Package name
kernel
Date
2008-02-12
Advisory ID
MDVSA-2008:044
Affected versions
2008.0 i586 , 2008.0 x86_64

Problem description

The wait_task_stopped function in the Linux kernel before 2.6.23.8
checks a TASK_TRACED bit instead of an exit_state value, which
allows local users to cause a denial of service (machine crash) via
unspecified vectors. NOTE: some of these details are obtained from
third party information. (CVE-2007-5500)

The tcp_sacktag_write_queue function in the Linux kernel 2.6.21 through
2.6.23.7 allowed remote attackers to cause a denial of service (crash)
via crafted ACK responses that trigger a NULL pointer dereference
(CVE-2007-5501).

The do_corefump function in fs/exec.c in the Linux kernel prior to
2.6.24-rc3 did not change the UID of a core dump file if it exists
before a root process creates a core dump in the same location, which
could possibly allow local users to obtain sensitive information
(CVE-2007-6206).

VFS in the Linux kernel before 2.6.22.16 performed tests of access
mode by using the flag variable instead of the acc_mode variable,
which could possibly allow local users to bypass intended permissions
and remove directories (CVE-2008-0001).

The Linux kernel prior to 2.6.22.17, when using certain drivers
that register a fault handler that does not perform range checks,
allowed local users to access kernel memory via an out-of-range offset
(CVE-2008-0007).

A flaw in the vmsplice system call did not properly verify address
arguments passed by user-space processes, which allowed local
attackers to overwrite arbitrary kernel memory and gain root privileges
(CVE-2008-0600).

Mandriva urges all users to upgrade to these new kernels immediately
as the CVE-2008-0600 flaw is being actively exploited. This issue
only affects 2.6.17 and newer Linux kernels, so neither Corporate
3.0 nor Corporate 4.0 are affected.

Additionally, this kernel updates the version from 2.6.22.12 to
2.6.22.18 and fixes numerous other bugs, including:

- fix freeze when ejecting a cm40x0 PCMCIA card
- fix crash on unloading netrom
- fixes alsa-related sound issues on Dell XPS M1210 and M1330 models
- the HZ value was increased on the laptop kernel to increase
interactivity and reduce latency
- netfilter ipset, psd, and ifwlog support was re-enabled
- unionfs was reverted to a working 1.4 branch that is less buggy

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Updated packages

2008.0 i586

 7b5ceca8ce64708f377eeb71c0e10e23  2008.0/i586/kernel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 55a44ed6c80c19aefa92cb24c778151b  2008.0/i586/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 c90ef43a4399b90601f4ce83d000c912  2008.0/i586/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 ba4506fa31394301727cdec372dd11eb  2008.0/i586/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 9767bf67321d55a35472e47500cf9bef  2008.0/i586/kernel-desktop-latest-2.6.22.18-1mdv2008.0.i586.rpm
 eef0f77e0ce9097e04ff83d767d185cc  2008.0/i586/kernel-desktop586-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 6faffa5511ee8b5e91e741936dc8a454  2008.0/i586/kernel-desktop586-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 53e7bee334003b342a15132bed12023b  2008.0/i586/kernel-desktop586-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 394a534e170c43d1b55b6708a924f95d  2008.0/i586/kernel-desktop586-latest-2.6.22.18-1mdv2008.0.i586.rpm
 003f0d7e3b64edaac3ae3dede01e4e87  2008.0/i586/kernel-doc-2.6.22.18-1mdv2008.0.i586.rpm
 3410c9d62fb9f2364f159f519ddc9ef1  2008.0/i586/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 3a8426442dbb91d18c6684f4ef22efa8  2008.0/i586/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 958f4be00ad9df4466629774fa926887  2008.0/i586/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 7bb1033745587e8b9a5069b61c316c76  2008.0/i586/kernel-laptop-latest-2.6.22.18-1mdv2008.0.i586.rpm
 ebe2489f7f1357e246563fabea2401ae  2008.0/i586/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 a6be151dbc9c40b4e3ca181e64f76475  2008.0/i586/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 c70a9e6846d383ada63d65730d5bbf5a  2008.0/i586/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 3c80910bc870474990439b2a24a2ccf1  2008.0/i586/kernel-server-latest-2.6.22.18-1mdv2008.0.i586.rpm
 9be418acd2c39224c341f4c0fcd9c3ce  2008.0/i586/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 a616addeb5cf234668b26ccf4a4cc7bd  2008.0/i586/kernel-source-latest-2.6.22.18-1mdv2008.0.i586.rpm 
 d3419624d951fbdb358849a60639efbf  2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm

2008.0 x86_64

 a043c2596652edf905109924045103da  2008.0/x86_64/kernel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 f8921ac78c1acfc6bbd9b03a9676d315  2008.0/x86_64/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 61a39804f6460a7f087c6ae7695aacce  2008.0/x86_64/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 505d6b320b4f9feef2d40f1c8e537035  2008.0/x86_64/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 bb8a829cd780094992161f92d94bd2c8  2008.0/x86_64/kernel-desktop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 23bb1b9557c46cbc52770a20c8ba81b1  2008.0/x86_64/kernel-doc-2.6.22.18-1mdv2008.0.x86_64.rpm
 f7edfd597fc01cef7c0bfdf3bf0e7315  2008.0/x86_64/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 208f863d0cce2262ee099daa250605e2  2008.0/x86_64/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 cbe57c60ec79096f9f2b9ae3ebb26ab5  2008.0/x86_64/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 add09ce293fd8c7605c3b49c5990ab92  2008.0/x86_64/kernel-laptop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 b8125bfe9b765e8281e30a667a2c501c  2008.0/x86_64/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 dfaa2aedd25d8f9f91939c9e1e0247d6  2008.0/x86_64/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 cb703b65dd2b935737183562509130a6  2008.0/x86_64/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 27e6fd0a49b49952aa164be304a491b3  2008.0/x86_64/kernel-server-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 38644d73897d971d4bdca8e8a71ac962  2008.0/x86_64/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 f21aef3923cdd51c3444add2e97fc0d6  2008.0/x86_64/kernel-source-latest-2.6.22.18-1mdv2008.0.x86_64.rpm 
 d3419624d951fbdb358849a60639efbf  2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm

References