USN-819-1: Linux kernel vulnerability

19 August 2009

linux, linux-source-2.6.15 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Software Description

  • linux
  • linux-source-2.6.15

Details

Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly initialize certain socket operation function pointers. A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04
linux-image-2.6.28-15-generic - 2.6.28-15.49
linux-image-2.6.28-15-imx51 - 2.6.28-15.49
linux-image-2.6.28-15-iop32x - 2.6.28-15.49
linux-image-2.6.28-15-ixp4xx - 2.6.28-15.49
linux-image-2.6.28-15-lpia - 2.6.28-15.49
linux-image-2.6.28-15-server - 2.6.28-15.49
linux-image-2.6.28-15-versatile - 2.6.28-15.49
linux-image-2.6.28-15-virtual - 2.6.28-15.49
Ubuntu 8.10
linux-image-2.6.27-14-generic - 2.6.27-14.39
linux-image-2.6.27-14-server - 2.6.27-14.39
linux-image-2.6.27-14-virtual - 2.6.27-14.39
Ubuntu 8.04 LTS
linux-image-2.6.24-24-386 - 2.6.24-24.59
linux-image-2.6.24-24-generic - 2.6.24-24.59
linux-image-2.6.24-24-hppa32 - 2.6.24-24.59
linux-image-2.6.24-24-hppa64 - 2.6.24-24.59
linux-image-2.6.24-24-itanium - 2.6.24-24.59
linux-image-2.6.24-24-lpia - 2.6.24-24.59
linux-image-2.6.24-24-lpiacompat - 2.6.24-24.59
linux-image-2.6.24-24-mckinley - 2.6.24-24.59
linux-image-2.6.24-24-openvz - 2.6.24-24.59
linux-image-2.6.24-24-powerpc - 2.6.24-24.59
linux-image-2.6.24-24-powerpc-smp - 2.6.24-24.59
linux-image-2.6.24-24-powerpc64-smp - 2.6.24-24.59
linux-image-2.6.24-24-rt - 2.6.24-24.59
linux-image-2.6.24-24-server - 2.6.24-24.59
linux-image-2.6.24-24-sparc64 - 2.6.24-24.59
linux-image-2.6.24-24-sparc64-smp - 2.6.24-24.59
linux-image-2.6.24-24-virtual - 2.6.24-24.59
linux-image-2.6.24-24-xen - 2.6.24-24.59
Ubuntu 6.06 LTS
linux-image-2.6.15-54-386 - 2.6.15-54.79
linux-image-2.6.15-54-686 - 2.6.15-54.79
linux-image-2.6.15-54-amd64-generic - 2.6.15-54.79
linux-image-2.6.15-54-amd64-k8 - 2.6.15-54.79
linux-image-2.6.15-54-amd64-server - 2.6.15-54.79
linux-image-2.6.15-54-amd64-xeon - 2.6.15-54.79
linux-image-2.6.15-54-hppa32 - 2.6.15-54.79
linux-image-2.6.15-54-hppa32-smp - 2.6.15-54.79
linux-image-2.6.15-54-hppa64 - 2.6.15-54.79
linux-image-2.6.15-54-hppa64-smp - 2.6.15-54.79
linux-image-2.6.15-54-itanium - 2.6.15-54.79
linux-image-2.6.15-54-itanium-smp - 2.6.15-54.79
linux-image-2.6.15-54-k7 - 2.6.15-54.79
linux-image-2.6.15-54-mckinley - 2.6.15-54.79
linux-image-2.6.15-54-mckinley-smp - 2.6.15-54.79
linux-image-2.6.15-54-powerpc - 2.6.15-54.79
linux-image-2.6.15-54-powerpc-smp - 2.6.15-54.79
linux-image-2.6.15-54-powerpc64-smp - 2.6.15-54.79
linux-image-2.6.15-54-server - 2.6.15-54.79
linux-image-2.6.15-54-server-bigiron - 2.6.15-54.79
linux-image-2.6.15-54-sparc64 - 2.6.15-54.79
linux-image-2.6.15-54-sparc64-smp - 2.6.15-54.79

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

References