USN-618-1: Linux kernel vulnerabilities

19 June 2008

linux-source-2.6.15/20/22 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.06 LTS

Software Description

  • linux-backports-modules-2.6.22
  • linux-restricted-modules-2.6.22
  • linux-source-2.6.22
  • linux-ubuntu-modules-2.6.22
  • linux-backports-modules-2.6.20
  • linux-restricted-modules-2.6.20
  • linux-source-2.6.20
  • linux-backports-modules-2.6.15
  • linux-restricted-modules-2.6.15
  • linux-source-2.6.15

Details

It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. (CVE-2007-4571)

Multiple buffer overflows were discovered in the handling of CIFS filesystems. A malicious CIFS server could cause a client system crash or possibly execute arbitrary code with kernel privileges. (CVE-2007-5904)

It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. (CVE-2007-6694)

It was discovered that some device driver fault handlers did not correctly verify memory ranges. A local attacker could exploit this to access sensitive kernel memory, possibly leading to a loss of privacy. (CVE-2008-0007)

It was discovered that CPU resource limits could be bypassed. A malicious local user could exploit this to avoid administratively imposed resource limits. (CVE-2008-1294)

A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. (CVE-2008-1375)

On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. (CVE-2008-1669)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.10
linux-image-2.6.22-15-386 - 2.6.22-15.54
linux-image-2.6.22-15-cell - 2.6.22-15.54
linux-image-2.6.22-15-generic - 2.6.22-15.54
linux-image-2.6.22-15-hppa32 - 2.6.22-15.54
linux-image-2.6.22-15-hppa64 - 2.6.22-15.54
linux-image-2.6.22-15-itanium - 2.6.22-15.54
linux-image-2.6.22-15-lpia - 2.6.22-15.54
linux-image-2.6.22-15-lpiacompat - 2.6.22-15.54
linux-image-2.6.22-15-mckinley - 2.6.22-15.54
linux-image-2.6.22-15-powerpc - 2.6.22-15.54
linux-image-2.6.22-15-powerpc-smp - 2.6.22-15.54
linux-image-2.6.22-15-powerpc64-smp - 2.6.22-15.54
linux-image-2.6.22-15-rt - 2.6.22-15.54
linux-image-2.6.22-15-server - 2.6.22-15.54
linux-image-2.6.22-15-sparc64 - 2.6.22-15.54
linux-image-2.6.22-15-sparc64-smp - 2.6.22-15.54
linux-image-2.6.22-15-ume - 2.6.22-15.54
linux-image-2.6.22-15-virtual - 2.6.22-15.54
linux-image-2.6.22-15-xen - 2.6.22-15.54
Ubuntu 7.04
linux-image-2.6.20-17-386 - 2.6.20-17.36
linux-image-2.6.20-17-generic - 2.6.20-17.36
linux-image-2.6.20-17-hppa32 - 2.6.20-17.36
linux-image-2.6.20-17-hppa64 - 2.6.20-17.36
linux-image-2.6.20-17-itanium - 2.6.20-17.36
linux-image-2.6.20-17-lowlatency - 2.6.20-17.36
linux-image-2.6.20-17-mckinley - 2.6.20-17.36
linux-image-2.6.20-17-powerpc - 2.6.20-17.36
linux-image-2.6.20-17-powerpc-smp - 2.6.20-17.36
linux-image-2.6.20-17-powerpc64-smp - 2.6.20-17.36
linux-image-2.6.20-17-server - 2.6.20-17.36
linux-image-2.6.20-17-server-bigiron - 2.6.20-17.36
linux-image-2.6.20-17-sparc64 - 2.6.20-17.36
linux-image-2.6.20-17-sparc64-smp - 2.6.20-17.36
Ubuntu 6.06 LTS
linux-image-2.6.15-52-386 - 2.6.15-52.67
linux-image-2.6.15-52-686 - 2.6.15-52.67
linux-image-2.6.15-52-amd64-generic - 2.6.15-52.67
linux-image-2.6.15-52-amd64-k8 - 2.6.15-52.67
linux-image-2.6.15-52-amd64-server - 2.6.15-52.67
linux-image-2.6.15-52-amd64-xeon - 2.6.15-52.67
linux-image-2.6.15-52-hppa32 - 2.6.15-52.67
linux-image-2.6.15-52-hppa32-smp - 2.6.15-52.67
linux-image-2.6.15-52-hppa64 - 2.6.15-52.67
linux-image-2.6.15-52-hppa64-smp - 2.6.15-52.67
linux-image-2.6.15-52-itanium - 2.6.15-52.67
linux-image-2.6.15-52-itanium-smp - 2.6.15-52.67
linux-image-2.6.15-52-k7 - 2.6.15-52.67
linux-image-2.6.15-52-mckinley - 2.6.15-52.67
linux-image-2.6.15-52-mckinley-smp - 2.6.15-52.67
linux-image-2.6.15-52-powerpc - 2.6.15-52.67
linux-image-2.6.15-52-powerpc-smp - 2.6.15-52.67
linux-image-2.6.15-52-powerpc64-smp - 2.6.15-52.67
linux-image-2.6.15-52-server - 2.6.15-52.67
linux-image-2.6.15-52-server-bigiron - 2.6.15-52.67
linux-image-2.6.15-52-sparc64 - 2.6.15-52.67
linux-image-2.6.15-52-sparc64-smp - 2.6.15-52.67

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well.

References