Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2006.0342 -- [Linux][Debian]
New Linux kernel 2.4.16, 2.4.18 and 2.4.19 packages fix
several vulnerabilities
22 May 2006
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Debian
Operating System: Debian GNU/Linux 3.1
Linux variants
Impact: Execute Arbitrary Code/Commands
Inappropriate Access
Denial of Service
Read-only Data Access
Access: Remote/Unauthenticated
CVE Names: CVE-2005-0528 CVE-2005-0504 CVE-2005-0489
CVE-2005-0384 CVE-2005-0135 CVE-2005-0124
CVE-2005-0003 CVE-2005-0001 CVE-2004-1335
CVE-2004-1333 CVE-2004-1235 CVE-2004-1234
CVE-2004-1074 CVE-2004-1073 CVE-2004-1072
CVE-2004-1071 CVE-2004-1070 CVE-2004-1068
CVE-2004-1017 CVE-2004-1016 CVE-2004-0997
CVE-2004-0949 CVE-2004-0883 CVE-2004-0685
CVE-2004-0565 CVE-2004-0554 CVE-2004-0447
CVE-2004-0427 CVE-2004-0394 CVE-2004-0138
CVE-2003-0984
Original Bulletin: http://www.debian.org/security/2006/dsa-1067
Comment: This document contains three Debian bulletins relating to Linux
kernel versions 2.4.16, 2.4.18 and 2.4.19.
This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running Linux check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1070-1 security@debian.org
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 21th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : kernel-source-2.4.19,kernel-image-sparc-2.4,kernel-patch-2.4.19-mips
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found.
CVE-2005-0489
A local denial of service vulnerability in proc memory handling has
been found.
CVE-2004-0394
A buffer overflow in the panic handling code has been found.
CVE-2004-0447
A local denial of service vulnerability through a null pointer
dereference in the IA64 process handling code has been found.
CVE-2004-0554
A local denial of service vulnerability through an infinite loop in
the signal handler code has been found.
CVE-2004-0565
An information leak in the context switch code has been found on
the IA64 architecture.
CVE-2004-0685
Unsafe use of copy_to_user in USB drivers may disclose sensitive
information.
CVE-2005-0001
A race condition in the i386 page fault handler may allow privilege
escalation.
CVE-2004-0883
Multiple vulnerabilities in the SMB filesystem code may allow denial
of service of information disclosure.
CVE-2004-0949
An information leak discovered in the SMB filesystem code.
CVE-2004-1016
A local denial of service vulnerability has been found in the SCM layer.
CVE-2004-1333
An integer overflow in the terminal code may allow a local denial of
service vulnerability.
CVE-2004-0997
A local privilege escalation in the MIPS assembly code has been found.
CVE-2004-1335
A memory leak in the ip_options_get() function may lead to denial of
service.
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable
as a denial of service attack vector.
CVE-2005-0124
Bryan Fulton reported a bounds checking bug in the coda_pioctl function
which may allow local users to execute arbitrary code or trigger a denial
of service attack.
CVE-2005-0528
A local privilege escalation in the mremap function has been found
CVE-2003-0984
Inproper initialization of the RTC may disclose information.
CVE-2004-1070
Insufficient input sanitising in the load_elf_binary() function may
lead to privilege escalation.
CVE-2004-1071
Incorrect error handling in the binfmt_elf loader may lead to privilege
escalation.
CVE-2004-1072
A buffer overflow in the binfmt_elf loader may lead to privilege
escalation or denial of service.
CVE-2004-1073
The open_exec function may disclose information.
CVE-2004-1074
The binfmt code is vulnerable to denial of service through malformed
a.out binaries.
CVE-2004-0138
A denial of service vulnerability in the ELF loader has been found.
CVE-2004-1068
A programming error in the unix_dgram_recvmsg() function may lead to
privilege escalation.
CVE-2004-1234
The ELF loader is vulnerable to denial of service through malformed
binaries.
CVE-2005-0003
Crafted ELF binaries may lead to privilege escalation, due to
insufficient checking of overlapping memory regions.
CVE-2004-1235
A race condition in the load_elf_library() and binfmt_aout() functions
may allow privilege escalation.
CVE-2005-0504
An integer overflow in the Moxa driver may lead to privilege escalation.
CVE-2005-0384
A remote denial of service vulnerability has been found in the PPP
driver.
CVE-2005-0135
An IA64 specific local denial of service vulnerability has been found
in the unw_unwind_to_user() function.
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.0 (woody)
Source 2.4.19-4
Sun Sparc architecture 26woody1
Little endian MIPS architecture 0.020911.1.woody5
We recommend that you upgrade your kernel package immediately and reboot
the machine.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get dist-upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.dsc
Size/MD5 checksum: 692 27f44a0eec5837b0b01d26c6cff392be
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-sparc-2.4_26woody1.tar.gz
Size/MD5 checksum: 27768 6c719a6343c9ea0dad44a736b3842504
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.dsc
Size/MD5 checksum: 792 d7c89c90fad77944ca1c5a18327f31dd
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5.tar.gz
Size/MD5 checksum: 1013866 21b4b677a7a319442c8fe8a4c72eb4c2
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.dsc
Size/MD5 checksum: 672 4c353db091e8edc4395e46cf8d39ec42
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3.diff.gz
Size/MD5 checksum: 71071 7012adde9ba9a573e1be66f0d258721a
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz
Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.18-sparc_22woody1_all.deb
Size/MD5 checksum: 1521850 75d23c7c54094b1d25d3b708fd644407
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-headers-2.4.19-sparc_26woody1_all.deb
Size/MD5 checksum: 1547874 c6881b25e3a5967e0f6f9c351fb88962
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody5_all.deb
Size/MD5 checksum: 1014564 0e89364c2816f5f4519256a8ea367ab6
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody3_all.deb
Size/MD5 checksum: 1785490 c66cef9e87d9a89caeee02af31e3c96d
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody3_all.deb
Size/MD5 checksum: 25902158 321403201a198371fd55c9b8ac4583f7
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u_22woody1_sparc.deb
Size/MD5 checksum: 3923058 db7bbd997410667bec4ac713d81d60ea
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.18-sun4u-smp_22woody1_sparc.deb
Size/MD5 checksum: 4044796 106fcb86485531d96b4fdada61b71405
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u_26woody1_sparc.deb
Size/MD5 checksum: 3831424 347b0c290989f0cc99f3b336c156f61d
http://security.debian.org/pool/updates/main/k/kernel-image-sparc-2.4/kernel-image-2.4.19-sun4u-smp_26woody1_sparc.deb
Size/MD5 checksum: 3952220 f7dd8326c0ae0b0dee7c46e24023d0a2
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 3890804 7348a8cd3961190aa2a19f562c96fe2f
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 2080618 d52d00e7097ae0c8f4ccb6f34656361d
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 2080830 db7141d3c0d86a43659176f974599cc2
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody5_mips.deb
Size/MD5 checksum: 15816 c31e3b72d6eac6f3f99f75ea838e0bf9
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEcAc/Xm3vHE4uyloRAtGHAJoC9+1ELp5vTYgL4SDsNOIndI5rqQCePabu
rmancVBp6F2Nfh1PHQQrOTk=
=7GeM
- -----END PGP SIGNATURE-----
- ----------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1069-1 security@debian.org
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 20th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : kernel-source-2.4.18,kernel-image-2.4.18-1-alpha,kernel-image-2.4.18-1-i386,kernel-image-2.4.18-hppa,kernel-image-2.4.18-powerpc-xfs,kernel-patch-2.4.18-powerpc,kernel-patch-benh
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135
[This is a resend of the advisory text of DSA 1069-1, as the original one
accidentally lacked te MD5 check sums]
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found.
CVE-2005-0489
A local denial of service vulnerability in proc memory handling has
been found.
CVE-2004-0394
A buffer overflow in the panic handling code has been found.
CVE-2004-0447
A local denial of service vulnerability through a null pointer
dereference in the IA64 process handling code has been found.
CVE-2004-0554
A local denial of service vulnerability through an infinite loop in
the signal handler code has been found.
CVE-2004-0565
An information leak in the context switch code has been found on
the IA64 architecture.
CVE-2004-0685
Unsafe use of copy_to_user in USB drivers may disclose sensitive
information.
CVE-2005-0001
A race condition in the i386 page fault handler may allow privilege
escalation.
CVE-2004-0883
Multiple vulnerabilities in the SMB filesystem code may allow denial
of service of information disclosure.
CVE-2004-0949
An information leak discovered in the SMB filesystem code.
CVE-2004-1016
A local denial of service vulnerability has been found in the SCM layer.
CVE-2004-1333
An integer overflow in the terminal code may allow a local denial of
service vulnerability.
CVE-2004-0997
A local privilege escalation in the MIPS assembly code has been found.
CVE-2004-1335
A memory leak in the ip_options_get() function may lead to denial of
service.
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable
as a denial of service attack vector.
CVE-2005-0124
Bryan Fulton reported a bounds checking bug in the coda_pioctl function
which may allow local users to execute arbitrary code or trigger a denial
of service attack.
CVE-2005-0528
A local privilege escalation in the mremap function has been found
CVE-2003-0984
Inproper initialization of the RTC may disclose information.
CVE-2004-1070
Insufficient input sanitising in the load_elf_binary() function may
lead to privilege escalation.
CVE-2004-1071
Incorrect error handling in the binfmt_elf loader may lead to privilege
escalation.
CVE-2004-1072
A buffer overflow in the binfmt_elf loader may lead to privilege
escalation or denial of service.
CVE-2004-1073
The open_exec function may disclose information.
CVE-2004-1074
The binfmt code is vulnerable to denial of service through malformed
a.out binaries.
CVE-2004-0138
A denial of service vulnerability in the ELF loader has been found.
CVE-2004-1068
A programming error in the unix_dgram_recvmsg() function may lead to
privilege escalation.
CVE-2004-1234
The ELF loader is vulnerable to denial of service through malformed
binaries.
CVE-2005-0003
Crafted ELF binaries may lead to privilege escalation, due to
insufficient checking of overlapping memory regions.
CVE-2004-1235
A race condition in the load_elf_library() and binfmt_aout() functions
may allow privilege escalation.
CVE-2005-0504
An integer overflow in the Moxa driver may lead to privilege escalation.
CVE-2005-0384
A remote denial of service vulnerability has been found in the PPP
driver.
CVE-2005-0135
An IA64 specific local denial of service vulnerability has been found
in the unw_unwind_to_user() function.
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.0 (woody)
Source 2.4.18-14.4
Alpha architecture 2.4.18-15woody1
Intel IA-32 architecture 2.4.18-13.2
HP Precision architecture 62.4
PowerPC architecture 2.4.18-1woody6
PowerPC architecture/XFS 20020329woody1
PowerPC architecture/benh 20020304woody1
Sun Sparc architecture 22woody1
We recommend that you upgrade your kernel package immediately and reboot
the machine.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get dist-upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.dsc
Size/MD5 checksum: 664 e66eee8b35df5d9f780a2b09db3cdd05
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4.diff.gz
Size/MD5 checksum: 81246 cb17a014905f2887f6b501f64f779e22
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.dsc
Size/MD5 checksum: 750 522e81e5f4fdb2259bebef0e24f82b28
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15woody1.tar.gz
Size/MD5 checksum: 26998 d4788765906cfc6792dd5ec875a8ecaa
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.dsc
Size/MD5 checksum: 1193 0ca8bc314ef54bc3ab4c9c296fd646ee
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.2.tar.gz
Size/MD5 checksum: 72467 dce62d476deb5778a73e8d0cb1904c57
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.dsc
Size/MD5 checksum: 724 81445e6ef599c748a68b6ae584caaa97
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1.tar.gz
Size/MD5 checksum: 33405 a50d4542f801e318b2778fcafba5f0b1
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.dsc
Size/MD5 checksum: 734 6b3f82a1442db234c98c1b5dd2df3b25
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6.tar.gz
Size/MD5 checksum: 81919 86adfacbd335393287f4be825a2c8c89
http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.dsc
Size/MD5 checksum: 561 59754208d1c08b2c43b0b0302853b3b0
http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1.tar.gz
Size/MD5 checksum: 6030131 4446b0b03cb22fe9b9c230e1a7879965
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.4_all.deb
Size/MD5 checksum: 1721998 338b838922799a8b51263a0971fe48e9
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.4_all.deb
Size/MD5 checksum: 24137152 0c4e20bf088cbdffbf68ba43ca26b2e1
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody6_all.deb
Size/MD5 checksum: 79788 d2fd4e178d1b39f9b36d953ac8ec8743
http://security.debian.org/pool/updates/main/k/kernel-patch-benh/kernel-patch-benh_20020304woody1_all.deb
Size/MD5 checksum: 6065046 a7108836d30e9b1e477acb49b0c0cf0f
Alpha architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15woody1_alpha.deb
Size/MD5 checksum: 3351876 d9a4975763720d8fce7debc80bb79f63
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15woody1_alpha.deb
Size/MD5 checksum: 3494576 3859c83de4315ed96f9708a51e045241
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15woody1_alpha.deb
Size/MD5 checksum: 3496768 d71f68fc06c589873151f3f04bdf133e
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15woody1_alpha.deb
Size/MD5 checksum: 11694314 2aa8fd58fb3c399cb116e770f8a5d5d1
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15woody1_alpha.deb
Size/MD5 checksum: 12027076 dd1c23f37e48ba9d0a7ddfa88cf45d29
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3415450 d488aac93b07312e9dde5b91a6d631b2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3505976 6eb395cc690576ec075a2b23ca4c2194
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3506954 807ca24843a58cf85a5e68c89faca563
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3507090 3c2546ab7c10ebf81fd455df8445a552
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3507950 68223703c4365e52b72362d3e2c8de3f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3506762 754fd28c88640d2adb48c9112f811550
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13.2_i386.deb
Size/MD5 checksum: 3506818 8173434dda3517ca6d777b8a1288eb9c
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8802200 78add9adc25b766f6d2d71dce28c4bf6
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8706062 472a648b1cc4aa7a48fd55181c65b791
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8709404 eb6966cbe26c20b45b09182977574ab4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8961038 1297541ef30a29ad9650e1d40c24cd57
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8659464 0ed399a5da73df3b35fcd215b5011263
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13.2_i386.deb
Size/MD5 checksum: 8865500 1b56f2739d199dfc85edcba38386b4af
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13.2_i386.deb
Size/MD5 checksum: 231110 b6277e8187269984d46b9fbba104e195
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13.2_i386.deb
Size/MD5 checksum: 230666 e7d69734cde1ea9172391aec10e11436
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13.2_i386.deb
Size/MD5 checksum: 230198 ac36ed7f8dd38740a17837b2ea865fed
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13.2_i386.deb
Size/MD5 checksum: 233800 8a863bfd914780df5d33a39cd5de0aaf
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13.2_i386.deb
Size/MD5 checksum: 229768 556904c5c178f86edf7a8decbac09cc9
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13.2_i386.deb
Size/MD5 checksum: 233054 cd4b0b4f688932c836220f77070cbd31
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-powerpc-xfs/kernel-image-2.4.18-powerpc-xfs_20020329woody1_powerpc.deb
Size/MD5 checksum: 11439898 64015e0730aa9cca7313c601d1c401f3
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody6_powerpc.deb
Size/MD5 checksum: 3433186 6a9e21c5ff417afe1b6c697c10f59de8
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody6_powerpc.deb
Size/MD5 checksum: 9451006 2c2b9ee09fa3e3635f785410683af1c1
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody6_powerpc.deb
Size/MD5 checksum: 10099720 4c85feb2001345ce597530d3d8b2bb86
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody6_powerpc.deb
Size/MD5 checksum: 10343584 dda622d41cbc718dc1e2202c50608f0f
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEcKNGXm3vHE4uyloRAjgrAJ932JVSBd21KY1buMlIzrA4fNRJSgCguKZz
1RadcYNnnuCojY5UnZrlLgE=
=vDeO
- -----END PGP SIGNATURE-----
- ----------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1067-1 security@debian.org
http://www.debian.org/security/ Martin Schulze, Dann Frazier
May 20th, 2006 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : kernel-source-2.4.16,kernel-image-2.4.16-lart,kernel-image-2.4.16-riscpc,kernel-image-2.4.16-netwinder
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE IDs : CVE-2004-0427 CVE-2005-0489 CVE-2004-0394 CVE-2004-0447 CVE-2004-0554 CVE-2004-0565 CVE-2004-0685 CVE-2005-0001 CVE-2004-0883 CVE-2004-0949 CVE-2004-1016 CVE-2004-1333 CVE-2004-0997 CVE-2004-1335 CVE-2004-1017 CVE-2005-0124 CVE-2005-0528 CVE-2003-0984 CVE-2004-1070 CVE-2004-1071 CVE-2004-1072 CVE-2004-1073 CVE-2004-1074 CVE-2004-0138 CVE-2004-1068 CVE-2004-1234 CVE-2005-0003 CVE-2004-1235 CVE-2005-0504 CVE-2005-0384 CVE-2005-0135
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found.
CVE-2005-0489
A local denial of service vulnerability in proc memory handling has
been found.
CVE-2004-0394
A buffer overflow in the panic handling code has been found.
CVE-2004-0447
A local denial of service vulnerability through a null pointer
dereference in the IA64 process handling code has been found.
CVE-2004-0554
A local denial of service vulnerability through an infinite loop in
the signal handler code has been found.
CVE-2004-0565
An information leak in the context switch code has been found on
the IA64 architecture.
CVE-2004-0685
Unsafe use of copy_to_user in USB drivers may disclose sensitive
information.
CVE-2005-0001
A race condition in the i386 page fault handler may allow privilege
escalation.
CVE-2004-0883
Multiple vulnerabilities in the SMB filesystem code may allow denial
of service of information disclosure.
CVE-2004-0949
An information leak discovered in the SMB filesystem code.
CVE-2004-1016
A local denial of service vulnerability has been found in the SCM layer.
CVE-2004-1333
An integer overflow in the terminal code may allow a local denial of
service vulnerability.
CVE-2004-0997
A local privilege escalation in the MIPS assembly code has been found.
CVE-2004-1335
A memory leak in the ip_options_get() function may lead to denial of
service.
CVE-2004-1017
Multiple overflows exist in the io_edgeport driver which might be usable
as a denial of service attack vector.
CVE-2005-0124
Bryan Fulton reported a bounds checking bug in the coda_pioctl function
which may allow local users to execute arbitrary code or trigger a denial
of service attack.
CVE-2005-0528
A local privilege escalation in the mremap function has been found
CVE-2003-0984
Inproper initialization of the RTC may disclose information.
CVE-2004-1070
Insufficient input sanitising in the load_elf_binary() function may
lead to privilege escalation.
CVE-2004-1071
Incorrect error handling in the binfmt_elf loader may lead to privilege
escalation.
CVE-2004-1072
A buffer overflow in the binfmt_elf loader may lead to privilege
escalation or denial of service.
CVE-2004-1073
The open_exec function may disclose information.
CVE-2004-1074
The binfmt code is vulnerable to denial of service through malformed
a.out binaries.
CVE-2004-0138
A denial of service vulnerability in the ELF loader has been found.
CVE-2004-1068
A programming error in the unix_dgram_recvmsg() function may lead to
privilege escalation.
CVE-2004-1234
The ELF loader is vulnerable to denial of service through malformed
binaries.
CVE-2005-0003
Crafted ELF binaries may lead to privilege escalation, due to
insufficient checking of overlapping memory regions.
CVE-2004-1235
A race condition in the load_elf_library() and binfmt_aout() functions
may allow privilege escalation.
CVE-2005-0504
An integer overflow in the Moxa driver may lead to privilege escalation.
CVE-2005-0384
A remote denial of service vulnerability has been found in the PPP
driver.
CVE-2005-0135
An IA64 specific local denial of service vulnerability has been found
in the unw_unwind_to_user() function.
The following matrix explains which kernel version for which architecture
fix the problems mentioned above:
Debian 3.0 (woody)
Source 2.4.16-1woody2
arm/lart 20040419woody1
arm/netwinder 20040419woody1
arm/riscpc 20040419woody1
We recommend that you upgrade your kernel package immediately and reboot
the machine.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get dist-upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.dsc
Size/MD5 checksum: 655 cbaba3ab1ea1f99557d717bb19908dc8
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1.tar.gz
Size/MD5 checksum: 16628 c10d76a01d03e58049b594270d7fd7c5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.dsc
Size/MD5 checksum: 693 be25ede481365d969f465a0356bfe047
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1.tar.gz
Size/MD5 checksum: 21947 12d6a2977ba7683e48e92293e4a87cf6
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.dsc
Size/MD5 checksum: 661 6895c73dc50b56d48588e3f053fbcc05
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1.tar.gz
Size/MD5 checksum: 19300 3e60e7aa88e553221264f1b004d9091d
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.dsc
Size/MD5 checksum: 680 81e8e543d617f8464a222767e18aa261
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3.diff.gz
Size/MD5 checksum: 46430 d164de27560966cb695141de9b004e7e
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16.orig.tar.gz
Size/MD5 checksum: 29364642 8e42e72848dc5098b6433d66d5cacffc
ARM architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419woody1_arm.deb
Size/MD5 checksum: 718814 87806c13fa914865ecc00f784c64a8f4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-headers-2.4.16_20040419woody1_arm.deb
Size/MD5 checksum: 3437272 3061b1a8212d2538bdbffa9609300322
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419woody1_arm.deb
Size/MD5 checksum: 6675192 b588a74f3b53c06ef3ffb26218c6e191
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419woody1_arm.deb
Size/MD5 checksum: 2914360 3df4986a2bfa64ddea35cb2b76d390a5
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-doc-2.4.16_2.4.16-1woody3_all.deb
Size/MD5 checksum: 1718004 b458e950b6aabb99a781f507c2015dd3
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody3_all.deb
Size/MD5 checksum: 23820868 3001c4af6222fa22ecba3053a146e248
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEbtDmXm3vHE4uyloRAhZsAJ0Uw7DM7RtiBSmWWskg8FXq0do5TACeMk43
Y8lxItKTeEpmOE/9asuJ6UU=
=fM5d
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRHEMwSh9+71yA2DNAQLnFQP+OBCV1ZQw9AERd52zXK61c3+B8cusAWOv
bWOdEgvQsV5VkoTYRDWrLyJDyac0qEHS2lMpcR77OkcOv6G+epuHtWdvWlN/Xdsc
uVyaF3ShW0w8A6sGJ0+HIGpnP1XCdXmUOBGjG8iR38TRXsxWqj0NBZBN+qgjTVRz
C0ETPwc/mX0=
=UiYS
-----END PGP SIGNATURE-----