LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated kernel packages fix multiple vulnerabilities and bugs Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:025
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : January 23, 2007
 Affected: Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 Some vulnerabilities were discovered and corrected in the Linux 2.6
 kernel:

 The 2.6 kernel prior to 2.6.12 allows remote attackers to poison the
 bridge forwarding table using frames that have already been dropped by
 filtering, which can cause the bridge to forward spoofed packets
 (CVE-2005-3272).

 Prior to 2.6.15.5, the kernel allows local users to cause a DoS
 ("endless recursive fault") via unknown attack vectors related to a
 "bad elf entry address" on Intel processors (CVE-2006-0741).

 A race condition in the socket buffer handling in the 2.6.9 kernel and
 earlier versions could allow a remote attacker to cause a DoS (crash)
 (CVE-2006-2446).

 Stephane Eranian discovered an issue with permon2.0 where, under
 certain circumstances, the perfmonctl() system call may not correctly
 manage the file descriptor reference count, resulting in the system
 possibly running out of file structure (CVE-2006-3741).

 Prior to and including 2.6.17, the Universal Disk Format (UDF)
 filesystem driver allowed local users to cause a DoS (hang and crash)
 via certain operations involving truncated files (CVE-2006-4145).

 Various versions of the Linux kernel allowed local users to cause a DoS
 (crash) via an SCTP socket with a certain SO_LINGER value, which is
 possibly related to the patch used to correct CVE-2006-3745
 (CVE-2006-4535).

 The __block_prepate_write function in the 2.6 kernel before 2.6.13 does
 not properly clear buffers during certain error conditions, which
 allows users to read portions of files that have been unlinked
 (CVE-2006-4813).

 The clip_mkip function of the ATM subsystem in the 2.6 kernel allows
 remote attackers to dause a DoS (panic) via unknown vectors that cause
 the ATM subsystem to access the memory of socket buffers after they are
 freed (CVE-2006-4997).

 The seqfile handling in the 2.6 kernel up to 2.6.18 allows local users
 to cause a DoS (hang or oops) via unspecified manipulations that
 trigger an infinite loop while searching for flowlabels
 (CVE-2006-5619).

 A missing call to init_timer() in the isdn_ppp code of the Linux kernel
 can allow remote attackers to send a special kind of PPP pakcet which
 may trigger a kernel oops (CVE-2006-5749).

 The aio_setup_ring() function initializes a variable incorrectly which
 can be used in error path to free allocated resources which could allow
 a local user to crash the node (CVE-2006-5754).

 A vulnerability in the bluetooth support could allow for overwriting
 internal CMTP and CAPI data structures via malformed packets
 (CVE-2006-6106).

 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.

 To update your kernel, please follow the directions located at:

 http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3272
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0741
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2446
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3741
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4145
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4535
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4813
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4997
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5619
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5749
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5754
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6106
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 c807857c820dae84bad9beac5ff132c2  corporate/3.0/i586/kernel-2.6.3.36mdk-1-1mdk.i586.rpm
 9502a05c5049f394b50a4f2128ca7311  corporate/3.0/i586/kernel-BOOT-2.6.3.36mdk-1-1mdk.i586.rpm
 26b4a92d5ed2c1953fb88fd304584281  corporate/3.0/i586/kernel-doc-2.6.3-36mdk.i586.rpm
 c2f4619bf4b4d9d3952ccad7eb4be16d  corporate/3.0/i586/kernel-enterprise-2.6.3.36mdk-1-1mdk.i586.rpm
 20970c40ded39599c4ad6bc976447c8c  corporate/3.0/i586/kernel-i686-up-4GB-2.6.3.36mdk-1-1mdk.i586.rpm
 5856cd990d971667d673216603cc9b1f  corporate/3.0/i586/kernel-p3-smp-64GB-2.6.3.36mdk-1-1mdk.i586.rpm
 0e978fa73922d870b487c2f8d14eaff3  corporate/3.0/i586/kernel-secure-2.6.3.36mdk-1-1mdk.i586.rpm
 fa9f0cdd42385ec68aa79198d2615617  corporate/3.0/i586/kernel-smp-2.6.3.36mdk-1-1mdk.i586.rpm
 8f9766f48b56d6a56333dcec3cfa611d  corporate/3.0/i586/kernel-source-2.6.3-36mdk.i586.rpm
 841863d5446060606da060acf72afce0  corporate/3.0/i586/kernel-source-stripped-2.6.3-36mdk.i586.rpm 
 15c7992f878a9ebcf38694d5700d90af  corporate/3.0/SRPMS/kernel-2.6.3.36mdk-1-1mdk.src.rpm

 Corporate 3.0/X86_64:
 9f3bb7174878cc5044386356e1c4bc57  corporate/3.0/x86_64/kernel-2.6.3.36mdk-1-1mdk.x86_64.rpm
 613608913f5dcb696b26e31ce5c01828  corporate/3.0/x86_64/kernel-BOOT-2.6.3.36mdk-1-1mdk.x86_64.rpm
 b6daad6d8d1c8bb7b8053935434ccd4b  corporate/3.0/x86_64/kernel-doc-2.6.3-36mdk.x86_64.rpm
 19857cc0134d55a81cfecf099b5f1715  corporate/3.0/x86_64/kernel-secure-2.6.3.36mdk-1-1mdk.x86_64.rpm
 b0cc99ea1220b2e3bd7922be994b3aef  corporate/3.0/x86_64/kernel-smp-2.6.3.36mdk-1-1mdk.x86_64.rpm
 8044690dcbf0a3a0c7b2e09bcc76a8d6  corporate/3.0/x86_64/kernel-source-2.6.3-36mdk.x86_64.rpm
 b67484105e125306b4dd5fdb5b84d67d  corporate/3.0/x86_64/kernel-source-stripped-2.6.3-36mdk.x86_64.rpm 
 15c7992f878a9ebcf38694d5700d90af  corporate/3.0/SRPMS/kernel-2.6.3.36mdk-1-1mdk.src.rpm

 Multi Network Firewall 2.0:
 c807857c820dae84bad9beac5ff132c2  mnf/2.0/i586/kernel-2.6.3.36mdk-1-1mdk.i586.rpm
 20970c40ded39599c4ad6bc976447c8c  mnf/2.0/i586/kernel-i686-up-4GB-2.6.3.36mdk-1-1mdk.i586.rpm
 5856cd990d971667d673216603cc9b1f  mnf/2.0/i586/kernel-p3-smp-64GB-2.6.3.36mdk-1-1mdk.i586.rpm
 0e978fa73922d870b487c2f8d14eaff3  mnf/2.0/i586/kernel-secure-2.6.3.36mdk-1-1mdk.i586.rpm
 fa9f0cdd42385ec68aa79198d2615617  mnf/2.0/i586/kernel-smp-2.6.3.36mdk-1-1mdk.i586.rpm 
 15c7992f878a9ebcf38694d5700d90af  mnf/2.0/SRPMS/kernel-2.6.3.36mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse California’s New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.