USN-319-2: Linux kernel vulnerability

19 July 2006

linux-source-2.6.10, linux-source-2.6.12 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.10
  • Ubuntu 5.04

Software Description

Details

USN-319-1 fixed a Linux kernel vulnerability in Ubuntu 6.06 LTS. This followup advisory provides the corresponding updates for Ubuntu 5.04 and 5.10.

For reference, these are the details of the original USN:

A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to execute arbitrary code with full root privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
linux-image-2.6.12-10-386 - 2.6.12-10.36
linux-image-2.6.12-10-686 - 2.6.12-10.36
linux-image-2.6.12-10-686-smp - 2.6.12-10.36
linux-image-2.6.12-10-amd64-generic - 2.6.12-10.36
linux-image-2.6.12-10-amd64-k8 - 2.6.12-10.36
linux-image-2.6.12-10-amd64-k8-smp - 2.6.12-10.36
linux-image-2.6.12-10-amd64-xeon - 2.6.12-10.36
linux-image-2.6.12-10-hppa32 - 2.6.12-10.36
linux-image-2.6.12-10-hppa32-smp - 2.6.12-10.36
linux-image-2.6.12-10-hppa64 - 2.6.12-10.36
linux-image-2.6.12-10-hppa64-smp - 2.6.12-10.36
linux-image-2.6.12-10-iseries-smp - 2.6.12-10.36
linux-image-2.6.12-10-itanium - 2.6.12-10.36
linux-image-2.6.12-10-itanium-smp - 2.6.12-10.36
linux-image-2.6.12-10-k7 - 2.6.12-10.36
linux-image-2.6.12-10-k7-smp - 2.6.12-10.36
linux-image-2.6.12-10-mckinley - 2.6.12-10.36
linux-image-2.6.12-10-mckinley-smp - 2.6.12-10.36
linux-image-2.6.12-10-powerpc - 2.6.12-10.36
linux-image-2.6.12-10-powerpc-smp - 2.6.12-10.36
linux-image-2.6.12-10-powerpc64-smp - 2.6.12-10.36
linux-image-2.6.12-10-sparc64 - 2.6.12-10.36
linux-image-2.6.12-10-sparc64-smp - 2.6.12-10.36
linux-patch-ubuntu-2.6.12 - 2.6.12-10.36
Ubuntu 5.04
linux-image-2.6.10-6-386 - 2.6.10-34.22
linux-image-2.6.10-6-686 - 2.6.10-34.22
linux-image-2.6.10-6-686-smp - 2.6.10-34.22
linux-image-2.6.10-6-amd64-generic - 2.6.10-34.22
linux-image-2.6.10-6-amd64-k8 - 2.6.10-34.22
linux-image-2.6.10-6-amd64-k8-smp - 2.6.10-34.22
linux-image-2.6.10-6-amd64-xeon - 2.6.10-34.22
linux-image-2.6.10-6-hppa32 - 2.6.10-34.22
linux-image-2.6.10-6-hppa32-smp - 2.6.10-34.22
linux-image-2.6.10-6-hppa64 - 2.6.10-34.22
linux-image-2.6.10-6-hppa64-smp - 2.6.10-34.22
linux-image-2.6.10-6-itanium - 2.6.10-34.22
linux-image-2.6.10-6-itanium-smp - 2.6.10-34.22
linux-image-2.6.10-6-k7 - 2.6.10-34.22
linux-image-2.6.10-6-k7-smp - 2.6.10-34.22
linux-image-2.6.10-6-mckinley - 2.6.10-34.22
linux-image-2.6.10-6-mckinley-smp - 2.6.10-34.22
linux-image-2.6.10-6-power3 - 2.6.10-34.22
linux-image-2.6.10-6-power3-smp - 2.6.10-34.22
linux-image-2.6.10-6-power4 - 2.6.10-34.22
linux-image-2.6.10-6-power4-smp - 2.6.10-34.22
linux-image-2.6.10-6-powerpc - 2.6.10-34.22
linux-image-2.6.10-6-powerpc-smp - 2.6.10-34.22
linux-image-2.6.10-6-sparc64 - 2.6.10-34.22
linux-image-2.6.10-6-sparc64-smp - 2.6.10-34.22
linux-patch-ubuntu-2.6.10 - 2.6.10-34.22

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

References