Ubuntu Security Notices
USN-714-1

USN-714-1: Linux kernel vulnerabilities

Publication date

29 January 2009

Overview

Linux kernel vulnerabilities

Releases

8.04 7.10 6.06

Packages

Details

Hugo Dias discovered that the ATM subsystem did not correctly manage socket
counts. A local attacker could exploit this to cause a system hang, leading
to a denial of service. (CVE-2008-5079)

It was discovered that the libertas wireless driver did not correctly
handle beacon and probe responses. A physically near-by attacker could
generate specially crafted wireless network traffic and cause a denial of
service. Ubuntu 6.06 was not affected. (CVE-2008-5134)

It was discovered that the inotify subsystem contained watch removal race
conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not
correctly release allocated memory. A local attacker could exploit this to
force the system to run out...

Hugo Dias discovered that the ATM subsystem did not correctly manage socket
counts. A local attacker could exploit this to cause a system hang, leading
to a denial of service. (CVE-2008-5079)

It was discovered that the inotify subsystem contained watch removal race
conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not
correctly release allocated memory. A local attacker could exploit this to
force the system to run out of free memory, leading to a denial of service.
Ubuntu 6.06 was not affected. (CVE-2008-5300)

It was discovered that the ATA subsystem did not correctly set timeouts. A
local attacker could exploit this to cause a system hang, leading to a
denial of service. (CVE-2008-5700)

It was discovered that the ib700 watchdog timer did not correctly check
buffer sizes. A local attacker could send a specially crafted ioctl to the
device to cause a system crash, leading to a denial of service.
(CVE-2008-5702)

It was discovered that in certain situations the network scheduler did not
correctly handle very large levels of traffic. A local attacker could
produce a high volume of UDP traffic resulting in a system hang, leading to
a denial of service. Ubuntu 8.04 was not affected. (CVE-2008-5713)

Update instructions

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release	Package Version
8.04 hardy	linux-image-2.6.24-23-virtual – 2.6.24-23.48
	linux-image-2.6.24-23-server – 2.6.24-23.48
	linux-image-2.6.24-23-mckinley – 2.6.24-23.48
	linux-image-2.6.24-23-sparc64-smp – 2.6.24-23.48
	linux-image-2.6.24-23-xen – 2.6.24-23.48
	linux-image-2.6.24-23-powerpc-smp – 2.6.24-23.48
	linux-image-2.6.24-23-lpiacompat – 2.6.24-23.48
	linux-image-2.6.24-23-sparc64 – 2.6.24-23.48
	linux-image-2.6.24-23-rt – 2.6.24-23.48
	linux-image-2.6.24-23-openvz – 2.6.24-23.48
	linux-image-2.6.24-23-lpia – 2.6.24-23.48
	linux-image-2.6.24-23-hppa64 – 2.6.24-23.48
	linux-image-2.6.24-23-386 – 2.6.24-23.48
	linux-image-2.6.24-23-powerpc – 2.6.24-23.48
	linux-image-2.6.24-23-powerpc64-smp – 2.6.24-23.48
	linux-image-2.6.24-23-itanium – 2.6.24-23.48
	linux-image-2.6.24-23-hppa32 – 2.6.24-23.48
	linux-image-2.6.24-23-generic – 2.6.24-23.48
7.10 gutsy	linux-image-2.6.22-16-mckinley – 2.6.22-16.61
	linux-image-2.6.22-16-powerpc64-smp – 2.6.22-16.61
	linux-image-2.6.22-16-virtual – 2.6.22-16.61
	linux-image-2.6.22-16-cell – 2.6.22-16.61
	linux-image-2.6.22-16-hppa64 – 2.6.22-16.61
	linux-image-2.6.22-16-sparc64-smp – 2.6.22-16.61
	linux-image-2.6.22-16-generic – 2.6.22-16.61
	linux-image-2.6.22-16-lpia – 2.6.22-16.61
	linux-image-2.6.22-16-powerpc-smp – 2.6.22-16.61
	linux-image-2.6.22-16-386 – 2.6.22-16.61
	linux-image-2.6.22-16-hppa32 – 2.6.22-16.61
	linux-image-2.6.22-16-rt – 2.6.22-16.61
	linux-image-2.6.22-16-xen – 2.6.22-16.61
	linux-image-2.6.22-16-powerpc – 2.6.22-16.61
	linux-image-2.6.22-16-itanium – 2.6.22-16.61
	linux-image-2.6.22-16-lpiacompat – 2.6.22-16.61
	linux-image-2.6.22-16-ume – 2.6.22-16.61
	linux-image-2.6.22-16-sparc64 – 2.6.22-16.61
	linux-image-2.6.22-16-server – 2.6.22-16.61
6.06 dapper	linux-image-2.6.15-53-powerpc64-smp – 2.6.15-53.75
	linux-image-2.6.15-53-powerpc – 2.6.15-53.75
	linux-image-2.6.15-53-amd64-xeon – 2.6.15-53.75
	linux-image-2.6.15-53-386 – 2.6.15-53.75
	linux-image-2.6.15-53-amd64-generic – 2.6.15-53.75
	linux-image-2.6.15-53-686 – 2.6.15-53.75
	linux-image-2.6.15-53-hppa64 – 2.6.15-53.75
	linux-image-2.6.15-53-sparc64 – 2.6.15-53.75
	linux-image-2.6.15-53-amd64-server – 2.6.15-53.75
	linux-image-2.6.15-53-amd64-k8 – 2.6.15-53.75
	linux-image-2.6.15-53-hppa64-smp – 2.6.15-53.75
	linux-image-2.6.15-53-sparc64-smp – 2.6.15-53.75
	linux-image-2.6.15-53-itanium-smp – 2.6.15-53.75
	linux-image-2.6.15-53-hppa32 – 2.6.15-53.75
	linux-image-2.6.15-53-hppa32-smp – 2.6.15-53.75
	linux-image-2.6.15-53-mckinley – 2.6.15-53.75
	linux-image-2.6.15-53-powerpc-smp – 2.6.15-53.75
	linux-image-2.6.15-53-server-bigiron – 2.6.15-53.75
	linux-image-2.6.15-53-mckinley-smp – 2.6.15-53.75
	linux-image-2.6.15-53-server – 2.6.15-53.75
	linux-image-2.6.15-53-itanium – 2.6.15-53.75
	linux-image-2.6.15-53-k7 – 2.6.15-53.75

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

USN-715-1

USN-715-1