Paketname
kernel
Datum
2005-01-25
Advisory ID
MDKSA-2005:022
Betroffene Versionen
9.2 i586 , CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 i586 , MNF8.2 i586 , 9.2 amd64 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with this advisory: - Multiple race conditions in the terminal layer of 2.4 and 2.6 kernels (prior to 2.6.9) can allow a local attacker to obtain portions of kernel data or allow remote attackers to cause a kernel panic by switching from console to PPP line discipline, then quickly sending data that is received during the switch (CAN-2004-0814) - Richard Hart found an integer underflow problem in the iptables firewall logging rules that can allow a remote attacker to crash the machine by using a specially crafted IP packet. This is only possible, however, if firewalling is enabled. The problem only affects 2.6 kernels and was fixed upstream in 2.6.8 (CAN-2004-0816) - Stefan Esser found several remote DoS confitions in the smbfs file system. This could be exploited by a hostile SMB server (or an attacker injecting packets into the network) to crash the client systems (CAN-2004-0883 and CAN-2004-0949) - Paul Starzetz and Georgi Guninski reported, independantly, that bad argument handling and bad integer arithmetics in the IPv4 sendmsg handling of control messages could lead to a local attacker crashing the machine. The fixes were done by Herbert Xu (CAN-2004-1016) - Rob Landley discovered a race condition in the handling of /proc/.../cmdline where, under rare circumstances, a user could read the environment variables of another process that was still spawning leading to the potential disclosure of sensitive information such as passwords (CAN-2004-1058) - Paul Starzetz reported that the missing serialization in unix_dgram_recvmsg() which was added to kernel 2.4.28 can be used by a local attacker to gain elevated (root) privileges (CAN-2004-1068) - Ross Kendall Axe discovered a possible kernel panic (DoS) while sending AF_UNIX network packets if certain SELinux-related kernel options were enabled. By default the CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX options are not enabled (CAN-2004-1069) - Paul Starzetz of isec.pl discovered several issues with the error handling of the ELF loader routines in the kernel. The fixes were provided by Chris Wright (CAN-2004-1070, CAN-2004-1071, CAN-2004-1072, CAN-2004-1073) - It was discovered that hand-crafted a.out binaries could be used to trigger a local DoS condition in both the 2.4 and 2.6 kernels. The fixes were done by Chris Wright (CAN-2004-1074) - Paul Starzetz found bad handling in the IGMP code which could lead to a local attacker being able to crash the machine. The fix was done by Chris Wright (CAN-2004-1137) - Jeremy Fitzhardinge discovered two buffer overflows in the sys32_ni_syscall() and sys32_vm86_warning() functions that could be used to overwrite kernel memory with attacker-supplied code resulting in privilege escalation (CAN-2004-1151) - Paul Starzetz found locally exploitable flaws in the binary format loader's uselib() function that could be abused to allow a local user to obtain root privileges (CAN-2004-1235) - Paul Starzetz found an exploitable flaw in the page fault handler when running on SMP machines (CAN-2005-0001) - A vulnerability in insert_vm_struct could allow a locla user to trigger BUG() when the user created a large vma that overlapped with arg pages during exec (CAN-2005-0003) - Paul Starzetz also found a number of vulnerabilities in the kernel binfmt_elf loader that could lead a local user to obtain elevated (root) privileges (isec-0017-binfmt_elf) The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandrakesoft.com/security/kernelupdate PLEASE NOTE: Mandrakelinux 10.0 users will need to upgrade to the latest module-init-tools package prior to upgrading their kernel. Likewise, MNF8.2 users will need to upgrade to the latest modutils package prior to upgrading their kernel.

Aktualisierte Pakete

9.2 i586

 df22e4dffb539874c2ad36bc8893718b  9.2/RPMS/kernel-2.4.22.41mdk-1-1mdk.i586.rpm
58303975f994e50b440a46aa10b3c0a4  9.2/RPMS/kernel-enterprise-2.4.22.41mdk-1-1mdk.i586.rpm
6548386b7fab601d507950a3b658b454  9.2/RPMS/kernel-i686-up-4GB-2.4.22.41mdk-1-1mdk.i586.rpm
a5eeba7c971e7fe09d4b42ef183b97f9  9.2/RPMS/kernel-p3-smp-64GB-2.4.22.41mdk-1-1mdk.i586.rpm
c19bbca55e615a7eec5f26aebea3a675  9.2/RPMS/kernel-secure-2.4.22.41mdk-1-1mdk.i586.rpm
a4b44486653dd2d4822ba26c2debb769  9.2/RPMS/kernel-smp-2.4.22.41mdk-1-1mdk.i586.rpm
941029c6b6e57f5083a48cbb2481a41e  9.2/RPMS/kernel-source-2.4.22-41mdk.i586.rpm
7a5a16618d1fb3c92a3b2c8abcb8f6e6  9.2/SRPMS/kernel-2.4.22.41mdk-1-1mdk.src.rpm

CS2.1 x86_64

 a3ee6a051ea79aadaefaaf67f19023d7  x86_64/corporate/2.1/RPMS/kernel-2.4.19.48mdk-1-1mdk.x86_64.rpm
33c6cac5db86011dc231686086b63798  x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.x86_64.rpm
d39c2680a53cacf01e1c768c06239660  x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.48mdk-1-1mdk.x86_64.rpm
7c17e24855523fd5f5d6bf819a6f198b  x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-48mdk.x86_64.rpm
ba431d79d61432149d88b19f7edbdaf7  x86_64/corporate/2.1/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm

10.0 amd64

 c8609f9d078f225fdc78047f338df99a  amd64/10.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.amd64.rpm
b89b86305d44c25e7c79bff4a9f2ebe6  amd64/10.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.amd64.rpm
0acfd0fcc2e4a792054970f796485a7b  amd64/10.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.amd64.rpm
90400428327d20e8e6d7a3c6bbd95304  amd64/10.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.amd64.rpm
a5723d6b9ac757d83eb46ea25de3f270  amd64/10.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.amd64.rpm
69e309596c73922539f7771a0a8473c6  amd64/10.0/RPMS/kernel-source-2.4.25-13mdk.amd64.rpm
4bf67528554bddac99214a873a16cb9f  amd64/10.0/RPMS/kernel-source-2.6.3-25mdk.amd64.rpm
4628048ff5e631b48127cbbf1b7715b7  amd64/10.0/RPMS/kernel-source-stripped-2.6.3-25mdk.amd64.rpm
91593c8eb6877c70f16c274254cbad2b  amd64/10.0/RPMS/module-init-tools-3.0-1.2.1.100mdk.amd64.rpm
9b808108f4839905f98821a72e01ed9b  amd64/10.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
cbd99bedcf3e86bbe76cfc7483d3655a  amd64/10.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm
5ee85d63733b93e1629a9f5c44cb634c  amd64/10.0/SRPMS/module-init-tools-3.0-1.2.1.100mdk.src.rpm

10.1 i586

 0f696c0c5320ec25d05ef5bd350f9985  10.1/RPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
d1af1c436a5abba25b8f08775da71db7  10.1/RPMS/kernel-2.6.8.1.24mdk-1-1mdk.i586.rpm
0dcb79ef492718dee540f7d41e80058a  10.1/RPMS/kernel-enterprise-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
40284c8cc69455994b3d4d1f4ca00f83  10.1/RPMS/kernel-enterprise-2.6.8.1.24mdk-1-1mdk.i586.rpm
9ea23249f97f8ee30cdac0e330112aab  10.1/RPMS/kernel-i586-up-1GB-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
7b30e9fcc1726f729fb553cbe2c6e1c0  10.1/RPMS/kernel-i586-up-1GB-2.6.8.1.24mdk-1-1mdk.i586.rpm
871192ed017f9d5cf41182cf603ee186  10.1/RPMS/kernel-i686-up-64GB-2.6.8.1.24mdk-1-1mdk.i586.rpm
c3cdd1c9aa5f109fc2c666496df04381  10.1/RPMS/kernel-secure-2.6.8.1.24mdk-1-1mdk.i586.rpm
b9c94c3ddd5c96a6408cb2ae3c65cac4  10.1/RPMS/kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk.i586.rpm
d70bdcfaf79cf6209e9c7d4842f9c630  10.1/RPMS/kernel-smp-2.6.8.1.24mdk-1-1mdk.i586.rpm
d6d6df17dbd538a472f1715ed5085069  10.1/RPMS/kernel-source-2.4-2.4.28-0.rc1.5mdk.i586.rpm
290f135dd67a321a54d1115a0e322114  10.1/RPMS/kernel-source-2.6-2.6.8.1-24mdk.i586.rpm
a77254188fa582e1dc6507684b6350e0  10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-24mdk.i586.rpm
ac1ff7f73b6ff5ef0d848835aa439f5b  10.1/SRPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.src.rpm
7b0f95d89253bfab3456919d06e70039  10.1/SRPMS/kernel-2.6.8.1.24mdk-1-1mdk.src.rpm

10.0 i586

 3d615b76ac136595a7458135e1f839c6  10.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.i586.rpm
8872bc542fb173ebe7b3ab99d9fa0a78  10.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.i586.rpm
c2324dc5344bf65b4c32b7aaef8ce854  10.0/RPMS/kernel-enterprise-2.4.25.13mdk-1-1mdk.i586.rpm
df49e87e645dff4a94552e15e8943c19  10.0/RPMS/kernel-enterprise-2.6.3.25mdk-1-1mdk.i586.rpm
ca8d699e0e20a337a5eebf79ec85706a  10.0/RPMS/kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk.i586.rpm
e07ade9d7d022da3fba9e13257bb7f15  10.0/RPMS/kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk.i586.rpm
916707e9d3fe3c8328db6c6e18473abe  10.0/RPMS/kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk.i586.rpm
3372a66fbafd98d091b1d3d577d50221  10.0/RPMS/kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk.i586.rpm
f4684d50ded00cd05eaf47753b7564c8  10.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.i586.rpm
03688dfd221d3b4a6fda80ef5784bab6  10.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.i586.rpm
120a2b5101fcb5ade30f58c66faa8622  10.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.i586.rpm
d865abbec938cee8c258bfed331e49b3  10.0/RPMS/kernel-source-2.4.25-13mdk.i586.rpm
6537b8b610d93a06a3b5e7fbed060d7d  10.0/RPMS/kernel-source-2.6.3-25mdk.i586.rpm
2b80606da918944b7d9a3947fe9261f4  10.0/RPMS/kernel-source-stripped-2.6.3-25mdk.i586.rpm
66014de2087370161cc488cbd2459caa  10.0/RPMS/module-init-tools-3.0-1.2.1.100mdk.i586.rpm
9b808108f4839905f98821a72e01ed9b  10.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
cbd99bedcf3e86bbe76cfc7483d3655a  10.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm
5ee85d63733b93e1629a9f5c44cb634c  10.0/SRPMS/module-init-tools-3.0-1.2.1.100mdk.src.rpm

CS3.0 i586

 3d615b76ac136595a7458135e1f839c6  corporate/3.0/RPMS/kernel-2.4.25.13mdk-1-1mdk.i586.rpm
8872bc542fb173ebe7b3ab99d9fa0a78  corporate/3.0/RPMS/kernel-2.6.3.25mdk-1-1mdk.i586.rpm
c2324dc5344bf65b4c32b7aaef8ce854  corporate/3.0/RPMS/kernel-enterprise-2.4.25.13mdk-1-1mdk.i586.rpm
df49e87e645dff4a94552e15e8943c19  corporate/3.0/RPMS/kernel-enterprise-2.6.3.25mdk-1-1mdk.i586.rpm
ca8d699e0e20a337a5eebf79ec85706a  corporate/3.0/RPMS/kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk.i586.rpm
e07ade9d7d022da3fba9e13257bb7f15  corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk.i586.rpm
916707e9d3fe3c8328db6c6e18473abe  corporate/3.0/RPMS/kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk.i586.rpm
3372a66fbafd98d091b1d3d577d50221  corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk.i586.rpm
f4684d50ded00cd05eaf47753b7564c8  corporate/3.0/RPMS/kernel-secure-2.6.3.25mdk-1-1mdk.i586.rpm
03688dfd221d3b4a6fda80ef5784bab6  corporate/3.0/RPMS/kernel-smp-2.4.25.13mdk-1-1mdk.i586.rpm
120a2b5101fcb5ade30f58c66faa8622  corporate/3.0/RPMS/kernel-smp-2.6.3.25mdk-1-1mdk.i586.rpm
d865abbec938cee8c258bfed331e49b3  corporate/3.0/RPMS/kernel-source-2.4.25-13mdk.i586.rpm
6537b8b610d93a06a3b5e7fbed060d7d  corporate/3.0/RPMS/kernel-source-2.6.3-25mdk.i586.rpm
2b80606da918944b7d9a3947fe9261f4  corporate/3.0/RPMS/kernel-source-stripped-2.6.3-25mdk.i586.rpm
9b808108f4839905f98821a72e01ed9b  corporate/3.0/SRPMS/kernel-2.4.25.13mdk-1-1mdk.src.rpm
cbd99bedcf3e86bbe76cfc7483d3655a  corporate/3.0/SRPMS/kernel-2.6.3.25mdk-1-1mdk.src.rpm

MNF8.2 i586

 a08867762d937e0890a7efe79439c844  mnf8.2/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.i586.rpm
6fb3c0a0ab8d44e031f1c309f67b4dbc  mnf8.2/RPMS/modutils-2.4.19-5mdk.i586.rpm
ba431d79d61432149d88b19f7edbdaf7  mnf8.2/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm
296ea31d1338fe4ca0c1eba4ff652376  mnf8.2/SRPMS/modutils-2.4.19-5mdk.src.rpm

9.2 amd64

 b20216a4273d7c261e08e0aa4c7411ce  amd64/9.2/RPMS/kernel-2.4.22.41mdk-1-1mdk.amd64.rpm
adf9ba1fdd2b3be5de83f327fe35d932  amd64/9.2/RPMS/kernel-secure-2.4.22.41mdk-1-1mdk.amd64.rpm
df3a1629ebbf44e8e57d5b6ba4c95149  amd64/9.2/RPMS/kernel-smp-2.4.22.41mdk-1-1mdk.amd64.rpm
17b4902f4d569c2f208fe4c455b20b6f  amd64/9.2/RPMS/kernel-source-2.4.22-41mdk.amd64.rpm
7a5a16618d1fb3c92a3b2c8abcb8f6e6  amd64/9.2/SRPMS/kernel-2.4.22.41mdk-1-1mdk.src.rpm

CS2.1 i586

 b6169281f854088c070fa44ec931958d  corporate/2.1/RPMS/kernel-2.4.19.48mdk-1-1mdk.i586.rpm
98dba27afd4cd5457d7f14159ed9ab5c  corporate/2.1/RPMS/kernel-enterprise-2.4.19.48mdk-1-1mdk.i586.rpm
889972abd61cb4c36ed1dcbb47b3f60e  corporate/2.1/RPMS/kernel-secure-2.4.19.48mdk-1-1mdk.i586.rpm
41ba99dbf81769dcb1ef6770a47de649  corporate/2.1/RPMS/kernel-smp-2.4.19.48mdk-1-1mdk.i586.rpm
6a16729a1b05c13884bd4922749c2ef3  corporate/2.1/RPMS/kernel-source-2.4.19-48mdk.i586.rpm
ba431d79d61432149d88b19f7edbdaf7  corporate/2.1/SRPMS/kernel-2.4.19.48mdk-1-1mdk.src.rpm

10.1 x86_64

 960b9e64607f387c5bcd4a437981a6fa  x86_64/10.1/RPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.x86_64.rpm
04b7bd7f2fe22aa39f023a0a962b0aad  x86_64/10.1/RPMS/kernel-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
6bb79b4942fcaf55f503bdcbbf22f0b5  x86_64/10.1/RPMS/kernel-secure-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
0d2340a40d9b712f0462f73297248700  x86_64/10.1/RPMS/kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk.x86_64.rpm
10c716e96824f09ed8db7d8f83729b90  x86_64/10.1/RPMS/kernel-smp-2.6.8.1.24mdk-1-1mdk.x86_64.rpm
7b963dda4b2be54640f9ca9413c07b53  x86_64/10.1/RPMS/kernel-source-2.4-2.4.28-0.rc1.5mdk.x86_64.rpm
75c6e3ff75915b3d300a2c8cec0f9431  x86_64/10.1/RPMS/kernel-source-2.6-2.6.8.1-24mdk.x86_64.rpm
796c7f2163d63e46e129fb165ea21e25  x86_64/10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-24mdk.x86_64.rpm
ac1ff7f73b6ff5ef0d848835aa439f5b  x86_64/10.1/SRPMS/kernel-2.4.28.0.rc1.5mdk-1-1mdk.src.rpm
7b0f95d89253bfab3456919d06e70039  x86_64/10.1/SRPMS/kernel-2.6.8.1.24mdk-1-1mdk.src.rpm

Referenzen