what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.060

Mandriva Linux Security Advisory 2007.060
Posted Mar 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Many vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms would allow a local user to cause a DoS (crash) via a malformed ELF file. The mincore function in the Linux kernel did not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. An unspecified vulnerability in the listxattr system call, when a "bad inode" is present, could allow a local user to cause a DoS (data corruption) and possibly gain privileges via unknown vectors. The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption. The ext3fs_dirhash function could allow local users to cause a DoS (crash) via an ext3 stream with malformed data structures. When SELinux hooks are enabled, the kernel could allow a local user to cause a DoS (crash) via a malformed file stream that triggers a NULL pointer derefernece. The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference. The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that triggered a free of an incorrect pointer. A local user could read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump; a variant of CVE-2004-1073.

tags | advisory, remote, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2006-4538, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6056, CVE-2007-0006, CVE-2007-0772, CVE-2007-0958
SHA-256 | 7c7b3b5bbbacea086cb15820a0722f0763fd7ad9e6731f41b9a2f1adff516926

Mandriva Linux Security Advisory 2007.060

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:060
http://www.mandriva.com/security/
_______________________________________________________________________

Package : kernel
Date : March 9, 2007
Affected: 2006.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Some vulnerabilities were discovered and corrected in the Linux 2.6
kernel:

The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms
would allow a local user to cause a DoS (crash) via a malformed ELF file
(CVE-2006-4538).

The mincore function in the Linux kernel did not properly lock access to
user space, which has unspecified impact and attack vectors, possibly
related to a deadlock (CVE-2006-4814).

An unspecified vulnerability in the listxattr system call, when a "bad
inode" is present, could allow a local user to cause a DoS (data
corruption) and possibly gain privileges via unknown vectors
(CVE-2006-5753).

The zlib_inflate function allows local users to cause a crash via a
malformed filesystem that uses zlib compression that triggers memory
corruption (CVE-2006-5823).

The ext3fs_dirhash function could allow local users to cause a DoS
(crash) via an ext3 stream with malformed data structures
(CVE-2006-6053).

When SELinux hooks are enabled, the kernel could allow a local user to
cause a DoS (crash) via a malformed file stream that triggers a NULL
pointer derefernece (CVE-2006-6056).

The key serial number collision avoidance code in the key_alloc_serial
function in kernels 2.6.9 up to 2.6.20 allows local users to cause a
crash via vectors thatr trigger a null dereference (CVE-2007-0006).

The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker
to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that
triggered a free of an incorrect pointer (CVE-2007-0772).

A local user could read unreadable binaries by using the interpreter
(PT_INTERP) functionality and triggering a core dump; a variant of
CVE-2004-1073 (CVE-2007-0958).

The provided packages are patched to fix these vulnerabilities. All
users are encouraged to upgrade to these updated kernels immediately
and reboot to effect the fixes.

In addition to these security fixes, other fixes have been included
such as:

- add PCI IDs for cciss driver (HP ML370G5 / DL360G5)
- fixed a mssive SCSI reset on megasas (Dell PE2960)
- increased port-reset completion delay for HP controllers (HP ML350)
- NUMA rnage fixes for x86_64
- various netfilter fixes

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0958
http://qa.mandriva.com/show_bug.cgi?id=28461
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
b7c0334ecb73bb3b14173ef4dcdfa51b 2006.0/i586/kernel-2.6.12.31mdk-1-1mdk.i586.rpm
8307e34d54134ab5cb41833d1b9d7742 2006.0/i586/kernel-BOOT-2.6.12.31mdk-1-1mdk.i586.rpm
d329fdf03e99dfa15b08bb7c2791ed37 2006.0/i586/kernel-doc-2.6.12.31mdk-1-1mdk.i586.rpm
3cf6a4198f43493932ea8251d4ee82dc 2006.0/i586/kernel-i586-up-1GB-2.6.12.31mdk-1-1mdk.i586.rpm
c03817495740a0e9b1420f0991baf47f 2006.0/i586/kernel-i686-up-4GB-2.6.12.31mdk-1-1mdk.i586.rpm
3e96d0ad0b5637d62db5233ca2df7d47 2006.0/i586/kernel-smp-2.6.12.31mdk-1-1mdk.i586.rpm
65e1e7c5c155045d52474444870b13d3 2006.0/i586/kernel-source-2.6.12.31mdk-1-1mdk.i586.rpm
9b62d79a9503c6f0db71166409c48c39 2006.0/i586/kernel-source-stripped-2.6.12.31mdk-1-1mdk.i586.rpm
553faeda754e6007c592aa5ba5c48ea0 2006.0/i586/kernel-xbox-2.6.12.31mdk-1-1mdk.i586.rpm
4ee72a08f25d24ee409fdab7c8ec4f17 2006.0/i586/kernel-xen0-2.6.12.31mdk-1-1mdk.i586.rpm
53304c8f505a4cbac0ac9a2ff01b379b 2006.0/i586/kernel-xenU-2.6.12.31mdk-1-1mdk.i586.rpm
d7a287562aed00fbc8167aa55bbb3bb9 2006.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
08d9bfee92615f6bd8b3f71b2756fdaf 2006.0/x86_64/kernel-2.6.12.31mdk-1-1mdk.x86_64.rpm
a750f3e67d9a0d6b07711e08f22e647b 2006.0/x86_64/kernel-BOOT-2.6.12.31mdk-1-1mdk.x86_64.rpm
20196c168b6bc40f5bebd3ea2c5c82f6 2006.0/x86_64/kernel-doc-2.6.12.31mdk-1-1mdk.x86_64.rpm
d65bd5fd54715215d957d2fa412cbe79 2006.0/x86_64/kernel-smp-2.6.12.31mdk-1-1mdk.x86_64.rpm
164d4bb97970b852c88a872a70240e55 2006.0/x86_64/kernel-source-2.6.12.31mdk-1-1mdk.x86_64.rpm
af11e7ddade582c262d9281c965c25d8 2006.0/x86_64/kernel-source-stripped-2.6.12.31mdk-1-1mdk.x86_64.rpm
53cdf75192bc3a626ad68f9dfd90769d 2006.0/x86_64/kernel-xen0-2.6.12.31mdk-1-1mdk.x86_64.rpm
c9299e6bf5fc41af71fbd03ebd80b151 2006.0/x86_64/kernel-xenU-2.6.12.31mdk-1-1mdk.x86_64.rpm
d7a287562aed00fbc8167aa55bbb3bb9 2006.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm

Corporate 4.0:
71a9ce7e6ad36f939ae4585a5446e2ce corporate/4.0/i586/kernel-2.6.12.31mdk-1-1mdk.i586.rpm
b3682d92693d4d7481540b2412128ee3 corporate/4.0/i586/kernel-BOOT-2.6.12.31mdk-1-1mdk.i586.rpm
375a99017c6032af0fbf53c6e2ac0f9e corporate/4.0/i586/kernel-doc-2.6.12.31mdk-1-1mdk.i586.rpm
7ef9e2dce86995c5054f0f81587bae14 corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.31mdk-1-1mdk.i586.rpm
8e4861bfc6150a73f331010b242505f5 corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.31mdk-1-1mdk.i586.rpm
fc5b1a7d5b45e9b6f94d1b75a2b252cd corporate/4.0/i586/kernel-smp-2.6.12.31mdk-1-1mdk.i586.rpm
f616f5a779f3be6febf27506deea96ca corporate/4.0/i586/kernel-source-2.6.12.31mdk-1-1mdk.i586.rpm
2bc31f06ab60d5f5c09b522ba275c35e corporate/4.0/i586/kernel-source-stripped-2.6.12.31mdk-1-1mdk.i586.rpm
c450285103a7742c8505cce505b6cb30 corporate/4.0/i586/kernel-xbox-2.6.12.31mdk-1-1mdk.i586.rpm
16b35579daacc6bef494c140e0332910 corporate/4.0/i586/kernel-xen0-2.6.12.31mdk-1-1mdk.i586.rpm
957962b563ad39490ac49ee1f328d2d3 corporate/4.0/i586/kernel-xenU-2.6.12.31mdk-1-1mdk.i586.rpm
20b9766dbaf813ba017fe3884771a80b corporate/4.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm

Corporate 4.0/X86_64:
8bdd8e4d2d3ab03ff666b7588ec011f6 corporate/4.0/x86_64/kernel-2.6.12.31mdk-1-1mdk.x86_64.rpm
7e3081d6804343fcc51a2ce06836081e corporate/4.0/x86_64/kernel-BOOT-2.6.12.31mdk-1-1mdk.x86_64.rpm
bb6a57a5ad26361394ff00db94f8f5e3 corporate/4.0/x86_64/kernel-doc-2.6.12.31mdk-1-1mdk.x86_64.rpm
9aae4c3ce22091d4ca787a41a11231ff corporate/4.0/x86_64/kernel-smp-2.6.12.31mdk-1-1mdk.x86_64.rpm
8ce06bd6a4144757828d29d83a690827 corporate/4.0/x86_64/kernel-source-2.6.12.31mdk-1-1mdk.x86_64.rpm
70757f12ac8d99d5881a4c6becbd2503 corporate/4.0/x86_64/kernel-source-stripped-2.6.12.31mdk-1-1mdk.x86_64.rpm
d3e1f96967bf0a5351d51ede84f078ca corporate/4.0/x86_64/kernel-xen0-2.6.12.31mdk-1-1mdk.x86_64.rpm
6931563b47316f8572f0cd4cb0ebd3e1 corporate/4.0/x86_64/kernel-xenU-2.6.12.31mdk-1-1mdk.x86_64.rpm
20b9766dbaf813ba017fe3884771a80b corporate/4.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFF8au7mqjQ0CJFipgRArTBAKDukKs7sy+BJQ95allpfw6AUlK/agCfe7/+
p50xjYsjtFTmTpvYPbuST5I=
=5dq1
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close