Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.0065 linux-2.6 security update 16 January 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: linux-2.6 Publisher: Debian Operating System: Debian GNU/Linux 5 Debian GNU/Linux 6 Impact/Access: Increased Privileges -- Existing Account Access Privileged Data -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2011-4914 CVE-2011-4622 CVE-2011-4611 CVE-2011-4127 CVE-2011-4110 CVE-2011-4077 CVE-2011-3353 CVE-2011-2898 CVE-2011-2213 CVE-2011-2183 Reference: ESB-2012.0049 ESB-2012.0048 ESB-2011.1279 Original Bulletin: http://www.debian.org/security/2012/dsa-2389 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ---------------------------------------------------------------------- Debian Security Advisory DSA-2389-1 security@debian.org http://www.debian.org/security/ Dann Frazier January 15, 2012 http://www.debian.org/security/faq - - ---------------------------------------------------------------------- Package : linux-2.6 Vulnerability : privilege escalation/denial of service/information leak Problem type : local/remote Debian-specific: no CVE Id(s) : CVE-2011-2183 CVE-2011-2213 CVE-2011-2898 CVE-2011-3353 CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4611 CVE-2011-4622 CVE-2011-4914 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-2183 Andrea Righi reported an issue in KSM, a memory-saving de-duplication feature. By exploiting a race with exiting tasks, local users can cause a kernel oops, resulting in a denial of service. CVE-2011-2213 Dan Rosenberg discovered an issue in the INET socket monitoring interface. Local users could cause a denial of service by injecting code and causing the kernel to execute an infinite loop. CVE-2011-2898 Eric Dumazet reported an information leak in the raw packet socket implementation. CVE-2011-3353 Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE (Filesystem in Userspace) support in the linux kernel. Local users could cause a buffer overflow, leading to a kernel oops and resulting in a denial of service. CVE-2011-4077 Carlos Maiolino reported an issue in the XFS filesystem. A local user with the ability to mount a filesystem could corrupt memory resulting in a denial of service or possibly gain elevated privileges. CVE-2011-4110 David Howells reported an issue in the kernel's access key retention system which allow local users to cause a kernel oops leading to a denial of service. CVE-2011-4127 Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough support for SCSI devices. Users with permission to access restricted portions of a device (e.g. a partition or a logical volume) can obtain access to the entire device by way of the SG_IO ioctl. This could be exploited by a local user or privileged VM guest to achieve a privilege escalation. CVE-2011-4611 Maynard Johnson reported an issue with the perf support on POWER7 systems that allows local users to cause a denial of service. CVE-2011-4622 Jan Kiszka reported an issue in the KVM PIT timer support. Local users with the permission to use KVM can cause a denial of service by starting a PIT timer without first setting up the irqchip. CVE-2011-4914 Ben Hutchings reported various bounds checking issues within the ROSE protocol support in the kernel. Remote users could possibly use this to gain access to sensitive memory or cause a denial of service. For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-39squeeze1. Updates for issues impacting the oldstable distribution (lenny) will be available soon. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 6.0 (squeeze) user-mode-linux 2.6.32-1um-4+39squeeze1 We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJPEz16AAoJEBv4PF5U/IZAgUYP/0vzIc/bZJ1WTirzoElrzXpL VSN+apE3WHyjHyVzEEncKgXM3HglNjhs+HXlaiWFQsa6bDuzHB3R4GMaj+uUt6jC jLIVWiuPn3EWGUTRKA2wNtqMYl+nKAU2uYCo0aXV5WXii9rr3GBqxjShsgkE8Ak3 X4s25KePGwNF0dU9gg6ylhv97gtyilp1rDhiIOgJcSkY2Mi93E4+p030cwZlxnKB Mm5Pr94K6JASyIbBEILLZDEc6qJilkoem81b8Pds2O9FagGbTd9QfwwaEwwUUqZp fXbEHtd+9tvz3db5VFrp48UmV7Oi9lx30kW5h3tdV0R0P15W8QFaIxvwwuLNtcnL rYK0mF4pqJS9x5aA+vzZSxsETcFCa7NzE468mt8RF4d5kXjd1hGZ/8w3QYlYp95c wg1fIbNe3ChdypT3XxmkUDKyzMHPzjyxCoyEg3SQBDn8wJqrQ1SvUB3aBfv/7ju6 6gNEqoyrcMXrnChWDzz8Fc2fXLHMv1w3wNFchl2GSCkP2SpapvqPF/N55FhM/eZd TI1iOnHUFMgAyLcWFDav3yePQSh+SmMF4jftjFuc+XBgZvalTIbiPdUsQ7/AJmdg PnQwFULq8kV7zrsBYaK97hjgH83k73IGa40WrIfs1dX+2bCccnIFYFqMrCYQUNVW 2FCy34dWqbQlEpgRK0Az =rgcP - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBTxO0ze4yVqjM2NGpAQLsHxAApsm7S5CQ2lBk7yYjsw/eeV5aeUQKmeu0 c14o+1i4W/d9PwPAJR/F8GkY8wjbvEnMwtbbSCNA2t/7H6Kulr5FzUJOYungMv9g cUUmTB8UKvs/utqOyBWLegaYFzfRFCfmepZvXae4xV01OezkynvEspd6IG9PLTbE SLV81Rey85vghw0/4BRyeU20FnAAs0shHWKtf3IVIxExjXDgzOUiXr5COYaZHn8C Sui+iP57upJrojMnCJkNzZRMypGLUv1tMkVJ3wMD+UKCz57M4Hsc3Qrci9xY+3Tm DhfiN3ClwjQNFViXYLISkaJjgigq41B+PUg/+f4YiAOm0zBEDVxUARr9pUOiT7fX CLpDQUT8PCPXtd6GFiEojvhcdCLN9miFOj/pc1087MJZ7OfK+tPVl7PUlZKtFWzx 6bCcX9uLu1ham1BMVbXP6ey/ECrp6G5PxziA0jfN+ECbg82o2tKDOC+uHxMbNYFk 63uDjJtBlMPoR/3qfnrflp6IoQ8goS0zi6Pe7lDmbgdQP642XrJ7mpNTO460m6G3 QQHEle2lrxSXNeMuz0Eu0Qr4n4OkdXYuPg1cIMV8AFarB282xYZoqEIbCR6ZwJNO 7/4lGCq9zGzWq+0iWslNBVPP/f+DMgdwVqCRJ3x5RYev3gkWuehJwfIsee8G9lRB VQzDzSApBvA= =gB95 -----END PGP SIGNATURE-----