USN-577-1: Linux kernel vulnerability
Ubuntu Security Notice USN-577-1
12th February, 2008
linux-source-2.6.17/20/22 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 7.10
- Ubuntu 7.04
- Ubuntu 6.10
Software description
- linux-source-2.6.17
- linux-source-2.6.20
- linux-source-2.6.22
Details
Wojciech Purczynski discovered that the vmsplice system call did
not properly perform verification of user-memory pointers. A local
attacker could exploit this to overwrite arbitrary kernel memory
and gain root privileges. (CVE-2008-0600)
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 7.10:
- linux-image-2.6.22-14-itanium 2.6.22-14.52
- linux-image-2.6.22-14-sparc64 2.6.22-14.52
- linux-image-2.6.22-14-lpia 2.6.22-14.52
- linux-image-2.6.22-14-hppa32 2.6.22-14.52
- linux-image-2.6.22-14-server 2.6.22-14.52
- linux-image-2.6.22-14-powerpc-smp 2.6.22-14.52
- linux-image-2.6.22-14-386 2.6.22-14.52
- linux-image-2.6.22-14-mckinley 2.6.22-14.52
- linux-image-2.6.22-14-sparc64-smp 2.6.22-14.52
- linux-image-2.6.22-14-xen 2.6.22-14.52
- linux-image-2.6.22-14-generic 2.6.22-14.52
- linux-image-2.6.22-14-virtual 2.6.22-14.52
- linux-image-2.6.22-14-powerpc 2.6.22-14.52
- linux-image-2.6.22-14-cell 2.6.22-14.52
- linux-image-2.6.22-14-rt 2.6.22-14.52
- linux-image-2.6.22-14-lpiacompat 2.6.22-14.52
- linux-image-2.6.22-14-ume 2.6.22-14.52
- linux-image-2.6.22-14-powerpc64-smp 2.6.22-14.52
- linux-image-2.6.22-14-hppa64 2.6.22-14.52
- Ubuntu 7.04:
- linux-image-2.6.20-16-386 2.6.20-16.35
- linux-image-2.6.20-16-powerpc 2.6.20-16.35
- linux-image-2.6.20-16-server 2.6.20-16.35
- linux-image-2.6.20-16-mckinley 2.6.20-16.35
- linux-image-2.6.20-16-sparc64-smp 2.6.20-16.35
- linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.35
- linux-image-2.6.20-16-hppa32 2.6.20-16.35
- linux-image-2.6.20-16-itanium 2.6.20-16.35
- linux-image-2.6.20-16-server-bigiron 2.6.20-16.35
- linux-image-2.6.20-16-generic 2.6.20-16.35
- linux-image-2.6.20-16-sparc64 2.6.20-16.35
- linux-image-2.6.20-16-hppa64 2.6.20-16.35
- linux-image-2.6.20-16-lowlatency 2.6.20-16.35
- linux-image-2.6.20-16-powerpc-smp 2.6.20-16.35
- Ubuntu 6.10:
- linux-image-2.6.17-12-mckinley 2.6.17.1-12.44
- linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.44
- linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.44
- linux-image-2.6.17-12-hppa64 2.6.17.1-12.44
- linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.44
- linux-image-2.6.17-12-generic 2.6.17.1-12.44
- linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.44
- linux-image-2.6.17-12-itanium 2.6.17.1-12.44
- linux-image-2.6.17-12-hppa32 2.6.17.1-12.44
- linux-image-2.6.17-12-386 2.6.17.1-12.44
- linux-image-2.6.17-12-powerpc 2.6.17.1-12.44
- linux-image-2.6.17-12-sparc64 2.6.17.1-12.44
- linux-image-2.6.17-12-server 2.6.17.1-12.44
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.