PDA

View Full Version : USN-518-1: Linux kernel vulnerabilities



rss-bot
September 25th, 2007, 06:50 AM
Referenced CVEs:
CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573


Description:
================================================== ========= Ubuntu Security Notice USN-518-1 September 25, 2007 linux-source-2.6.15/17/20 vulnerabilities CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-29-386 2.6.15-29.60 linux-image-2.6.15-29-686 2.6.15-29.60 linux-image-2.6.15-29-amd64-generic 2.6.15-29.60 linux-image-2.6.15-29-amd64-k8 2.6.15-29.60 linux-image-2.6.15-29-amd64-server 2.6.15-29.60 linux-image-2.6.15-29-amd64-xeon 2.6.15-29.60 linux-image-2.6.15-29-hppa32 2.6.15-29.60 linux-image-2.6.15-29-hppa32-smp 2.6.15-29.60 linux-image-2.6.15-29-hppa64 2.6.15-29.60 linux-image-2.6.15-29-hppa64-smp 2.6.15-29.60 linux-image-2.6.15-29-itanium 2.6.15-29.60 linux-image-2.6.15-29-itanium-smp 2.6.15-29.60 linux-image-2.6.15-29-k7 2.6.15-29.60 linux-image-2.6.15-29-mckinley 2.6.15-29.60 linux-image-2.6.15-29-mckinley-smp 2.6.15-29.60 linux-image-2.6.15-29-powerpc 2.6.15-29.60 linux-image-2.6.15-29-powerpc-smp 2.6.15-29.60 linux-image-2.6.15-29-powerpc64-smp 2.6.15-29.60 linux-image-2.6.15-29-server 2.6.15-29.60 linux-image-2.6.15-29-server-bigiron 2.6.15-29.60 linux-image-2.6.15-29-sparc64 2.6.15-29.60 linux-image-2.6.15-29-sparc64-smp 2.6.15-29.60 Ubuntu 6.10: linux-image-2.6.17-12-386 2.6.17.1-12.41 linux-image-2.6.17-12-generic 2.6.17.1-12.41 linux-image-2.6.17-12-hppa32 2.6.17.1-12.41 linux-image-2.6.17-12-hppa64 2.6.17.1-12.41 linux-image-2.6.17-12-itanium 2.6.17.1-12.41 linux-image-2.6.17-12-mckinley 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.41 linux-image-2.6.17-12-server 2.6.17.1-12.41 linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.41 linux-image-2.6.17-12-sparc64 2.6.17.1-12.41 linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.41 Ubuntu 7.04: linux-image-2.6.20-16-386 2.6.20-16.32 linux-image-2.6.20-16-generic 2.6.20-16.32 linux-image-2.6.20-16-hppa32 2.6.20-16.32 linux-image-2.6.20-16-hppa64 2.6.20-16.32 linux-image-2.6.20-16-itanium 2.6.20-16.32 linux-image-2.6.20-16-lowlatency 2.6.20-16.32 linux-image-2.6.20-16-mckinley 2.6.20-16.32 linux-image-2.6.20-16-powerpc 2.6.20-16.32 linux-image-2.6.20-16-powerpc-smp 2.6.20-16.32 linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.32 linux-image-2.6.20-16-server 2.6.20-16.32 linux-image-2.6.20-16-server-bigiron 2.6.20-16.32 linux-image-2.6.20-16-sparc64 2.6.20-16.32 linux-image-2.6.20-16-sparc64-smp 2.6.20-16.32 After a standard system upgrade you need to reboot your computer to affect the necessary changes. Details follow: Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly. Local attackers could exploit this to crash the system, causing a denial of service. (CVE-2007-3731) It was discovered that hugetlb kernels on PowerPC systems did not prevent the stack from colliding with reserved kernel memory. Local attackers could exploit this and crash the system, causing a denial of service. (CVE-2007-3739) It was discovered that certain CIFS filesystem actions did not honor the umask of a process. Local attackers could exploit this to gain additional privileges. (CVE-2007-3740) Wojciech Purczynski discovered that the Linux kernel ia32 syscall emulation in x86_64 kernels did not correctly clear the high bits of registers. Local attackers could exploit this to gain root privileges. (CVE-2007-4573)





More... (http://www.ubuntu.com/usn/usn-518-1)