Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New Linux 2.6.24 packages fix several vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop.
- ----------------------------------------------------------------------
Debian Security Advisory DSA-1681-1             Dann Frazier, Alexander Prinsier
December 04, 2008         
- ----------------------------------------------------------------------

Package        : linux-2.6.24
Vulnerability  : denial of service/privilege escalation
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618
                 CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
                 CVE-2008-5134 CVE-2008-5182 CVE-2008-5300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following


    Eugene Teo reported a local DoS issue in the ext2 and ext3
    filesystems.  Local users who have been granted the privileges
    necessary to mount a filesystem would be able to craft a corrupted
    filesystem that causes the kernel to output error messages in an
    infinite loop.


    Milos Szeredi reported that the usage of splice() on files opened
    with O_APPEND allows users to write to the file at arbitrary
    offsets, enabling a bypass of possible assumed semantics of the
    O_APPEND flag.


    Vlad Yasevich reported an issue in the SCTP subsystem that may
    allow remote users to cause a local DoS by triggering a kernel


    Wei Yongjun reported an issue in the SCTP subsystem that may allow
    remote users to cause a local DoS by triggering a kernel panic.


    Eric Sesterhenn reported a local DoS issue in the hfsplus
    filesystem.  Local users who have been granted the privileges
    necessary to mount a filesystem would be able to craft a corrupted
    filesystem that causes the kernel to overrun a buffer, resulting
    in a system oops or memory corruption.


    Eric Sesterhenn reported a local DoS issue in the hfsplus
    filesystem.  Local users who have been granted the privileges
    necessary to mount a filesystem would be able to craft a corrupted
    filesystem that results in a kernel oops due to an unchecked
    return value.


    Eric Sesterhenn reported a local DoS issue in the hfs filesystem.
    Local users who have been granted the privileges necessary to
    mount a filesystem would be able to craft a filesystem with a
    corrupted catalog name length, resulting in a system oops or
    memory corruption.


    Andrea Bittau reported a DoS issue in the unix socket subsystem
    that allows a local user to cause memory corruption, resulting in
    a kernel panic.


    Johannes Berg reported a remote DoS issue in the libertas wireless
    driver, which can be triggered by a specially crafted beacon/probe


    Al Viro reported race conditions in the inotify subsystem that may
    allow local users to acquire elevated privileges.


    Dann Frazier reported a DoS condition that allows local users to
    cause the out of memory handler to kill off privileged processes
    or trigger soft lockups due to a starvation issue in the unix
    socket subsystem.

For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.7.

We recommend that you upgrade your linux-2.6.24 packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:  3951605 2c2f19150d409bc91052c159bfc2618a
    Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af
    Size/MD5 checksum:     5107 5491cd0340d5f730a95e70844e786646

Architecture independent packages:
    Size/MD5 checksum:  4259978 f92e913356662607598cb222d5dff90b
    Size/MD5 checksum:  1547930 4b6ec3287a2a7c58f9eb7e36f6097073
    Size/MD5 checksum: 46861910 b7deaf2329a6dabc8ad69ba7456be5b8
    Size/MD5 checksum:   781324 42c163f092a7710ae7ca1a280dbb2cc3
    Size/MD5 checksum:    95886 237336e36d5c66c8874fc3e90b01c906
    Size/MD5 checksum:    81484 fb919006ef3884f412a18fdc000cd934

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   329436 9ef6006bd48b4f4433cf30c6af8470eb
    Size/MD5 checksum:   330186 8e9773baa7df02ab60650197e0f54baa
    Size/MD5 checksum:  3452298 0da67a36979ebd940641dd7f5545436f
    Size/MD5 checksum:    81084 2928989d1ed4df77323154079b4efd36
    Size/MD5 checksum: 26752936 0e09ac92c7f2f0e535b3dfc79bd2ddc7
    Size/MD5 checksum:    81108 9f7cbe9a3fe45dd71beb81a515ee392c
    Size/MD5 checksum:   330070 2d42720e8d72230600e49935be80a365
    Size/MD5 checksum: 27342254 bcacd46171a9d7754c5c2b149736bc65
    Size/MD5 checksum: 26731430 650899a54478d9e03dc91daa00af6a0c

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   347556 5544acada018e12d4ef8398fe7efc1d5
    Size/MD5 checksum:  3647784 42164154b6617c0ba436d3aed2b5c20e
    Size/MD5 checksum:    81086 d68e490812f1556d4aa4d271d9d9e44a
    Size/MD5 checksum: 19592822 cb92f8f4f3caea3d8d2987671385c433
    Size/MD5 checksum:    81090 de26c787b5a761f242f438353e78c899

arm architecture (ARM)
    Size/MD5 checksum:   308040 38431699345228ae923ebd31e0aba4e1
    Size/MD5 checksum:    81216 bbc58508fa9ff44db621929eb80e751c
    Size/MD5 checksum:   296358 d0fb06455bd0dd52c97c89e12d43070b
    Size/MD5 checksum: 10737668 6b189b959a60fc8b9b65c635eb65a5ec
    Size/MD5 checksum:    81188 c79b3b88424c70ee5722bad32e75f3f6
    Size/MD5 checksum:   305284 1c89071587b8ada061a39c944b08205a
    Size/MD5 checksum:  9355002 c5173436480e688734ce3546bd04abce
    Size/MD5 checksum: 10730318 9b9d4b4cf212a1bb30ce6466550fc131
    Size/MD5 checksum:  3935222 529d338129b03913b330882ebbae58f4

hppa architecture (HP PA RISC)
    Size/MD5 checksum: 13329680 7b8749c32e2ac311dec45573a457a641
    Size/MD5 checksum: 14385376 68ce52f35c021bc8335af3eb1212d944
    Size/MD5 checksum: 14847414 ed07ff671736068faf1a13838f7cd0fa
    Size/MD5 checksum:   259872 0abf24914e2467e1716bd1ea7cc25815
    Size/MD5 checksum: 13845366 203f57a6337df0a6f9741c64952e1346
    Size/MD5 checksum:   257054 214036937097f47370694901e58246f1
    Size/MD5 checksum:   257974 8ffd5029ee339ed8612fbf75d56bea33
    Size/MD5 checksum:  3437038 fbbb21a76ace4ed154043e0550d1f4f9
    Size/MD5 checksum:   257230 e317c0ff6179c2c4713aa63d45175103
    Size/MD5 checksum:    81112 4610e1a67440cee6f15dc1aaf6d02548
    Size/MD5 checksum:    81088 f7be3c9cd45f9e8937cd70094b541595

i386 architecture (Intel ia32)
    Size/MD5 checksum:  3652904 46ea0627e98d94c761df84d74355e67a
    Size/MD5 checksum:   343836 47b0b3f7b95a15e42c1c589bf5e35674
    Size/MD5 checksum: 19146844 8a9a904349be3aa44fc14357cd110c79
    Size/MD5 checksum:   355680 e663861309734521e8c5fdf8e1bbabcf
    Size/MD5 checksum:   356332 6ce56310f3193f0f605dfe1d8abed44b
    Size/MD5 checksum:   357066 cbbed580c43cb900703e9fd98c4588b6
    Size/MD5 checksum: 19483198 626da227a202bcbac1dbe7036d70a347
    Size/MD5 checksum:    81106 20d519ae3ecab8de77b4f541759776f3
    Size/MD5 checksum: 19210828 d7e774861bf6140e6f8edb1b04c9e485
    Size/MD5 checksum: 19211142 9344b77b546a287d5b2a285f8b02fbdb
    Size/MD5 checksum:    81076 8d4017d9fc6b61afaaf97a4ec7d5568d

ia64 architecture (Intel ia64)
    Size/MD5 checksum:  3565520 2f8927e7a454ded1886fa1255ac99cd8
    Size/MD5 checksum:    81086 7003072933d4fd3fe813560d0d826227
    Size/MD5 checksum: 32201010 c86d786acb3b64eb9c4e5e2317dda9a5
    Size/MD5 checksum: 32024038 082f739cda08dd04281e123c20781446
    Size/MD5 checksum:   317022 26f85bedb20c4004772ce59a93fea5b6
    Size/MD5 checksum:   317394 640e3c5f4423347144678efae26a9b1a
    Size/MD5 checksum:    81098 9e49f1b1f92fb835487d4ac351427deb

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum: 17185744 a43a8ec9dc1c76a05c53dac50b2110a6
    Size/MD5 checksum:   246732 17dbd46228199c4bfa69a2705ac1ecca
    Size/MD5 checksum:   227180 6a2baf832d10052ea4f1ab9cf6c18840
    Size/MD5 checksum:   246586 ae46e1c1d417c5455f5dc2dc06a94773
    Size/MD5 checksum:   309828 dd7f21c1fd27d8039aded66ffd12705f
    Size/MD5 checksum:   311170 a397b0b972cdbd14c2f0ad6a6cc54971
    Size/MD5 checksum:    81186 aa82d974436c3d47894f57cabbf81d82
    Size/MD5 checksum: 10543374 56bc9e7c6140c2814a78f0f184b85ef4
    Size/MD5 checksum:  3801310 1660f19b375bb13373c1c2a93cf98b75
    Size/MD5 checksum:    81238 8d0736ca7c7a60d2a7d225ffb497d2c5
    Size/MD5 checksum: 22244152 bcedd742286317f4d82e11bedada7cc4
    Size/MD5 checksum: 27847212 0affb18e6b357536b047e72cf7d90b4e
    Size/MD5 checksum: 11990248 6a871820ccd2fec8d6a0922805e239fe
    Size/MD5 checksum:   216186 391292b5aea99f702f43776492edd020
    Size/MD5 checksum: 17202910 1d592724023f76bd0372b4905a2d3ef4

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum: 13315566 0cd74f9e05cc2d31815f373a665c1116
    Size/MD5 checksum: 16624260 7db100dbc69b306dc8df9b1285753525
    Size/MD5 checksum:   308712 dd571f0d9233b3ffc9c30662c64ed838
    Size/MD5 checksum: 21729810 e5ed0fe010f32fec4cd175a9f4410c94
    Size/MD5 checksum: 16562708 29b439da109b751e351c786ec63caaaa
    Size/MD5 checksum:    81134 ea5da915109e06f6d7044e23e7eac408
    Size/MD5 checksum:  3801574 1df57842e612920edd315afa254ff886
    Size/MD5 checksum:   307700 fbb26ab763f0e697448aefcd52ecaec4
    Size/MD5 checksum:    81084 f89c0491fd4871cb5deead793f4d5af0
    Size/MD5 checksum:   245164 0e7680aeaee55f5efd3b5d3c345352f8
    Size/MD5 checksum:   245472 77fc2c29508f4cf68a3d2c55e0f50819
    Size/MD5 checksum: 26968578 b17641f28b89fdc9ec49b14de01f41dc
    Size/MD5 checksum:   244908 7d56c5200a18eb5f62226ca6f25e7ed5

powerpc architecture (PowerPC)
    Size/MD5 checksum:    81120 8e3de4067e283f548d1b1885459d2674
    Size/MD5 checksum:  3670606 b4dfc497b04645123cf938974d0cc4de
    Size/MD5 checksum:   293370 f779befecf93629614c042b645d9e144
    Size/MD5 checksum:   319114 1f92bd8563b8d7b9a061c35930d19ab6
    Size/MD5 checksum: 21149236 b705053a3965b14431b268e12aa52ad3
    Size/MD5 checksum:   320034 cbd7a9dc0ef37281fae9a491268940ba
    Size/MD5 checksum: 19193042 3c8ecaef8f99447708d98209f6e64846
    Size/MD5 checksum: 17458076 d5adf60ff2a97abdb28eecb90215226d
    Size/MD5 checksum:   320636 2c6d4c306e4dca8a94c2ced7f9e19b8b
    Size/MD5 checksum: 19482590 749b6fc27b2a1228fe727615055e16f7
    Size/MD5 checksum:    81090 bbb53435753b18bfbf5e79f3a6b2cdcf

s390 architecture (IBM S/390)
    Size/MD5 checksum:    81080 b2e7e3ee09134a4119106f6b2dbd1b9a
    Size/MD5 checksum:   193016 a738d97e9b92b948b604233b727b57b5
    Size/MD5 checksum:  3427926 a8052afe77d6a40855abfd5632f90ffe
    Size/MD5 checksum:   192808 6873cb323b4a4c482ee70e9681f690db
    Size/MD5 checksum:  1499452 b52895ec51a4442e11f9b9131aabca24
    Size/MD5 checksum:  7196080 9492b52dc99eb89c5e512ed98a02edd0
    Size/MD5 checksum:    81096 abc2970b4b3b4c61096e64630a382e1a
    Size/MD5 checksum:  6945738 55db5c2717615f2b6a906b7a48ba6125

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:    81080 b881c0458f040d249cfadefd6f650ad9
    Size/MD5 checksum:  3649792 e490362b2bc7f2061de496b036bacf6e
    Size/MD5 checksum:    81106 bed849cd37f07f1827b83968205006b9
    Size/MD5 checksum:   259620 376c346454b210fd5a41df9333469054
    Size/MD5 checksum:   257548 e19691a226d0a32cc1c50fd8a8460483
    Size/MD5 checksum: 12978174 2639d1d96059ade27eee89b3be7d5373
    Size/MD5 checksum: 13266842 1809a7df4eeedca63c0100113273119f

  These changes will probably be included in the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
MongoDB Patches Remote Denial-of-Service Vulnerability
DDoS Attack Against GitHub Continues After More Than Four Days
5 keys to hiring security talent
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.