USN-347-1: Linux kernel vulnerabilities

19 September 2006

linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 6.06 LTS
  • Ubuntu 5.10
  • Ubuntu 5.04

Software Description

Details

Sridhar Samudrala discovered a local Denial of Service vulnerability in the handling of SCTP sockets. By opening such a socket with a special SO_LINGER value, a local attacker could exploit this to crash the kernel. (CVE-2006-4535)

Kirill Korotaev discovered that the ELF loader on the ia64 and sparc platforms did not sufficiently verify the memory layout. By attempting to execute a specially crafted executable, a local user could exploit this to crash the kernel. (CVE-2006-4538)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.06 LTS
linux-image-2.6.15-27-386 - 2.6.15-27.48
linux-image-2.6.15-27-686 - 2.6.15-27.48
linux-image-2.6.15-27-amd64-generic - 2.6.15-27.48
linux-image-2.6.15-27-amd64-k8 - 2.6.15-27.48
linux-image-2.6.15-27-amd64-server - 2.6.15-27.48
linux-image-2.6.15-27-amd64-xeon - 2.6.15-27.48
linux-image-2.6.15-27-hppa32 - 2.6.15-27.48
linux-image-2.6.15-27-hppa32-smp - 2.6.15-27.48
linux-image-2.6.15-27-hppa64 - 2.6.15-27.48
linux-image-2.6.15-27-hppa64-smp - 2.6.15-27.48
linux-image-2.6.15-27-itanium - 2.6.15-27.48
linux-image-2.6.15-27-itanium-smp - 2.6.15-27.48
linux-image-2.6.15-27-k7 - 2.6.15-27.48
linux-image-2.6.15-27-mckinley - 2.6.15-27.48
linux-image-2.6.15-27-mckinley-smp - 2.6.15-27.48
linux-image-2.6.15-27-powerpc - 2.6.15-27.48
linux-image-2.6.15-27-powerpc-smp - 2.6.15-27.48
linux-image-2.6.15-27-powerpc64-smp - 2.6.15-27.48
linux-image-2.6.15-27-server - 2.6.15-27.48
linux-image-2.6.15-27-server-bigiron - 2.6.15-27.48
linux-image-2.6.15-27-sparc64 - 2.6.15-27.48
linux-image-2.6.15-27-sparc64-smp - 2.6.15-27.48
linux-source-2.6.15 - 2.6.15-27.48
Ubuntu 5.10
linux-image-2.6.12-10-386 - 2.6.12-10.40
linux-image-2.6.12-10-686 - 2.6.12-10.40
linux-image-2.6.12-10-686-smp - 2.6.12-10.40
linux-image-2.6.12-10-amd64-generic - 2.6.12-10.40
linux-image-2.6.12-10-amd64-k8 - 2.6.12-10.40
linux-image-2.6.12-10-amd64-k8-smp - 2.6.12-10.40
linux-image-2.6.12-10-amd64-xeon - 2.6.12-10.40
linux-image-2.6.12-10-hppa32 - 2.6.12-10.40
linux-image-2.6.12-10-hppa32-smp - 2.6.12-10.40
linux-image-2.6.12-10-hppa64 - 2.6.12-10.40
linux-image-2.6.12-10-hppa64-smp - 2.6.12-10.40
linux-image-2.6.12-10-iseries-smp - 2.6.12-10.40
linux-image-2.6.12-10-itanium - 2.6.12-10.40
linux-image-2.6.12-10-itanium-smp - 2.6.12-10.40
linux-image-2.6.12-10-k7 - 2.6.12-10.40
linux-image-2.6.12-10-k7-smp - 2.6.12-10.40
linux-image-2.6.12-10-mckinley - 2.6.12-10.40
linux-image-2.6.12-10-mckinley-smp - 2.6.12-10.40
linux-image-2.6.12-10-powerpc - 2.6.12-10.40
linux-image-2.6.12-10-powerpc-smp - 2.6.12-10.40
linux-image-2.6.12-10-powerpc64-smp - 2.6.12-10.40
linux-image-2.6.12-10-sparc64 - 2.6.12-10.40
linux-image-2.6.12-10-sparc64-smp - 2.6.12-10.40
linux-patch-ubuntu-2.6.12 - 2.6.12-10.40
Ubuntu 5.04
linux-image-2.6.10-6-386 - 2.6.10-34.24
linux-image-2.6.10-6-686 - 2.6.10-34.24
linux-image-2.6.10-6-686-smp - 2.6.10-34.24
linux-image-2.6.10-6-amd64-generic - 2.6.10-34.24
linux-image-2.6.10-6-amd64-k8 - 2.6.10-34.24
linux-image-2.6.10-6-amd64-k8-smp - 2.6.10-34.24
linux-image-2.6.10-6-amd64-xeon - 2.6.10-34.24
linux-image-2.6.10-6-hppa32 - 2.6.10-34.24
linux-image-2.6.10-6-hppa32-smp - 2.6.10-34.24
linux-image-2.6.10-6-hppa64 - 2.6.10-34.24
linux-image-2.6.10-6-hppa64-smp - 2.6.10-34.24
linux-image-2.6.10-6-itanium - 2.6.10-34.24
linux-image-2.6.10-6-itanium-smp - 2.6.10-34.24
linux-image-2.6.10-6-k7 - 2.6.10-34.24
linux-image-2.6.10-6-k7-smp - 2.6.10-34.24
linux-image-2.6.10-6-mckinley - 2.6.10-34.24
linux-image-2.6.10-6-mckinley-smp - 2.6.10-34.24
linux-image-2.6.10-6-power3 - 2.6.10-34.24
linux-image-2.6.10-6-power3-smp - 2.6.10-34.24
linux-image-2.6.10-6-power4 - 2.6.10-34.24
linux-image-2.6.10-6-power4-smp - 2.6.10-34.24
linux-image-2.6.10-6-powerpc - 2.6.10-34.24
linux-image-2.6.10-6-powerpc-smp - 2.6.10-34.24
linux-image-2.6.10-6-sparc64 - 2.6.10-34.24
linux-image-2.6.10-6-sparc64-smp - 2.6.10-34.24
linux-patch-ubuntu-2.6.10 - 2.6.10-34.24

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the Ubuntu 6.06 kernel update has been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well.

References