etch4 (rev 0)
+++ dsa-texts/2.6.18.dfsg.1-13etch4 2007-10-03 02:03:09 UTC (rev 985)
@@ -0,0 +1,162 @@
+--------------------------------------------------------------------------
+Debian Security Advisory DSA 1381-1 security at debian.org
+http://www.debian.org/security/ Dann Frazier
+October 2nd, 2007 http://www.debian.org/security/faq
+--------------------------------------------------------------------------
+
+Package : linux-2.6
+Vulnerability : several
+Problem-Type : local
+Debian-specific: no
+CVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093
+
+Several local vulnerabilities have been discovered in the Linux kernel
+that may lead to a denial of service or the execution of arbitrary
+code. The Common Vulnerabilities and Exposures project identifies the
+following problems:
+
+CVE-2006-5755
+
+ The NT bit maybe leaked into the next task which can local attackers
+ to cause a Denial of Service (crash) on systems which run the 'amd64'
+ flavour kernel. The stable distribution ('etch') was not believed to
+ be vulnerable to this issue at the time of release, however Bastian
+ Blank discovered that this issue still applied to the 'xen-amd64' and
+ 'xen-vserver-amd64' flavours that is resolved by this DSA.
+
+CVE-2007-4133
+
+ Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.
+ A misconversion of hugetlb_vmtruncate_list to prio_tree may allow
+ local users to trigger a BUG_ON() call in exit_mmap.
+
+CVE-2007-4573
+
+ Wojciech Purczynski discovered a vulnerability that can be exploitd
+ by a local user to obtain superuser privileges on x86_64 systems.
+ This resulted from improper clearing of the high bits of registers
+ during ia32 system call emulation. This vulnerability is relevant
+ to the Debian amd64 port as well as users of the i386 port who run
+ the amd64 linux-image flavour.
+
+ DSA-1378 resolved this problem for the 'amd64' flavour kernels, but
+ Tim Wickberg and Ralf HemmenstÃdt reported an outstanding issue with
+ the 'xen-amd64' and 'xen-vserver-amd64' issues that is resolved by
+ this DSA.
+
+CVE-2007-5093
+
+ Alex Smith discovered an issue with the pwc driver for certain webcam
+ devices. If the device is removed while a userspace application has it
+ open, the driver will wait for userspace to close the device, resulting
+ in a blocked USB subsystem. This issue is of low security impact as
+ it requires the attacker to either have physical access to the system
+ or to convince a user with local access to remove the device on their
+ behalf.
+
+These problems have been fixed in the stable distribution in version
+2.6.18.dfsg.1-13etch4.
+
+At the time of this DSA, only the build for the amd64 architecture is
+available. Due to the severity of the amd64-specific issues, we are
+releasing an incomplete update. This advisory will be updated once
+other architecture builds become available.
+
+We recommend that you upgrade your kernel package immediately and reboot
+the machine. If you have built a custom kernel from the kernel source
+package, you will need to rebuild to take advantage of these fixes.
+
+Upgrade Instructions
+--------------------
+
+wget url
+ will fetch the file for you
+dpkg -i file.deb
+ will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+ will update the internal database
+apt-get upgrade
+ will install corrected packages
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+
+Debian GNU/Linux 4.0 alias etch
+--------------------------------
+
+ Source archives:
+
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc
+ Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz
+ Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
+ Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
+
+ Architecture independent components:
+
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb
+ Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd
+
+ AMD64 architecture:
+
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927
+ http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059
+ http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0
+ http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb
+ Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac
+
+ These files will probably be moved into the stable distribution on
+ its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ etch/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
More information about the kernel-sec-discuss
mailing list