USN-914-1: Linux kernel vulnerabilities

17 March 2010

linux, linux-source-2.6.15 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Software Description

  • linux
  • linux-ec2
  • linux-fsl-imx51
  • linux-mvl-dove
  • linux-source-2.6.15

Details

Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. (CVE-2010-0307)

Marcelo Tosatti discovered that the Linux kernel’s hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. (CVE-2010-0309)

Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. (CVE-2010-0410)

Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. (CVE-2010-0415)

Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2010-0622, CVE-2010-0623)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10
linux-image-2.6.31-109-imx51 - 2.6.31-109.25
linux-image-2.6.31-20-386 - 2.6.31-20.58
linux-image-2.6.31-20-generic - 2.6.31-20.58
linux-image-2.6.31-20-generic-pae - 2.6.31-20.58
linux-image-2.6.31-20-ia64 - 2.6.31-20.58
linux-image-2.6.31-20-lpia - 2.6.31-20.58
linux-image-2.6.31-20-powerpc - 2.6.31-20.58
linux-image-2.6.31-20-powerpc-smp - 2.6.31-20.58
linux-image-2.6.31-20-powerpc64-smp - 2.6.31-20.58
linux-image-2.6.31-20-server - 2.6.31-20.58
linux-image-2.6.31-20-sparc64 - 2.6.31-20.58
linux-image-2.6.31-20-sparc64-smp - 2.6.31-20.58
linux-image-2.6.31-20-virtual - 2.6.31-20.58
linux-image-2.6.31-212-dove - 2.6.31-212.26
linux-image-2.6.31-212-dove-z0 - 2.6.31-212.26
linux-image-2.6.31-305-ec2 - 2.6.31-305.13
Ubuntu 9.04
linux-image-2.6.28-18-generic - 2.6.28-18.60
linux-image-2.6.28-18-imx51 - 2.6.28-18.60
linux-image-2.6.28-18-iop32x - 2.6.28-18.60
linux-image-2.6.28-18-ixp4xx - 2.6.28-18.60
linux-image-2.6.28-18-lpia - 2.6.28-18.60
linux-image-2.6.28-18-server - 2.6.28-18.60
linux-image-2.6.28-18-versatile - 2.6.28-18.60
linux-image-2.6.28-18-virtual - 2.6.28-18.60
Ubuntu 8.10
linux-image-2.6.27-17-generic - 2.6.27-17.46
linux-image-2.6.27-17-server - 2.6.27-17.46
linux-image-2.6.27-17-virtual - 2.6.27-17.46
Ubuntu 8.04 LTS
linux-image-2.6.24-27-386 - 2.6.24-27.68
linux-image-2.6.24-27-generic - 2.6.24-27.68
linux-image-2.6.24-27-hppa32 - 2.6.24-27.68
linux-image-2.6.24-27-hppa64 - 2.6.24-27.68
linux-image-2.6.24-27-itanium - 2.6.24-27.68
linux-image-2.6.24-27-lpia - 2.6.24-27.68
linux-image-2.6.24-27-lpiacompat - 2.6.24-27.68
linux-image-2.6.24-27-mckinley - 2.6.24-27.68
linux-image-2.6.24-27-openvz - 2.6.24-27.68
linux-image-2.6.24-27-powerpc - 2.6.24-27.68
linux-image-2.6.24-27-powerpc-smp - 2.6.24-27.68
linux-image-2.6.24-27-powerpc64-smp - 2.6.24-27.68
linux-image-2.6.24-27-rt - 2.6.24-27.68
linux-image-2.6.24-27-server - 2.6.24-27.68
linux-image-2.6.24-27-sparc64 - 2.6.24-27.68
linux-image-2.6.24-27-sparc64-smp - 2.6.24-27.68
linux-image-2.6.24-27-virtual - 2.6.24-27.68
linux-image-2.6.24-27-xen - 2.6.24-27.68
Ubuntu 6.06 LTS
linux-image-2.6.15-55-386 - 2.6.15-55.83
linux-image-2.6.15-55-686 - 2.6.15-55.83
linux-image-2.6.15-55-amd64-generic - 2.6.15-55.83
linux-image-2.6.15-55-amd64-k8 - 2.6.15-55.83
linux-image-2.6.15-55-amd64-server - 2.6.15-55.83
linux-image-2.6.15-55-amd64-xeon - 2.6.15-55.83
linux-image-2.6.15-55-hppa32 - 2.6.15-55.83
linux-image-2.6.15-55-hppa32-smp - 2.6.15-55.83
linux-image-2.6.15-55-hppa64 - 2.6.15-55.83
linux-image-2.6.15-55-hppa64-smp - 2.6.15-55.83
linux-image-2.6.15-55-itanium - 2.6.15-55.83
linux-image-2.6.15-55-itanium-smp - 2.6.15-55.83
linux-image-2.6.15-55-k7 - 2.6.15-55.83
linux-image-2.6.15-55-mckinley - 2.6.15-55.83
linux-image-2.6.15-55-mckinley-smp - 2.6.15-55.83
linux-image-2.6.15-55-powerpc - 2.6.15-55.83
linux-image-2.6.15-55-powerpc-smp - 2.6.15-55.83
linux-image-2.6.15-55-powerpc64-smp - 2.6.15-55.83
linux-image-2.6.15-55-server - 2.6.15-55.83
linux-image-2.6.15-55-server-bigiron - 2.6.15-55.83
linux-image-2.6.15-55-sparc64 - 2.6.15-55.83
linux-image-2.6.15-55-sparc64-smp - 2.6.15-55.83

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

References