[kernel-sec-discuss] r964 - active
keescook-guest at alioth.debian.org
keescook-guest at alioth.debian.org
Mon Sep 24 20:41:34 UTC 2007
Author: keescook-guest
Date: 2007-09-24 20:41:34 +0000 (Mon, 24 Sep 2007)
New Revision: 964
Modified:
active/CVE-2007-3731
active/CVE-2007-3739
active/CVE-2007-3740
active/CVE-2007-4573
Log:
releasing ubuntu updates
Modified: active/CVE-2007-3731
===================================================================
--- active/CVE-2007-3731 2007-09-23 17:39:29 UTC (rev 963)
+++ active/CVE-2007-3731 2007-09-24 20:41:34 UTC (rev 964)
@@ -12,6 +12,9 @@
requests, related to the TRACE_IRQS_ON function, and possibly related to the
arch_ptrace function.
Ubuntu-Description:
+ Evan Teran discovered that the Linux kernel ptrace routines did not
+ correctly handle certain requests robustly. Local attackers could
+ exploit this to crash the system, causing a denial of service.
Notes:
dannf> Note that the description is somewhat misleading - I can reproduce
on 2.6.18, so its not limited to 2.6.20 and 2.6.21
@@ -21,6 +24,6 @@
2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch3) [bugfix/ptrace-handle-bogus-selector.patch, bugfix/fixup-trace_irq-breakage.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: pending (2.6.15-29.59)
-2.6.17-edgy-security: pending (2.6.17.1-12.41 17fc2937158a31e501e7e0aae9e3951b9ca49a0a, cd01b60fda15bb9d76eecf9420c989c3248881f6)
-2.6.20-feisty-security: pending (2.6.20-16.32 6227bc5e0cc5f5993c51f05f77d4602d5602b888, 2d7bfc148eece4514edf175b7e75d7fa48555fa2)
+2.6.15-dapper-security: released (2.6.15-29.59)
+2.6.17-edgy-security: released (2.6.17.1-12.41 17fc2937158a31e501e7e0aae9e3951b9ca49a0a, cd01b60fda15bb9d76eecf9420c989c3248881f6)
+2.6.20-feisty-security: released (2.6.20-16.32 6227bc5e0cc5f5993c51f05f77d4602d5602b888, 2d7bfc148eece4514edf175b7e75d7fa48555fa2)
Modified: active/CVE-2007-3739
===================================================================
--- active/CVE-2007-3739 2007-09-23 17:39:29 UTC (rev 963)
+++ active/CVE-2007-3739 2007-09-24 20:41:34 UTC (rev 964)
@@ -7,6 +7,9 @@
memory, which allows local users to cause a denial of service (OOPS)
via unspecified vectors.
Ubuntu-Description:
+ It was discovered that hugetlb kernels on PowerPC systems did not prevent
+ the stack from colliding with reserved kernel memory. Local attackers
+ could exploit this and crash the system, causing a denial of service.
Notes:
Bugs:
upstream:
@@ -14,6 +17,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: pending (2.6.15-29.59)
-2.6.17-edgy-security: pending (2.6.17.1-12.41 ae30f170a8c2988179b2b34c7e562f57eb0556bc)
-2.6.20-feisty-security: pending (2.6.20-16.32 e84eef7bd84cb46ae573e21d4047fa2a65072294)
+2.6.15-dapper-security: released (2.6.15-29.59)
+2.6.17-edgy-security: released (2.6.17.1-12.41 ae30f170a8c2988179b2b34c7e562f57eb0556bc)
+2.6.20-feisty-security: released (2.6.20-16.32 e84eef7bd84cb46ae573e21d4047fa2a65072294)
Modified: active/CVE-2007-3740
===================================================================
--- active/CVE-2007-3740 2007-09-23 17:39:29 UTC (rev 963)
+++ active/CVE-2007-3740 2007-09-24 20:41:34 UTC (rev 964)
@@ -6,6 +6,9 @@
not honor the umask of a process, which allows local users to gain
privileges.
Ubuntu-Description:
+ It was discovered that certain CIFS filesystem actions did not honor the
+ umask of a process. Local attackers could exploit this to gain additional
+ privileges.
Notes:
Bugs:
upstream:
@@ -13,6 +16,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: pending (2.6.15-29.59)
-2.6.17-edgy-security: pending (2.6.17.1-12.41 79255d92e1277021fc1be8e72897fe6177ab9b67)
-2.6.20-feisty-security: pending (2.6.20-16.32 d01415424757d4573d6fb28e44858607dca80eaa)
+2.6.15-dapper-security: released (2.6.15-29.59)
+2.6.17-edgy-security: released (2.6.17.1-12.41 79255d92e1277021fc1be8e72897fe6177ab9b67)
+2.6.20-feisty-security: released (2.6.20-16.32 d01415424757d4573d6fb28e44858607dca80eaa)
Modified: active/CVE-2007-4573
===================================================================
--- active/CVE-2007-4573 2007-09-23 17:39:29 UTC (rev 963)
+++ active/CVE-2007-4573 2007-09-24 20:41:34 UTC (rev 964)
@@ -3,6 +3,9 @@
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=176df2457ef6207156ca1a40991c54ca01fef567
Description:
Ubuntu-Description:
+ Wojciech Purczynski discovered that the Linux kernel ia32 syscall
+ emulation in x86_64 kernels did not correctly clear the high bits of
+ registers. Local attackers could exploit this to gain root privileges.
Notes:
Bugs:
upstream: released (2.6.22.7)
@@ -10,6 +13,6 @@
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: pending (2.6.15-29.59)
-2.6.17-edgy-security: pending (bac7adb35e5a3630511249b4f1bbdaff3b574455)
-2.6.20-feisty-security: pending (2.6.20-16.32 1145a8797aa4994275922e9fde299e7bb115edf0)
+2.6.15-dapper-security: released (2.6.15-29.59)
+2.6.17-edgy-security: released (2.6.17.1-12.41 bac7adb35e5a3630511249b4f1bbdaff3b574455)
+2.6.20-feisty-security: released (2.6.20-16.32 1145a8797aa4994275922e9fde299e7bb115edf0)
More information about the kernel-sec-discuss
mailing list