USN-250-1: Linux kernel vulnerability

15 February 2006

linux-source-2.6.12 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.10

Software Description

Details

Herbert Xu discovered a remote Denial of Service vulnerability in the ICMP packet handler. In some situations a memory allocation was released twice, which led to memory corruption. A remote attacker could exploit this to crash the machine.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
linux-image-2.6.12-10-386
linux-image-2.6.12-10-686
linux-image-2.6.12-10-686-smp
linux-image-2.6.12-10-amd64-generic
linux-image-2.6.12-10-amd64-k8
linux-image-2.6.12-10-amd64-k8-smp
linux-image-2.6.12-10-amd64-xeon
linux-image-2.6.12-10-iseries-smp
linux-image-2.6.12-10-itanium
linux-image-2.6.12-10-itanium-smp
linux-image-2.6.12-10-k7
linux-image-2.6.12-10-k7-smp
linux-image-2.6.12-10-mckinley
linux-image-2.6.12-10-mckinley-smp
linux-image-2.6.12-10-powerpc
linux-image-2.6.12-10-powerpc-smp
linux-image-2.6.12-10-powerpc64-smp
linux-patch-ubuntu-2.6.12

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References