From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
Debian Security Advisory DSA-1592-1
[email protected] http://www.debian.org/security/ dann frazier
Jun 09, 2008
http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : heap overflow
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-1673 CVE-2008-2358
Two vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-1673
Wei Wang from McAfee reported a potential heap overflow in the
ASN.1 decode code that is used by the SNMP NAT and CIFS
subsystem. Exploitation of this issue may lead to arbitrary code
execution. This issue is not believed to be exploitable with the
pre-built kernel images provided by Debian, but it might be an
issue for custom images built from the Debian-provided source
package.
CVE-2008-2358
Brandon Edwards of McAfee Avert labs discovered an issue in the
DCCP subsystem. Due to missing feature length checks it is possible
to cause an overflow they may result in remote arbitrary code
execution.
For the stable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-18etch6.
The linux-2.6/mipsel build was not yet available at the time of this
advisory. This advisory will be updated when this this build becomes
available.
We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
The following matrix lists additional source packages that were rebuilt for compatability with or to take advantage of this update:
Debian 4.0 (etch)
fai-kernels 1.17+etch.18etch6
user-mode-linux 2.6.18-1um-2etch.18etch6
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, powerpc, s390 and sparc.
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch6.diff.gz
Size/MD5 checksum: 5352776 53665fdbfd435768445f5769815a6f0f
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch6.dsc
Size/MD5 checksum: 892 19fedcf7c50efef11cafccae07e0633e
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch6.dsc
Size/MD5 checksum: 740 6d352c2fd23224c19ce6bd5f16e426a2
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch6.diff.gz
Size/MD5 checksum: 17450 e69f4b95dd204d627a5f45b1912fb428
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch6.dsc
Size/MD5 checksum: 5672 ad355fcc4fd43b811ea42d25e453f07b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch6.tar.gz
Size/MD5 checksum: 55758 da75950eb5b906da82a0eb14e3df0a24
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz
Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 3718034 4a0772868c474a21d84a5759109fead8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 1084558 3339b6103ae3d4b978a2f793b6c7b4a4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 41461134 0b1d8c9944f19c4ab4fe6ba26149724d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 54744 21d56790fe466ad9835168c4200fc83d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 3589420 9b6d24f908606a6fb80d6ba6d5b162fd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch6_all.deb
Size/MD5 checksum: 1594648 f724461b4b1556f3c95b76bd641d19a0
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch6_alpha.deb
Size/MD5 checksum: 268958 9226e8f3bd1abe6e1f46d83cb3f15c3e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch6_alpha.deb
Size/MD5 checksum: 3052824 0a5d73bd0f62988679f1523345a479a1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch6_alpha.deb
Size/MD5 checksum: 23484706 b3235616663a3f8c5cd74be1971b0426
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch6_alpha.deb
Size/MD5 checksum: 54198 7ad2915af786942a1a198eb5c6d87c81
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch6_alpha.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)