LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: February 6th, 2012
Linux Advisory Watch: February 3rd, 2012
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated kernel packages fixes multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel: CVE-2006-1343 CVE-2006-1368 CVE-2006-1528 CVE-2006-1856 CVE-2006-1857 CVE-2006-1858 CVE-2006-1859 CVE-2006-1860 CVE-2006-2274 CVE-2006-2445 
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:123
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : July 13, 2006
 Affected: 2006.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 The kernel did not clear sockaddr_in.sin_zero before returning IPv4
 socket names for the getsockopt function, which could allow a local
 user to obtain portions of potentially sensitive memory if getsockopt()
 is called with SO_ORIGINAL_DST (CVE-2006-1343).
 
 Prior to 2.6.16, a buffer overflow in the USB Gadget RNDIS
 implementation could allow a remote attacker to cause a Denial of
 Service via a remote NDIS response (CVE-2006-1368).
 
 Prior to 2.6.13, local users could cause a Denial of Service (crash)
 via a dio transfer from the sg driver to memory mapped IO space
 (CVE-2006-1528).
 
 Prior to and including 2.6.16, the kernel did not add the appropriate
 LSM file_permission hooks to the readv and writev functions, which
 could allow an attacker to bypass intended access restrictions
 (CVE-2006-1856).
 
 Prior to 2.6.16.17, a buffer oveflow in SCTP could allow a remote
 attacker to cause a DoS (crash) and possibly execute arbitrary code
 via a malformed HB-ACK chunk (CVE-2006-1857).
 
 Prior to 2.6.16.17, SCTP could allow a remote attacker to cause a DoS
 (crash) and possibly execute arbitrary code via a chunk length that is
 inconsistent with the actual length of provided parameters
 (CVE-2006-1858).
 
 Prior to 2.6.16.16, a memory leak in fs/locks.c could allow an attacker
 to cause a DoS (memory consumption) via unspecified actions
 (CVE-2006-1859).
 
 Prior to 2.6.16.16, lease_init in fs/locks.c could allow an attacker to
 cause a DoS (fcntl_setlease lockup) via certain actions (CVE-2006-1860).
 
 Prior to 2.6.17, SCTP allowed remote attackers to cause a DoS (infinite
 recursion and crash) via a packet that contains two or more DATA
 fragments (CVE-2006-2274).
 
 Prior to 2.6.16.21, a race condition in run_posix_cpu timers could allow
 a local user to cause a DoS (BUG_ON crash) by causing one CPU to attach
 a timer to a process that is exiting (CVE-2006-2445).
 
 Prior to 2.6.17.1, xt_sctp in netfilter could allow an attacker to cause
 a DoS (infinite loop) via an SCTP chunk with a 0 length (CVE-2006-3085).
 
 As well, an issue where IPC could hit an unmapped vmalloc page when
 near the page boundary has been corrected.
 
 In addition to these security fixes, other fixes have been included
 such as:   
 
 - avoid automatic update of kernel-source without updating the kernel
 - fix USB EHCI handoff code, which made some machines hang while
   booting
 - disable USB_BANDWIDTH which corrects a known problem in some USB
   sound devices
 - fix a bluetooth refcounting bug which could hang the machine
 - fix a NULL pointer dereference in USB-Serial's serial_open()
   function
 - add missing wakeup in pl2303 TIOCMIWAIT handling
 - fix a possible user-after-free in USB-Serial core
 - suspend/resume fixes
 - HPET timer fixes
 - prevent fixed button event to reach userspace on S3 resume
 - add sysfs support in ide-tape
 - fix ASUS P5S800 reboot
 
 Finally, a new drbd-utils package is provided that is a required
 upgrade with this new kernel due to a logic bug in the previously
 shipped version of drbd-utils that could cause a kernel panic on
 the master when a slave went offline.
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels.
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1368
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1528
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1856
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1857
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1858
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1859
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1860
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2445
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3085
 http://qa.mandriva.com/show_bug.cgi?id=22860
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 6deeff1b4604a7423cd0836bb47cf22c  2006.0/RPMS/drbd-utils-0.7.19-2.1.20060mdk.i586.rpm
 e0a9422ea0372348d0e7f9bf643321dd  2006.0/RPMS/drbd-utils-heartbeat-0.7.19-2.1.20060mdk.i586.rpm
 1f31130ae26f66e224148bcb0afa3b82  2006.0/RPMS/kernel-2.6.12.23mdk-1-1mdk.i586.rpm
 c257931ad599d5c3a59a3f5c5444496e  2006.0/RPMS/kernel-BOOT-2.6.12.23mdk-1-1mdk.i586.rpm
 5212cd3d7c4dcc8da030fc20bdeecd29  2006.0/RPMS/kernel-i586-up-1GB-2.6.12.23mdk-1-1mdk.i586.rpm
 b8a96e33ad5df3198c60f7302c695a1f  2006.0/RPMS/kernel-i686-up-4GB-2.6.12.23mdk-1-1mdk.i586.rpm
 ffb0b1c7e4919b28b89d7636b3d27c52  2006.0/RPMS/kernel-smp-2.6.12.23mdk-1-1mdk.i586.rpm
 e5caf57af026af95b40151e31206c512  2006.0/RPMS/kernel-source-2.6.12.23mdk-1-1mdk.i586.rpm
 27d1b92bd2cb4ca83c543888e4897288  2006.0/RPMS/kernel-source-stripped-2.6.12.23mdk-1-1mdk.i586.rpm
 3dae8ba1445aac17ddcba810a1b6d4b3  2006.0/RPMS/kernel-xbox-2.6.12.23mdk-1-1mdk.i586.rpm
 94ec749ac32122a16d3af409ee55f257  2006.0/RPMS/kernel-xen0-2.6.12.23mdk-1-1mdk.i586.rpm
 867f834703a5699000beffc31de57de4  2006.0/RPMS/kernel-xenU-2.6.12.23mdk-1-1mdk.i586.rpm
 291c47123a499c37d927cc18906eef93  2006.0/SRPMS/drbd-utils-0.7.19-2.1.20060mdk.src.rpm
 008cf4d555bc98e67b6bb04a1a7fdfd8  2006.0/SRPMS/kernel-2.6.12.23mdk-1-1mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 2665fcbebbbc1b8d3b111e4175b69ca5  x86_64/2006.0/RPMS/drbd-utils-0.7.19-2.1.20060mdk.x86_64.rpm
 2b44612405e4424d7775f4c6ce20df6a  x86_64/2006.0/RPMS/drbd-utils-heartbeat-0.7.19-2.1.20060mdk.x86_64.rpm
 79a0d55afacadebc94f81b14d21f1a5c  x86_64/2006.0/RPMS/kernel-2.6.12.23mdk-1-1mdk.x86_64.rpm
 2fa6c0023710d65de429dd6d0e759817  x86_64/2006.0/RPMS/kernel-BOOT-2.6.12.23mdk-1-1mdk.x86_64.rpm
 de9bef05e34a3e539bcb1aceb8c713bc  x86_64/2006.0/RPMS/kernel-smp-2.6.12.23mdk-1-1mdk.x86_64.rpm
 ffa4baaa5a96eb88e0655559da2622f7  x86_64/2006.0/RPMS/kernel-source-2.6.12.23mdk-1-1mdk.x86_64.rpm
 6b5b62941bf2c34a975b9aaf1a9efa1f  x86_64/2006.0/RPMS/kernel-source-stripped-2.6.12.23mdk-1-1mdk.x86_64.rpm
 291c47123a499c37d927cc18906eef93  x86_64/2006.0/SRPMS/drbd-utils-0.7.19-2.1.20060mdk.src.rpm
 008cf4d555bc98e67b6bb04a1a7fdfd8  x86_64/2006.0/SRPMS/kernel-2.6.12.23mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
 
< Prev   Next >
    
Partner

 
Latest Features
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Yesterday's Edition
Hackers Hit Apple Supplier Foxconn, Leak Usernames And Passwords
Hackers Mug Google's Wallet App on Rooted Android Devices
Google Chrome will no longer check for revoked SSL certificates online
Have Your Users' Passwords Already Been Hacked?
DDoS Tools Flourish, Give Attackers Many Options
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2012 Guardian Digital, Inc. All rights reserved.