View Full Version : USN-618-1: Linux kernel vulnerabilities

June 20th, 2008, 05:20 AM
Referenced CVEs:
CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669

================================================== ========= Ubuntu Security Notice USN-618-1 June 19, 2008 linux-source-2.6.15/20/22 vulnerabilities CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.67 linux-image-2.6.15-52-686 2.6.15-52.67 linux-image-2.6.15-52-amd64-generic 2.6.15-52.67 linux-image-2.6.15-52-amd64-k8 2.6.15-52.67 linux-image-2.6.15-52-amd64-server 2.6.15-52.67 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.67 linux-image-2.6.15-52-hppa32 2.6.15-52.67 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.67 linux-image-2.6.15-52-hppa64 2.6.15-52.67 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.67 linux-image-2.6.15-52-itanium 2.6.15-52.67 linux-image-2.6.15-52-itanium-smp 2.6.15-52.67 linux-image-2.6.15-52-k7 2.6.15-52.67 linux-image-2.6.15-52-mckinley 2.6.15-52.67 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.67 linux-image-2.6.15-52-powerpc 2.6.15-52.67 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.67 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.67 linux-image-2.6.15-52-server 2.6.15-52.67 linux-image-2.6.15-52-server-bigiron 2.6.15-52.67 linux-image-2.6.15-52-sparc64 2.6.15-52.67 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.67 Ubuntu 7.04: linux-image-2.6.20-17-386 2.6.20-17.36 linux-image-2.6.20-17-generic 2.6.20-17.36 linux-image-2.6.20-17-hppa32 2.6.20-17.36 linux-image-2.6.20-17-hppa64 2.6.20-17.36 linux-image-2.6.20-17-itanium 2.6.20-17.36 linux-image-2.6.20-17-lowlatency 2.6.20-17.36 linux-image-2.6.20-17-mckinley 2.6.20-17.36 linux-image-2.6.20-17-powerpc 2.6.20-17.36 linux-image-2.6.20-17-powerpc-smp 2.6.20-17.36 linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.36 linux-image-2.6.20-17-server 2.6.20-17.36 linux-image-2.6.20-17-server-bigiron 2.6.20-17.36 linux-image-2.6.20-17-sparc64 2.6.20-17.36 linux-image-2.6.20-17-sparc64-smp 2.6.20-17.36 Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.54 linux-image-2.6.22-15-cell 2.6.22-15.54 linux-image-2.6.22-15-generic 2.6.22-15.54 linux-image-2.6.22-15-hppa32 2.6.22-15.54 linux-image-2.6.22-15-hppa64 2.6.22-15.54 linux-image-2.6.22-15-itanium 2.6.22-15.54 linux-image-2.6.22-15-lpia 2.6.22-15.54 linux-image-2.6.22-15-lpiacompat 2.6.22-15.54 linux-image-2.6.22-15-mckinley 2.6.22-15.54 linux-image-2.6.22-15-powerpc 2.6.22-15.54 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.54 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.54 linux-image-2.6.22-15-rt 2.6.22-15.54 linux-image-2.6.22-15-server 2.6.22-15.54 linux-image-2.6.22-15-sparc64 2.6.22-15.54 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.54 linux-image-2.6.22-15-ume 2.6.22-15.54 linux-image-2.6.22-15-virtual 2.6.22-15.54 linux-image-2.6.22-15-xen 2.6.22-15.54 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well. Details follow: It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. (CVE-2007-4571) Multiple buffer overflows were discovered in the handling of CIFS filesystems. A malicious CIFS server could cause a client system crash or possibly execute arbitrary code with kernel privileges. (CVE-2007-5904) It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. (CVE-2007-6694) It was discovered that some device driver fault handlers did not correctly verify memory ranges. A local attacker could exploit this to access sensitive kernel memory, possibly leading to a loss of privacy. (CVE-2008-0007) It was discovered that CPU resource limits could be bypassed. A malicious local user could exploit this to avoid administratively imposed resource limits. (CVE-2008-1294) A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. (CVE-2008-1375) On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. (CVE-2008-1669)

More... (http://www.ubuntu.com/usn/usn-618-1)