[kernel-sec-discuss] r1170 - dsa-texts

dannf at alioth.debian.org dannf at alioth.debian.org
Tue May 27 08:59:19 UTC 2008


Author: dannf
Date: 2008-05-27 08:59:16 +0000 (Tue, 27 May 2008)
New Revision: 1170

Added:
   dsa-texts/2.6.18.dfsg.1-18etch5
Log:
new dsa draft

Copied: dsa-texts/2.6.18.dfsg.1-18etch5 (from rev 1169, dsa-texts/2.6.18.dfsg.1-18etch4)
===================================================================
--- dsa-texts/2.6.18.dfsg.1-18etch5	                        (rev 0)
+++ dsa-texts/2.6.18.dfsg.1-18etch5	2008-05-27 08:59:16 UTC (rev 1170)
@@ -0,0 +1,87 @@
+----------------------------------------------------------------------
+Debian Security Advisory DSA-15XX-1                security at debian.org
+http://www.debian.org/security/                           dann frazier
+May 27, 2008                        http://www.debian.org/security/faq
+----------------------------------------------------------------------
+
+Package        : linux-2.6
+Vulnerability  : denial of service
+Problem type   : local/remote
+Debian-specific: no
+CVE Id(s)      : CVE-2007-6712 CVE-2008-1615 CVE-2008-2136 CVE-2008-2137
+
+Several vulnerabilities have been discovered in the Linux kernel that may
+lead to a denial of service. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CVE-2007-6712
+
+    Johannes Bauer discovered an integer overflow condition in the hrtimer
+    subsystem on 64-bit systems. This can be exploited by local users to
+    trigger a denial of service (DoS) by causing the kernel to execute an
+    infinite loop.
+
+CVE-2008-1615
+
+    Jan Kratochvil reported a local denial of service condition that
+    permits local users on systems running the amd64 flavor kernel
+    to cause a system crash.
+
+CVE-2008-2136
+
+    Paul Harks discovered a memory leak in the Simple Internet Transition
+    (SIT) code used for IPv6 over IPv4 tunnels. This can be exploited
+    by remote users to cause a denial of service condition.
+
+CVE-2008-2137
+
+    David Miller and Jan Lieskovsky discovered issues with the virtual
+    address range checking of mmaped regions on the sparc architecture
+    that may be exploited by local users to cause a denial of service.
+
+For the stable distribution (etch), this problem has been fixed in version
+2.6.18.dfsg.1-18etch5.
+
+We recommend that you upgrade your linux-2.6, fai-kernels, and
+user-mode-linux packages.
+
+Upgrade instructions
+--------------------
+
+wget url
+        will fetch the file for you
+dpkg -i file.deb
+        will install the referenced file.
+
+If you are using the apt-get package manager, use the line for
+sources.list as given below:
+
+apt-get update
+        will update the internal database
+apt-get upgrade
+        will install corrected packages
+
+The following matrix lists additional source packages that were rebuilt for
+compatability with or to take advantage of this update:
+
+                                             Debian 4.0 (etch)
+     fai-kernels                             1.17+etch.18etch5
+     user-mode-linux                         2.6.18-1um-2etch.18etch5
+
+You may use an automated update by adding the resources from the
+footer to the proper configuration.
+
+Debian GNU/Linux 4.0 alias etch
+-------------------------------
+
+Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, and sparc.
+
+
+  These changes will probably be included in the stable distribution on
+  its next update.
+
+---------------------------------------------------------------------------------
+For apt-get: deb http://security.debian.org/ stable/updates main
+For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
+Mailing list: debian-security-announce at lists.debian.org
+Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>




More information about the kernel-sec-discuss mailing list