<<< Date Index >>>     <<< Thread Index >>>

[ MDKSA-2007:195 ] - Updated kernel packages fix multiple vulnerabilities and bugs



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:195
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : October 15, 2007
 Affected: 2007.0, 2007.1
 _______________________________________________________________________
 
 Problem Description:
 
 Some vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 A stack-based buffer overflow in the random number generator could
 allow local root users to cause a denial of service or gain privileges
 by setting the default wakeup threshold to a value greater than the
 output pool size (CVE-2007-3105).
 
 The lcd_write function did not limit the amount of memory used by
 a caller, which allows local users to cause a denial of service
 (memory consumption) (CVE-2007-3513).
 
 The decode_choice function allowed remote attackers to cause a denial
 of service (crash) via an encoded out-of-range index value for a choice
 field which triggered a NULL pointer dereference (CVE-2007-3642).
 
 The Linux kernel allowed local users to send arbitrary signals
 to a child process that is running at higher privileges by
 causing a setuid-root parent process to die which delivered an
 attacker-controlled parent process death signal (PR_SET_PDEATHSIG)
 (CVE-2007-3848).
 
 The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer
 ioctl patch in aacraid did not check permissions for ioctls, which
 might allow local users to cause a denial of service or gain privileges
 (CVE-2007-4308).
 
 The IA32 system call emulation functionality, when running on the
 x86_64 architecture, did not zero extend the eax register after the
 32bit entry path to ptrace is used, which could allow local users to
 gain privileges by triggering an out-of-bounds access to the system
 call table using the %RAX register (CVE-2007-4573).
 
 In addition to these security fixes, other fixes have been included
 such as:
 
   - More NVidia PCI ids wre added
   - The 3w-9xxx module was updated to version 2.26.02.010
   - Fixed the map entry for ICH8
   - Added the TG3 5786 PCI id
   - Reduced the log verbosity of cx88-mpeg
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3105
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3513
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3642
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4308
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4573
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 f99dbf1673d8a021cc34846f1638867b  
2007.0/i586/kernel-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 50be9069d1764675309639acb2b40d56  
2007.0/i586/kernel-doc-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 d21ea9807b3439ac1b5dad14dd079b14  
2007.0/i586/kernel-enterprise-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 9580a6361e4d673ac8b0aaf03232007b  
2007.0/i586/kernel-legacy-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 ce58edd917bbbd868ef1ce1bb128c8d1  
2007.0/i586/kernel-source-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 b9177102e20d0f64b5cbff13cae899c5  
2007.0/i586/kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 27682940a2c1885df7ada7dd68fe9efa  
2007.0/i586/kernel-xen0-2.6.17.16mdv-1-1mdv2007.0.i586.rpm
 f96636a80d0779e84f1caa8b3d92f723  
2007.0/i586/kernel-xenU-2.6.17.16mdv-1-1mdv2007.0.i586.rpm 
 34cb36342f866a44d34627a809db2ee5  
2007.0/SRPMS/kernel-2.6.17.16mdv-1-1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 6eebbdf78fac9ef6092be3f4f07e0fec  
2007.0/x86_64/kernel-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm
 b84feb968f88b161efd96711738eabb2  
2007.0/x86_64/kernel-doc-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm
 24f8db96f8c023208b9d3b5e9d161f5d  
2007.0/x86_64/kernel-source-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm
 37b99c870cc4e4aaecd17594559a2b04  
2007.0/x86_64/kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm
 f318ae4d1d7f758ceed3c28a28bf0d7f  
2007.0/x86_64/kernel-xen0-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm
 bd571bf3e47a687fcd114c6c104979c1  
2007.0/x86_64/kernel-xenU-2.6.17.16mdv-1-1mdv2007.0.x86_64.rpm 
 34cb36342f866a44d34627a809db2ee5  
2007.0/SRPMS/kernel-2.6.17.16mdv-1-1mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 03c90fe390f2ae9d7ceedb9dd266cfb2  
2007.1/i586/kernel-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 4070fd24952fbcc9e0d8eba63a1a0c22  
2007.1/i586/kernel-doc-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 a6585e8a4e5b2aa7e809760bc86be173  
2007.1/i586/kernel-doc-latest-2.6.17-16mdv.i586.rpm
 e0b8a91221cb923b0e403770d54ed5c2  
2007.1/i586/kernel-enterprise-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 c55e70042ca111ba1a479fab7412b488  
2007.1/i586/kernel-enterprise-latest-2.6.17-16mdv.i586.rpm
 e90e9e003a100f28946967838b75a2ac  
2007.1/i586/kernel-latest-2.6.17-16mdv.i586.rpm
 deebf4ee45c5c49982b371c616d1d80c  
2007.1/i586/kernel-legacy-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 afc7017f980ee6530ad613dbbd657242  
2007.1/i586/kernel-legacy-latest-2.6.17-16mdv.i586.rpm
 f568fbb3f175e6a21982c75b3d5d42fa  
2007.1/i586/kernel-source-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 2c3eaa1460f8ef5f89457e67a336addf  
2007.1/i586/kernel-source-latest-2.6.17-16mdv.i586.rpm
 a4dfaa5eb09bce6067269880bb5e78be  
2007.1/i586/kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 5aac10bfc905b78a10c1f2bbee5e93c4  
2007.1/i586/kernel-source-stripped-latest-2.6.17-16mdv.i586.rpm
 62b77e1b1a8dc2ce3b9b259217f7819b  
2007.1/i586/kernel-xen0-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 fa5877ae7b2a6184a44d8f2fc49ff57b  
2007.1/i586/kernel-xen0-latest-2.6.17-16mdv.i586.rpm
 eb1c600edc37ea22bcec5332b7a97bbe  
2007.1/i586/kernel-xenU-2.6.17.16mdv-1-1mdv2007.1.i586.rpm
 6b7f9b5fe6c0412747fa330a0156f9e8  
2007.1/i586/kernel-xenU-latest-2.6.17-16mdv.i586.rpm 
 5f4702ebdfed6fbc6a836f08964c911e  
2007.1/SRPMS/kernel-2.6.17.16mdv-1-1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 1432d1fbdba194acdcc48a99b9bd4724  
2007.1/x86_64/kernel-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 2d32edff36cedd8e249496cfa82e4719  
2007.1/x86_64/kernel-doc-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 1f0af512f928130e18eafd2e12bd0b15  
2007.1/x86_64/kernel-doc-latest-2.6.17-16mdv.x86_64.rpm
 55ff10072e971b7ee826bd5724ce92f6  
2007.1/x86_64/kernel-latest-2.6.17-16mdv.x86_64.rpm
 267f256e300350db12399c80c5bd76c7  
2007.1/x86_64/kernel-source-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 c53bb5feb090da9625b0e4c9872c6e25  
2007.1/x86_64/kernel-source-latest-2.6.17-16mdv.x86_64.rpm
 cdb950f30f11337728c600a2e99a361a  
2007.1/x86_64/kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 2ce0d1ce74d7a87a9cb926aa24d9c68d  
2007.1/x86_64/kernel-source-stripped-latest-2.6.17-16mdv.x86_64.rpm
 bafc17acacad6204732b025157495c1a  
2007.1/x86_64/kernel-xen0-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 21f2c70634abce8dd9417d6dbd177207  
2007.1/x86_64/kernel-xen0-latest-2.6.17-16mdv.x86_64.rpm
 17078611f2cdbe9ec8a4baa37c7974a1  
2007.1/x86_64/kernel-xenU-2.6.17.16mdv-1-1mdv2007.1.x86_64.rpm
 6f6c78f6156fa5be6a0c9396657df315  
2007.1/x86_64/kernel-xenU-latest-2.6.17-16mdv.x86_64.rpm 
 5f4702ebdfed6fbc6a836f08964c911e  
2007.1/SRPMS/kernel-2.6.17.16mdv-1-1mdv2007.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHE+NUmqjQ0CJFipgRAnkyAKCntnQOp/DKXMmki9ZhSr3MrSRz7QCfbVp5
a0jKaVKEtRHFZz/An+RIm0g=
=F+Jp
-----END PGP SIGNATURE-----