USN-914-1: Linux kernel vulnerabilities
17 March 2010
linux, linux-source-2.6.15 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 9.10
- Ubuntu 9.04
- Ubuntu 8.10
- Ubuntu 8.04 LTS
- Ubuntu 6.06 LTS
Software Description
- linux
- linux-ec2
- linux-fsl-imx51
- linux-mvl-dove
- linux-source-2.6.15
Details
Mathias Krause discovered that the Linux kernel did not correctly handle missing ELF interpreters. A local attacker could exploit this to cause the system to crash, leading to a denial of service. (CVE-2010-0307)
Marcelo Tosatti discovered that the Linux kernel’s hardware virtualization did not correctly handle reading the /dev/port special device. A local attacker in a guest operating system could issue a specific read that would cause the host system to crash, leading to a denial of service. (CVE-2010-0309)
Sebastian Krahmer discovered that the Linux kernel did not correctly handle netlink connector messages. A local attacker could exploit this to consume kernel memory, leading to a denial of service. (CVE-2010-0410)
Ramon de Carvalho Valle discovered that the Linux kernel did not correctly validate certain memory migration calls. A local attacker could exploit this to read arbitrary kernel memory or cause a system crash, leading to a denial of service. (CVE-2010-0415)
Jermome Marchand and Mikael Pettersson discovered that the Linux kernel did not correctly handle certain futex operations. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2010-0622, CVE-2010-0623)
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 9.10
- linux-image-2.6.31-109-imx51 - 2.6.31-109.25
- linux-image-2.6.31-20-386 - 2.6.31-20.58
- linux-image-2.6.31-20-generic - 2.6.31-20.58
- linux-image-2.6.31-20-generic-pae - 2.6.31-20.58
- linux-image-2.6.31-20-ia64 - 2.6.31-20.58
- linux-image-2.6.31-20-lpia - 2.6.31-20.58
- linux-image-2.6.31-20-powerpc - 2.6.31-20.58
- linux-image-2.6.31-20-powerpc-smp - 2.6.31-20.58
- linux-image-2.6.31-20-powerpc64-smp - 2.6.31-20.58
- linux-image-2.6.31-20-server - 2.6.31-20.58
- linux-image-2.6.31-20-sparc64 - 2.6.31-20.58
- linux-image-2.6.31-20-sparc64-smp - 2.6.31-20.58
- linux-image-2.6.31-20-virtual - 2.6.31-20.58
- linux-image-2.6.31-212-dove - 2.6.31-212.26
- linux-image-2.6.31-212-dove-z0 - 2.6.31-212.26
- linux-image-2.6.31-305-ec2 - 2.6.31-305.13
- Ubuntu 9.04
- linux-image-2.6.28-18-generic - 2.6.28-18.60
- linux-image-2.6.28-18-imx51 - 2.6.28-18.60
- linux-image-2.6.28-18-iop32x - 2.6.28-18.60
- linux-image-2.6.28-18-ixp4xx - 2.6.28-18.60
- linux-image-2.6.28-18-lpia - 2.6.28-18.60
- linux-image-2.6.28-18-server - 2.6.28-18.60
- linux-image-2.6.28-18-versatile - 2.6.28-18.60
- linux-image-2.6.28-18-virtual - 2.6.28-18.60
- Ubuntu 8.10
- linux-image-2.6.27-17-generic - 2.6.27-17.46
- linux-image-2.6.27-17-server - 2.6.27-17.46
- linux-image-2.6.27-17-virtual - 2.6.27-17.46
- Ubuntu 8.04 LTS
- linux-image-2.6.24-27-386 - 2.6.24-27.68
- linux-image-2.6.24-27-generic - 2.6.24-27.68
- linux-image-2.6.24-27-hppa32 - 2.6.24-27.68
- linux-image-2.6.24-27-hppa64 - 2.6.24-27.68
- linux-image-2.6.24-27-itanium - 2.6.24-27.68
- linux-image-2.6.24-27-lpia - 2.6.24-27.68
- linux-image-2.6.24-27-lpiacompat - 2.6.24-27.68
- linux-image-2.6.24-27-mckinley - 2.6.24-27.68
- linux-image-2.6.24-27-openvz - 2.6.24-27.68
- linux-image-2.6.24-27-powerpc - 2.6.24-27.68
- linux-image-2.6.24-27-powerpc-smp - 2.6.24-27.68
- linux-image-2.6.24-27-powerpc64-smp - 2.6.24-27.68
- linux-image-2.6.24-27-rt - 2.6.24-27.68
- linux-image-2.6.24-27-server - 2.6.24-27.68
- linux-image-2.6.24-27-sparc64 - 2.6.24-27.68
- linux-image-2.6.24-27-sparc64-smp - 2.6.24-27.68
- linux-image-2.6.24-27-virtual - 2.6.24-27.68
- linux-image-2.6.24-27-xen - 2.6.24-27.68
- Ubuntu 6.06 LTS
- linux-image-2.6.15-55-386 - 2.6.15-55.83
- linux-image-2.6.15-55-686 - 2.6.15-55.83
- linux-image-2.6.15-55-amd64-generic - 2.6.15-55.83
- linux-image-2.6.15-55-amd64-k8 - 2.6.15-55.83
- linux-image-2.6.15-55-amd64-server - 2.6.15-55.83
- linux-image-2.6.15-55-amd64-xeon - 2.6.15-55.83
- linux-image-2.6.15-55-hppa32 - 2.6.15-55.83
- linux-image-2.6.15-55-hppa32-smp - 2.6.15-55.83
- linux-image-2.6.15-55-hppa64 - 2.6.15-55.83
- linux-image-2.6.15-55-hppa64-smp - 2.6.15-55.83
- linux-image-2.6.15-55-itanium - 2.6.15-55.83
- linux-image-2.6.15-55-itanium-smp - 2.6.15-55.83
- linux-image-2.6.15-55-k7 - 2.6.15-55.83
- linux-image-2.6.15-55-mckinley - 2.6.15-55.83
- linux-image-2.6.15-55-mckinley-smp - 2.6.15-55.83
- linux-image-2.6.15-55-powerpc - 2.6.15-55.83
- linux-image-2.6.15-55-powerpc-smp - 2.6.15-55.83
- linux-image-2.6.15-55-powerpc64-smp - 2.6.15-55.83
- linux-image-2.6.15-55-server - 2.6.15-55.83
- linux-image-2.6.15-55-server-bigiron - 2.6.15-55.83
- linux-image-2.6.15-55-sparc64 - 2.6.15-55.83
- linux-image-2.6.15-55-sparc64-smp - 2.6.15-55.83
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to effect the necessary changes.