==========================================================Ubuntu Security Notice USN-1089-1            March 18, 2011
linux, linux-ec2 vulnerabilities
CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4162,
CVE-2010-4163, CVE-2010-4175, CVE-2010-4242
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  linux-image-2.6.31-23-386       2.6.31-23.74
  linux-image-2.6.31-23-generic   2.6.31-23.74
  linux-image-2.6.31-23-generic-pae  2.6.31-23.74
  linux-image-2.6.31-23-ia64      2.6.31-23.74
  linux-image-2.6.31-23-lpia      2.6.31-23.74
  linux-image-2.6.31-23-powerpc   2.6.31-23.74
  linux-image-2.6.31-23-powerpc-smp  2.6.31-23.74
  linux-image-2.6.31-23-powerpc64-smp  2.6.31-23.74
  linux-image-2.6.31-23-server    2.6.31-23.74
  linux-image-2.6.31-23-sparc64   2.6.31-23.74
  linux-image-2.6.31-23-sparc64-smp  2.6.31-23.74
  linux-image-2.6.31-23-virtual   2.6.31-23.74
  linux-image-2.6.31-308-ec2      2.6.31-308.28

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

Details follow:

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)

Dan Rosenberg discovered that the socket filters did not correctly
initialize structure memory. A local attacker could create malicious
filters to read portions of kernel stack memory, leading to a loss of
privacy. (CVE-2010-4158)

Dan Rosenberg discovered that certain iovec operations did not calculate
page counts correctly. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-4162)

Dan Rosenberg discovered that the SCSI subsystem did not correctly validate
iov segments. A local attacker with access to a SCSI device could send
specially crafted requests to crash the system, leading to a denial of
service. (CVE-2010-4163)

Dan Rosenberg discovered that the RDS protocol did not correctly check
ioctl arguments. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-4175)

Alan Cox discovered that the HCI UART driver did not correctly check if
a write operation was available. If the mmap_min-addr sysctl was changed
from the Ubuntu default to a value of 0, a local attacker could exploit
this flaw to gain root privileges. (CVE-2010-4242)


Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:  9326032 7f382bfad2a3ecf8d36081183a050135
          Size/MD5:     3308 be1ed679e9f21ef057b4f91b83a97381
          Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9
          Size/MD5:  3016564 a1166cc78c81dfda98407d84f35c1046
          Size/MD5:     4384 165930ab54ad22d74e762df2b2807a6e
          Size/MD5: 78278595 16c0355d3612806ef87addf7c9f8c9f9

  Architecture independent packages:

          Size/MD5:  3804752 d819b3de234bba044bdcff3040e41172
          Size/MD5: 64298296 e636a826b9b3de3399fb27fddceb7fea
          Size/MD5:  9676950 179c86615b729e8fb1f7b4edf549408b
          Size/MD5:  3805952 091412cbbdd90be5104304de7572fad3
          Size/MD5:  9546696 3059163b85fec09f79a971dc5b4473c5
          Size/MD5: 62210474 e1d35e5afa3429fdecf3c34a04430c46

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   616142 1853a34a6c39cd147878941f93ad077d
          Size/MD5: 18771430 d7b441e84f2593e0b5b5d97ceaecc9ba
          Size/MD5:   228938 4917030f45ffad0488ea8c43a294383b
          Size/MD5:    15682 7c24412310b59b2e93a81dd2609cad0a
          Size/MD5:    53254 04baa8835da5a7dc5c0c75979a4f5e3d
          Size/MD5:    44762 da90adffbf4ad86c186af9fcdac70e16
          Size/MD5:    50178 edc60641e1fbaf7ebe69779f1d7322cc
          Size/MD5:    91784 016b42a3b62edd5d122cdfecbf8344fa
          Size/MD5:    37778 02ad32b797730a9ba9500a041f5ad8b3
          Size/MD5:   538022 4ddbbfedf5e4252a7a5a7b04172066da
          Size/MD5:   130706 bb14ac2e6854ecddae4d19594f89901e
          Size/MD5:    54540 e44dee090aec4c9b159e60b16699e135
          Size/MD5:   312916 80e76bb14eca0cd3e895db228a9bb79d
          Size/MD5:  4360168 8a91473edea8acd370d960b0cccb7e1e
          Size/MD5:   717382 01bd2bfb28cac7a9c23742447ee10fef
          Size/MD5:   715330 4bd8da07659076cedb935e0280cddcd8
          Size/MD5: 29004470 467f8894df32f800cdcb96d46d4943ed
          Size/MD5: 28960382 03c56ee7aeca527cfc32c03e981c6ab3
          Size/MD5: 11814124 7b18184f65a3eea3b72e5bd08a23c8b4
          Size/MD5:   774704 f911767d16fc8461bb9e04a6c235ac41
          Size/MD5:   168672 b256c0f32beb61ab285169b2b1032044
          Size/MD5:   202510 f6217fb0249b522cbf04e8252df2227f
          Size/MD5:    27750 646c0ce2ed61def6a5bc83daa4639681
          Size/MD5:   312002 3e4edf94325e6892495ce3bfd398e156
          Size/MD5:  2286532 e1469cdaecd8c255f9b631fa0ebacf35
          Size/MD5:   157178 795cb67eecd34feb92e9a2dcaba47c9a
          Size/MD5:   203294 0f5cd3256c08340ec2b4ed266882aba9
          Size/MD5:   160942 4e31f3bf103d4a004b752e0b703b021f
          Size/MD5:    38056 f0f12226c9be628dc2de0dafe52c823e
          Size/MD5:     5760 67d63b53f7c5afd401c7870e9b270818
          Size/MD5:    74002 cdd30af9bc8a0ad67f212bcf6f6638fa
          Size/MD5:    22246 eb3fc9a851e55dc690e202dd6ce90194
          Size/MD5:     9542 e6a12398b4a58b6da435c5f142a61daf
          Size/MD5:    39634 e69ba0c8e88757cf8e01237c4e478364
          Size/MD5:    23486 537b3b0a0afe75fea7a3145f49de9281
          Size/MD5:  1390040 0a8e253c00c3b3659a8946ac78ae73dd
          Size/MD5:    47646 064ca57bb7a4710d9734f6aa85974b4e
          Size/MD5:    51716 e840f8a6790b1e2cab0d7f4ed8178ce6
          Size/MD5:   128314 6b1ec95ba41dd6b38a6cb0846129ff0e
          Size/MD5:    15794 cd6ca11538eea25ed455937b5671c335

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   586808 eb3a1aba484a912019e512cf99f8985b
          Size/MD5: 18102842 847f20109a4a9579093230a95830ac56
          Size/MD5:   198842 72b3931fddbdbdd63729f3fa4af9b404
          Size/MD5:    32572 05a1b9baee1de48276a8341afbd82f65
          Size/MD5:    49946 bd9ee0b5b7cb69b95fb9168db0fa787c
          Size/MD5:    42114 29ffc313730e26b688f950b366c6b535
          Size/MD5:    45944 cee377473e42172b3f96cf1b982ebc5f
          Size/MD5:    87400 e4e63d8a3b7e5ffc79145e5c46bf2bb0
          Size/MD5:    33754 f13c3a8d3ca34c9e589f0f84fc21eabd
          Size/MD5:   533920 32f0bf389172cd74a2d1ea4404736063
          Size/MD5:   128174 34d43194dee9e2268477c4cbd85523d8
          Size/MD5:    49760 0499f50993883f13a09733c63c9abaaa
          Size/MD5:   295736 c67e2a7205105331e44fc14f789bffba
          Size/MD5:  4198892 036785b4d12bb7be17028d62d11fbfb8
          Size/MD5:   687952 d92c85cdd3d4da52246a4a617176286a
          Size/MD5:   689686 1097427c05373d80f0d0c311eb665082
          Size/MD5:   688222 b11c751e7ac5c7a95a1f2ed3fa8ff0dd
          Size/MD5: 28833668 d0ffbd3e19cef23d9ebcb29c5d3ab777
          Size/MD5: 28965016 2d93cf6b19d33664f252a7f45abbf552
          Size/MD5: 28911674 ab20259c3ba3f3c490c8d0ffc159bfcd
          Size/MD5: 11304122 b95a83cfb7b96276ce77523d64c2faa1
          Size/MD5:   756844 2b36fe0e0cc9bb82a7560d0bdc9e713f
          Size/MD5:   172880 8e0fbda1ec1a6962112faa3b9bb39db6
          Size/MD5:   186166 bc0927344bb4c2c96ae8011ae8ab07bb
          Size/MD5:    28924 41a2d603749b85cad2fbf2840c9890ba
          Size/MD5:   292862 06e247dfe6a398a0581a5bbea7347245
          Size/MD5:  2400044 1cb30a81d2f5ae9bd30b3caf48c0eda3
          Size/MD5:   141996 15fad0ff5ce06e9bc3c2a51e826846a5
          Size/MD5:   189590 ba8b718614e57d3b43dbcd0033d12682
          Size/MD5:   148546 48cb0010b205875589df2802b9dede82
          Size/MD5:    35302 3a9a2a0b462a765f5f6c712ff76029b4
          Size/MD5:     6840 003d721f75d8793443e7c712fd4febf9
          Size/MD5:    86106 d4fe53561515ac6c2112b5b5cfeff734
          Size/MD5:    46422 ec901129b677b377ef2b76e48ba4487e
          Size/MD5:     8912 90987836da38d4529a5ef3dc38aff541
          Size/MD5:    36276 cf694530b0aa5df92d709a831b1a9537
          Size/MD5:    21670 6f3f0989f08a1bc202ca37cb11b3de30
          Size/MD5:  1495332 5ea45dea19a44fea9021784288e490bc
          Size/MD5:    44082 ab36a6fb7fc99ea0cacf4b35caaf70fc
          Size/MD5:    48544 ffa98b972d82f1f111811502d47e4951
          Size/MD5:   117846 96b1f7fa98d619debbfd9a01821b51fb
          Size/MD5:    14536 727f573e4b926f4d28e12c1646fb50f5

  armel architecture (ARM Architecture):

          Size/MD5:   749302 3a3f447a8d5e24a024323283728dac27

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   198812 c72c118b4e336e6f5feee02fc295fbb3
          Size/MD5:    32558 7579651191e2cf4f4c99c34fdd27c0f4
          Size/MD5:    49944 33bc5a9a4a67baf4875a37194310e3f1
          Size/MD5:    42160 8ef09c934d16e63c294ec21127928e8b
          Size/MD5:    45946 a3dc7de6597ec73b44295f617817a72a
          Size/MD5:    87400 8fcf418fb017566a758466bdac702720
          Size/MD5:    33752 cc3f6ed4e270a5e08b27dc23eb4f7f3e
          Size/MD5:   534114 4f8c96851ad01af2881659b41179a81c
          Size/MD5:   128212 d7b339d2ffbaf6fb0c0e366156aaa3aa
          Size/MD5:    49740 703eed18256d1023215c6c1b75887fef
          Size/MD5:   295744 1bf543d7d4cd96b8bd4e0188663fb267
          Size/MD5:  4199586 c6d412f0de545b1075d2fc630cdd1872
          Size/MD5:   688544 1f990b32b093fd8a165d4ab2314f8193
          Size/MD5: 28910646 d56a59036e581bf1b0be525f894641ab
          Size/MD5:   756850 c6dd4dab659ceaf4b4f5a4ec77d5ebbf
          Size/MD5:   172940 a0d3b4cf46c5498725ef721ddfdff4ff
          Size/MD5:   186148 e05d6e04be3282c4156f660fcdaebb69
          Size/MD5:    28916 f0a18b9103abae7bd487783557390fbe
          Size/MD5:   292854 1b966e28933605c952dfb85fb60bd52d
          Size/MD5:  2400286 d48c8e2e4a5224008ba1bce7320c6d11
          Size/MD5:   141986 263831bbba3bfe902bf36a5a4f0e2215
          Size/MD5:   189598 71b864cb93a6b1f31087f212f693cd93
          Size/MD5:   148522 74c6e2e8ccd2da228fa623a95663bfd2
          Size/MD5:    35290 50570175c639a612de7827cfbbed3d9d
          Size/MD5:     6826 17c3bb98449f754fc43c19c246dbcf82
          Size/MD5:    86094 ce6806e42d32c63f2f3a33982430f138
          Size/MD5:    46412 e5731a5fa87405f9fe15dcb785eebe7b
          Size/MD5:     8908 3e2570a1fe4dd33159fa57d78530e61e
          Size/MD5:    36270 128636e7a210b0fb20e8e51d18bb2d09
          Size/MD5:    21664 5ad1a61f3f62fc7131b18056f0ad8e8c
          Size/MD5:  1495102 f0a1b5f65e863f66773c8eee5d7772fe
          Size/MD5:    44078 3e8e297a0c342af629ccb4ac7fa2a8a9
          Size/MD5:    48528 41fe72ea7dba89dfb319c4c7f1c25dfb
          Size/MD5:   117838 2a79e7821e679bdc06dc2ebe391bfa80
          Size/MD5:    14520 306c21e88e727101fa85893eee9fda21

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   328532 88438c79ee51e1bf374db94c45ad8df6
          Size/MD5:   263700 83cd691282113fd2a8252695e189c8bf
          Size/MD5:    59674 5d2192966c94a98c3f900b6373c67118
          Size/MD5:    67048 4ab37c96977aa92bac011de3d5a4dbaf
          Size/MD5:    47830 dd7676b7ad1d05be4d7848ca2cabbe54
          Size/MD5:    51298 79f2b257df4db0b0c1cc16abc59e63a3
          Size/MD5:    92764 d9bdb1399f9904298666cabacde5c745
          Size/MD5:   105156 b77ad034f655e8c8ebaae7acfadf03bc
          Size/MD5:    40310 3c0920ddc76e34c0448b40c3496e238a
          Size/MD5:    39280 5ef67480c1ca11994a3139e80ca30929
          Size/MD5:   604366 147ea276eefa3190a2a25ce3ebb709a7
          Size/MD5:   626168 5877cc40306b23e23c46c6a6b5a8715c
          Size/MD5:   153598 433a5540c209c38906252e68bd22a36c
          Size/MD5:   147288 91c74b7a450ee478e35df85529e142ef
          Size/MD5:    81388 3aa356dd70cf2d4b759456fe78d4b357
          Size/MD5:    84134 2aac648cb22b30bf23fc1b1ef03fefda
          Size/MD5:   410314 33901c38049fe4acd97285c58bf9c7a1
          Size/MD5:   342520 8bdd740505552f2992b12e53423e6a41
          Size/MD5:  3934580 fa61984c87af859bb7c7b1adb890096a
          Size/MD5:  5224404 05888c0569a81a63fe8b0c2afda33405
          Size/MD5:   797616 aea51028796e722eec5361b395f9b87b
          Size/MD5:   816022 0e2ddabf04ae1634d1384a7398dd690f
          Size/MD5:   797338 69f5ca1fe83ecab09c09954c414b64a9
          Size/MD5: 25320686 433d525ad770c39b3a907cb0b4ebaaf5
          Size/MD5: 25865816 1d3890f2b8496c750e58f52fc7794819
          Size/MD5: 25102784 371d62876444e55ab9634f4d5fbebfae
          Size/MD5:   741910 b254e2361fc6eab8606413627f806498
          Size/MD5:   278878 66611a59fd3255cfc6817aba30b81b1b
          Size/MD5:   294734 97c88ef24b150932d0a68210bf7d513a
          Size/MD5:   216320 8ab78e9c620368de7c324f7daa13e302
          Size/MD5:   217048 bfe48eb9970e82b8499fa5746cba59ad
          Size/MD5:    26850 3e0cc86d53181fb5ddea97ce464430d5
          Size/MD5:    29686 0bc5e7b2cce3776eb9969574243c03fa
          Size/MD5:   324424 c758d3228c02ba0eb98293822cf6cece
          Size/MD5:   357628 02d799dae51a2ee763df85b54106b0af
          Size/MD5:  2074780 e44ea6f54572dddfaa248cb5f80ff4dd
          Size/MD5:  2247762 214c9d15d005a7aefcf20f0afc4f1d8f
          Size/MD5:   218282 273f989754f4c7344fea6fca0ab3cc88
          Size/MD5:   209828 8e1e70866d1840067993d3a7ddd47545
          Size/MD5:   216492 c6e37454e257754ce1a3177428c721e3
          Size/MD5:   244882 5850392b271d37fa229d75695a3fae69
          Size/MD5:   114150 4f7395284c1da1d217e10f491a7d54e1
          Size/MD5:   131632 063902ae029dfbe53df52a6421ea3c9f
          Size/MD5:    50262 7112617a9e31a321ef7bfff6b521576f
          Size/MD5:    44088 083380702ebbab5d2f7d3d4bad436088
          Size/MD5:     5918 da316c9f059c298d9dba5e6d79885c13
          Size/MD5:     6506 5796f10483c15f27e7607e5d551704e0
          Size/MD5:    80770 4fdaca44b0facc0294055482fd87911d
          Size/MD5:    85248 cfc5b27497a924f80fe347ab58af54fc
          Size/MD5:    75760 34d2d5c11f3e1b49b4ca9ce066c4a807
          Size/MD5:    27272 4d5aa84249ea588cab09ce6db508ff97
          Size/MD5:     8740 faf0370ad234562ce00c8c8c989f08e0
          Size/MD5:     9814 78d4dcc9164022bfb25de9ee7f0d6455
          Size/MD5:    60122 abd303c065d7392f11d7d7f89c915d9a
          Size/MD5:    70148 4cfa140898137b9e1ade73273896d0ba
          Size/MD5:    24184 6d889ac9e8146155623ececa74c05523
          Size/MD5:    30800 656e2da035476cfd2b42e510cae830f8
          Size/MD5:  1593636 ba985a9ea188d2649ab7c582584e1db3
          Size/MD5:  1509574 6f85429fff75d515cda49345b52ce60d
          Size/MD5:    83510 91540ec7bbe37bc58164d21e3780dbf7
          Size/MD5:    88508 764843819ba8fba9db942168c138733d
          Size/MD5:    66250 8aeac0c679cdd15eab6bce83d86185da
          Size/MD5:    77176 676f26d08a5f2bdebff80d731f760dad
          Size/MD5:   145676 1e8929659203795e95badb26a5bde8a1
          Size/MD5:   151402 7b15d61b1b4032fa0901588bee4febda

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   139452 93f30128af5fcdacc3642d284cd91745
          Size/MD5:    70112 4b7cac8a05ab08d927fbc43da04d2af6
          Size/MD5:    46516 3dc0ee21597e263fc49e1f6239f4510f
          Size/MD5:    93986 697aad031c12b17756191a88ea9106c3
          Size/MD5:   588552 86a42aaa9fd679c353adefb1b1e44091
          Size/MD5:   148410 054724367089a5e9c24bcd36d4bab559
          Size/MD5:    75898 0af47b745cad8e2159fa02a16f3d107c
          Size/MD5:  2912284 e8b2d469b04cd1d101b80d6760dcc1aa
          Size/MD5:   615292 cfbff5c15fb6e2e7a61e15fb656d0419
          Size/MD5:   613384 d8d4c9f632bfd7daa381edde257b131c
          Size/MD5: 20561556 43aa01fdf518d67061d19234f5fb59fb
          Size/MD5: 20250356 dce144007055383e7775fa9192849af7
          Size/MD5:   754032 53bd103e2f4222676464655968556cc4
          Size/MD5:   266446 374d3103de75df54494a0d9a7b80452e
          Size/MD5:   209148 78b7cda19fbf4fdcd2b30e3e624b9dc2
          Size/MD5:    26796 1f3abaddff6675147a4ed36078c05c31
          Size/MD5:   314224 62d32820ef45b03fc057bab1b3730266
          Size/MD5:  1675456 ffa3cedc6d4990411a5b0c04ae3ec1a6
          Size/MD5:   222868 8b40c7c86a580ccdb866f2d462589985
          Size/MD5:   121960 5f82aaee738435ca2f4cbbcd5b0fe63c
          Size/MD5:    38798 108b5d2a9b544499b06cf740008fa7c2
          Size/MD5:   100826 d9dd171ea2dbd0093689b0e47fb055be
          Size/MD5:     8932 de3f65b62d4d5986864423dd0338e44f
          Size/MD5:    62920 e5464e892eb7884c44515b961b9516bc
          Size/MD5:   120992 ed8da9c6f7384835d77adcad9d34307f
          Size/MD5:  1218180 8ad94c5e1b6c0b2098e152ccc0dab610
          Size/MD5:   101552 a5a5b74cc2a1765ea24c4d2756f4fe6e
          Size/MD5:   200214 057a8c7a011a61523043a8970e992977
          Size/MD5:   185130 5e17ade24d1677821c8dae7a4556cac1

Ubuntu 1089-1: Linux kernel vulnerabilities

March 18, 2011
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory

Summary

Update Instructions

References

Severity
linux, linux-ec2 vulnerabilities

Package Information

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved