MDVSA-2008:086

Package name

kernel

Date

2008-04-15

Advisory ID

MDVSA-2008:086

Affected versions

CS4.0 x86_64 , CS4.0 i586

Problem description

The isdn_ioctl function in isdn_common.c in the Linux kernel prior to
2.6.23 allows local users to cause a denial of service via a crafted
ioctl struct in which iocts is not null terminated, which trigger a
buffer overflow (CVE-2007-6151).

The do_corefump function in fs/exec.c in the Linux kernel prior to
2.6.24-rc3 did not change the UID of a core dump file if it exists
before a root process creates a core dump in the same location, which
could possibly allow local users to obtain sensitive information
(CVE-2007-6206).

The shmem_getpage function in mm/shmem.c in the Linux kernel versions
2.6.11 through 2.6.23 did not properly clear allocated memory in
certain rare circumstances related to tmps, which could possibly
allow local users to read sensitive kernel data or cause a crash
(CVE-2007-6417).

Additionally, this kernel provides a fix for megaraid_sas and updates
it to version 3.13, updates mptsas to version 3.12.19, and updates
e1000-ng to version 7.6.12, as well as adds igb version 1.0.8.

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Updated packages

CS4.0 x86_64

 371f8a2b038bbe058dea1666b3b186da  corporate/4.0/x86_64/kernel-2.6.12.34mdk-1-1mdk.x86_64.rpm
 c7c9bfe79048fb2f94ca600ddd2da911  corporate/4.0/x86_64/kernel-BOOT-2.6.12.34mdk-1-1mdk.x86_64.rpm
 a27a0da5b9e28ce0193a83a75e6e73c8  corporate/4.0/x86_64/kernel-doc-2.6.12.34mdk-1-1mdk.x86_64.rpm
 7615a2c0aee3363886f159f4bfc5f538  corporate/4.0/x86_64/kernel-smp-2.6.12.34mdk-1-1mdk.x86_64.rpm
 0e896d19f066f836fcfb7dd470522d0c  corporate/4.0/x86_64/kernel-source-2.6.12.34mdk-1-1mdk.x86_64.rpm
 b09194d6e8a07b1ae836be6335808464  corporate/4.0/x86_64/kernel-source-stripped-2.6.12.34mdk-1-1mdk.x86_64.rpm
 6845355d4579b2f2933935c88567981b  corporate/4.0/x86_64/kernel-xen0-2.6.12.34mdk-1-1mdk.x86_64.rpm
 f0e8c8777c6da9db4dbea6de1b0fc920  corporate/4.0/x86_64/kernel-xenU-2.6.12.34mdk-1-1mdk.x86_64.rpm 
 5137cdde7b33a50562d783ee93bfa608  corporate/4.0/SRPMS/kernel-2.6.12.34mdk-1-1mdk.src.rpm

CS4.0 i586

 4ecd928352ae1a0e37af030841e1daca  corporate/4.0/i586/kernel-2.6.12.34mdk-1-1mdk.i586.rpm
 e25d7be22e3e194dd1f50409d0e71b90  corporate/4.0/i586/kernel-BOOT-2.6.12.34mdk-1-1mdk.i586.rpm
 e42a62385fd608bf8d9b3ec62d6684e8  corporate/4.0/i586/kernel-doc-2.6.12.34mdk-1-1mdk.i586.rpm
 0522dc2efc14a6fb456bed196e5ef87e  corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.34mdk-1-1mdk.i586.rpm
 723df91e8a94e9e4654a30875fe9de94  corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.34mdk-1-1mdk.i586.rpm
 b276ba8700f7e611bfdf02b3b26c4796  corporate/4.0/i586/kernel-smp-2.6.12.34mdk-1-1mdk.i586.rpm
 0a369c5c6e085596c2fa579074e0eed0  corporate/4.0/i586/kernel-source-2.6.12.34mdk-1-1mdk.i586.rpm
 53e34bb761dbf927ec911248aee1f23b  corporate/4.0/i586/kernel-source-stripped-2.6.12.34mdk-1-1mdk.i586.rpm
 c10f59cf9d289f0e9e8cdeb4e7fb3f0e  corporate/4.0/i586/kernel-xbox-2.6.12.34mdk-1-1mdk.i586.rpm
 90a86dd0e5fb9d62edd9682f5a86f978  corporate/4.0/i586/kernel-xen0-2.6.12.34mdk-1-1mdk.i586.rpm
 af3beaab8bf06f0beef21158e5d6878e  corporate/4.0/i586/kernel-xenU-2.6.12.34mdk-1-1mdk.i586.rpm 
 5137cdde7b33a50562d783ee93bfa608  corporate/4.0/SRPMS/kernel-2.6.12.34mdk-1-1mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6417
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151