From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
Debian Security Advisory DSA-1749-1
[email protected] http://www.debian.org/security/ dann frazier
March 20, 2009
http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : denial of service/privilege escalation/sensitive memory leak Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-0029 CVE-2009-0031 CVE-2009-0065 CVE-2009-0269
CVE-2009-0322 CVE-2009-0676 CVE-2009-0675 CVE-2009-0745
CVE-2009-0746 CVE-2009-0747 CVE-2009-0748
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following
problems:
CVE-2009-0029
Christian Borntraeger discovered an issue effecting the alpha,
mips, powerpc, s390 and sparc64 architectures that allows local
users to cause a denial of service or potentially gain elevated
privileges.
CVE-2009-0031
Vegard Nossum discovered a memory leak in the keyctl subsystem
that allows local users to cause a denial of service by consuming
all of kernel memory.
CVE-2009-0065
Wei Yongjun discovered a memory overflow in the SCTP
implementation that can be triggered by remote users.
CVE-2009-0269
Duane Griffin provided a fix for an issue in the eCryptfs
subsystem which allows local users to cause a denial of service
(fault or memory corruption).
CVE-2009-0322
Pavel Roskin provided a fix for an issue in the dell_rbu driver
that allows a local user to cause a denial of service (oops) by
reading 0 byts from a sysfs entry.
CVE-2009-0676
Clement LECIGNE discovered a bug in the sock_getsockopt function
that may result in leaking sensitive kernel memory.
CVE-2009-0675
Roel Kluin discovered inverted logic in the skfddi driver that
permits local, unprivileged users to reset the driver statistics.
CVE-2009-0745
Peter Kerwien discovered an issue in the ext4 filesystem that
allows local users to cause a denial of service (kernel oops)
during a resize operation.
CVE-2009-0746
Sami Liedes reported an issue in the ext4 filesystem that allows
local users to cause a denial of service (kernel oops) when
accessing a specially crafted corrupt filesystem.
CVE-2009-0747
David Maciejak reported an issue in the ext4 filesystem that
allows local users to cause a denial of service (kernel oops) when
mounting a specially crafted corrupt filesystem.
CVE-2009-0748
David Maciejak reported an additional issue in the ext4 filesystem
that allows local users to cause a denial of service (kernel oops)
when mounting a specially crafted corrupt filesystem.
For the stable distribution (lenny), these problems have been fixed in
version 2.6.26-13lenny2.
For the oldstable distribution (etch), these problems, where applicable,
will be fixed in future updates to linux-2.6 and linux-2.6.24.
We recommend that you upgrade your linux-2.6 packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-13lenny2.diff.gz
Size/MD5 checksum: 7582454 57f388d55f402654ff834b30b22aadef
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-13lenny2.dsc
Size/MD5 checksum: 5777 6bc12d58cd44d1965c3407ea2b1d9e77
Architecture independent packages:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-1_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 117120 d801fa4d8fe73c8e8cbaa751e90e65e8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 2119816 9d47a407a3776ff118fa001a296637b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 1791570 b4d9768d893217fab73ae97671a67b0f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 4839432 7cbd07be5f1151314956fb140222f4fe
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 101012 1390d6893523763bcdaf6fa027e00df8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 49373366 fd387b044907eb8790ec5de77c6fbd99
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-alpha-smp_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 359408 f2114f6b9993649ff7c68377a415720d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-alpha-smp_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 29037748 d3eb6a17a81b069aadf0e6337b5ed175
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 3537284 07f52b2c33e58815bf1b0cb23e8ab685
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 100690 2f461b903298324fd2800f0b6d280247
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)