LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: kernel vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Debian The kernels used in Debian GNU/Linux 2.2 have been found to havemultiple security problems. This is a list of problems basedon the 2.2.19 release notes as found on http://www.linux.org.uk/

------------------------------------------------------------------------
Debian Security Advisory DSA-047-1                   security@debian.org 
http://www.debian.org/security/                         Wichert Akkerman
April 16, 2001
------------------------------------------------------------------------


Package        : various kernel packages
Problem type   : multiple
Debian-specific: no

The kernels used in Debian GNU/Linux 2.2 have been found to have
multiple security problems. This is a list of problems based
on the 2.2.19 release notes as found on  http://www.linux.org.uk/ :

* binfmt_misc used user pages directly
* the CPIA driver had an off-by-one error in the buffer code which made
  it possible for users to write into kernel memory
* the CPUID and MSR drivers had a problem in the module unloading code
  which could case a system crash if they were set to automatically load
  and unload (please note that Debian does not automatically unload kernel
  modules)
* There was a possible hang in the classifier code
* The getsockopt and setsockopt system calls did not handle sign bits
  correctly which made a local DoS and other attacks possible
* The sysctl system call did not handle sign bits correctly which allowed
  a user to write in kernel memory
* ptrace/exec races that could give a local user extra privileges
* possible abuse of a boundary case in the sockfilter code
* SYSV shared memory code could overwrite recently freed memory which might
  cause problems
* The packet length checks in the masquerading code were a bit lax
  (probably not exploitable)
* Some x86 assembly bugs caused the wrong number of bytes to be copied.
* A local user could deadlock the kernel due to bugs in the UDP port
  allocation.

All these problems are fixed in the 2.2.19 kernel, and it is highly
recommend that you upgrade machines to this kernel.

Please note that kernel upgrades are not done automatically. You will
have to explicitly tell the packaging system to install the right kernel
for your system.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.2 alias potato
---------------------------------

  Potato was released for alpha, arm, i386, m68k, powerpc and sparc.

  Source archives:
     http://security.debian.org/dists/stable/updates/main/source/kernel-source-2.2.19_2.2.19-2.diff.gz
      MD5 checksum: a9af2a263acb565c14b8e35a5ec0063d
     http://security.debian.org/dists/stable/updates/main/source/kernel-source-2.2.19_2.2.19-2.dsc
      MD5 checksum: eea36e9f1a5e78e23707209435816c44
     http://security.debian.org/dists/stable/updates/main/source/kernel-source-2.2.19_2.2.19.orig.tar.gz
      MD5 checksum: 5216e45ac7df609b88fa5a5ea4b77292

     http://security.debian.org/dists/stable/updates/main/source/kernel-image-2.2.19-alpha_2.2.19-1.dsc
      MD5 checksum: 6fa11b926f013cefb59e84021967c3df
     http://security.debian.org/dists/stable/updates/main/source/kernel-image-2.2.19-alpha_2.2.19-1.tar.gz
      MD5 checksum: 1a737c90c77d1f8b27284f1a25be3c3b

     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-arm_20010414.dsc
      MD5 checksum: c72c7bada4509cff940d849508a1113b
     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-arm_20010414.tar.gz
      MD5 checksum: ff6f6a2ac075e62e02c7de5a9c4fd9c6

     http://security.debian.org/dists/stable/updates/main/source/kernel-image-2.2.19-i386_2.2.19-2.dsc
      MD5 checksum: 41cd5f078230fca7c24671f54b32027b
     http://security.debian.org/dists/stable/updates/main/source/kernel-image-2.2.19-i386_2.2.19-2.tar.gz
      MD5 checksum: 3b36e6739898c65e1f6288bbefb7af6b

     http://security.debian.org/dists/stable/updates/main/source/kernel-headers-2.2.19-m68k_2.2.19-2.dsc
      MD5 checksum: 3e517ec964d39a22b8c3cb79eaeb6400
     http://security.debian.org/dists/stable/updates/main/source/kernel-headers-2.2.19-m68k_2.2.19-2.tar.gz
      MD5 checksum: 8763a73562e4c677a05b166bcacc93da
     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-m68k_2.2.19-2.dsc
      MD5 checksum: c94534d34fe3ba14a9119adbf19096c0
     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-m68k_2.2.19-2.tar.gz
      MD5 checksum: aeb1ee939f8bbb94ed0132f397d47ac2

     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-powerpc_2.2.19-2.dsc
      MD5 checksum: 05c706e6a4306ad00bc94dd07dc190ac
     http://security.debian.org/dists/stable/updates/main/source/kernel-patch-2.2.19-powerpc_2.2.19-2.tar.gz
      MD5 checksum: 312dba940c39d17dd04bdd778c80642c

     http://security.debian.org/dists/stable/updates/main/source/kernel-image-sparc-2.2_6.dsc
      MD5 checksum: 49721aa22e7eae7d918b3d69bc39e740
     http://security.debian.org/dists/stable/updates/main/source/kernel-image-sparc-2.2_6.tar.gz
      MD5 checksum: e27c53792aedda23e22068aec8f3ea5f


  Architecture indendent archives:
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-doc-2.2.19_2.2.19-2_all.deb
      MD5 checksum: 977c4967d24a599ac96c1694b94249c1
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-source-2.2.19_2.2.19-2_all.deb
      MD5 checksum: 2204dbc7376eb70f819da6f00c84b2b8
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-headers-2.2.19-sparc_6_all.deb
      MD5 checksum: 3460ea5ad90f3abb9a51edb6dcc05a45
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-patch-2.2.19-arm_20010414_all.deb
      MD5 checksum: fd4b9ca3b09b8c19185dd50bb92fbdf1
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-patch-2.2.19-m68k_2.2.19-2_all.deb
      MD5 checksum: 90b042868ca48de9e469f9b9fc39ebbe
     http://security.debian.org/dists/stable/updates/main/binary-all/kernel-patch-2.2.19-powerpc_2.2.19-2_all.deb
      MD5 checksum: 4aef036047535e69f591b7c6619d9ef6


  ARM architecture:
     http://security.debian.org/dists/stable/updates/main/binary-arm/kernel-image-2.2.19-riscpc_20010414_arm.deb
      MD5 checksum: e25f76a5d9b9171bc9ea173dd80bc673


  Alpha architecture:
     http://security.debian.org/dists/stable/updates/main/binary-alpha/kernel-headers-2.2.19_2.2.19-1_alpha.deb
      MD5 checksum: 6a9508bde726f9411eecefa1be04254a
     http://security.debian.org/dists/stable/updates/main/binary-alpha/kernel-image-2.2.19-generic_2.2.19-1_alpha.deb
      MD5 checksum: aabfecc9638cbbcc724bbd061887accc
     http://security.debian.org/dists/stable/updates/main/binary-alpha/kernel-image-2.2.19-jensen_2.2.19-1_alpha.deb
      MD5 checksum: 35e5524f37759d2147ab95b0169570f5
     http://security.debian.org/dists/stable/updates/main/binary-alpha/kernel-image-2.2.19-nautilus_2.2.19-1_alpha.deb
      MD5 checksum: bb5954c0f4cbfec8f521edd92a7221d8
     http://security.debian.org/dists/stable/updates/main/binary-alpha/kernel-image-2.2.19-smp_2.2.19-1_alpha.deb
      MD5 checksum: c508ab39e2c6eab0c86ef503027c3830


  Motorola 680x0 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-headers-2.2.19_2.2.19-2_m68k.deb
      MD5 checksum: 884c0508f2b586c1b5e5633af814947f
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-amiga_2.2.19-1_m68k.deb
      MD5 checksum: 936596a22481dd5fca115c05b04ecc0e
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-atari_2.2.19-1_m68k.deb
      MD5 checksum: 51d9694b7ed80122b3567e4a303fabf8
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-bvme6000_2.2.19-1_m68k.deb
      MD5 checksum: 2078afa46e9569c1a3662779dae92750
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-mac_2.2.19-2_m68k.deb
      MD5 checksum: 961781b2c9c448eac2fee4d824bbd95b
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-mvme147_2.2.19-1_m68k.deb
      MD5 checksum: 5c7e7a84c8cda3356eb3fc6bcc9f2dda
     http://security.debian.org/dists/stable/updates/main/binary-m68k/kernel-image-2.2.19-mvme16x_2.2.19-1_m68k.deb
      MD5 checksum: 179e4df3fcff08edab327259bad39c46


  Intel ia32 architecture:
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-headers-2.2.19-compact_2.2.19-2_i386.deb
      MD5 checksum: 420eeaf867d788d07baf34dc90b3cc9e
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-headers-2.2.19-ide_2.2.19-2_i386.deb
      MD5 checksum: 6f0c192ba9b5cf5227ddca8ff879825d
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-headers-2.2.19-idepci_2.2.19-2_i386.deb
      MD5 checksum: ef6fda75bb5aeeca964c87a1c1908e0d
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-headers-2.2.19_2.2.19-2_i386.deb
      MD5 checksum: a1923d3db95e834a1813e97e39bbfba6
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-image-2.2.19-compact_2.2.19-2_i386.deb
      MD5 checksum: 6a7462e3da7d41b80e53b7ad82487e67
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-image-2.2.19-ide_2.2.19-2_i386.deb
      MD5 checksum: c698b41ea229adc0960bf09958f49d5a
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-image-2.2.19-idepci_2.2.19-2_i386.deb
      MD5 checksum: f304bdc04cc27828a97ded4f7d019db3
     http://security.debian.org/dists/stable/updates/main/binary-i386/kernel-image-2.2.19_2.2.19-2_i386.deb
      MD5 checksum: dffe4d2a70ce45bfaa334f6f7535fdd9


  PowerPC architecture:
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/kernel-headers-2.2.19_2.2.19-2_powerpc.deb
      MD5 checksum: 95fee994109843586ee1e779761b100c
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/kernel-image-2.2.19-chrp_2.2.19-2_powerpc.deb
      MD5 checksum: cd8cd654038523a6c93733a0fd32e5c0
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/kernel-image-2.2.19-pmac_2.2.19-2_powerpc.deb
      MD5 checksum: 0199f7574b87f5366e415e57ff86fe4f
     http://security.debian.org/dists/stable/updates/main/binary-powerpc/kernel-image-2.2.19-prep_2.2.19-2_powerpc.deb
      MD5 checksum: fbaf42e487b42441491e1132c26e9a12


  Sun Sparc architecture:
     http://security.debian.org/dists/stable/updates/main/binary-sparc/kernel-image-2.2.19-sun4cdm_6_sparc.deb
      MD5 checksum: 07ab853e717dbce85ce1b865544013c4
     http://security.debian.org/dists/stable/updates/main/binary-sparc/kernel-image-2.2.19-sun4dm-pci_6_sparc.deb
      MD5 checksum: be3bcbcad5b5760cc1e70c7d9f7cf8fc
     http://security.debian.org/dists/stable/updates/main/binary-sparc/kernel-image-2.2.19-sun4dm-smp_6_sparc.deb
      MD5 checksum: 30e20ba605c04d1742cedcb16deaf34a
     http://security.debian.org/dists/stable/updates/main/binary-sparc/kernel-image-2.2.19-sun4u-smp_6_sparc.deb
      MD5 checksum: a2a2392a45be24df0dc10ab01191e435
     http://security.debian.org/dists/stable/updates/main/binary-sparc/kernel-image-2.2.19-sun4u_6_sparc.deb
      MD5 checksum: a02d4e828ca09d964fb9cb95fc71ac1d

  These packages will be moved into the stable distribution on its next
  revision.

For not yet released architectures please refer to the appropriate
directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

--
----------------------------------------------------------------------------
apt-get: deb  http://security.debian.org/ stable/updates main
dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org




 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Disaster as CryptoWall encrypts US firm's entire server installation
Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.