[ MDVSA-2008:044 ] - Updated kernel packages fix multiple vulnerabilities and bugs

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [ MDVSA-2008:044 ] - Updated kernel packages fix multiple vulnerabilities and bugs
From: security@xxxxxxxxxxxx
Date: Tue, 12 Feb 2008 02:37:30 -0700
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: xsecurity@xxxxxxxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:044
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : February 12, 2008
 Affected: 2008.0
 _______________________________________________________________________
 
 Problem Description:
 
 The wait_task_stopped function in the Linux kernel before 2.6.23.8
 checks a TASK_TRACED bit instead of an exit_state value, which
 allows local users to cause a denial of service (machine crash) via
 unspecified vectors.  NOTE: some of these details are obtained from
 third party information. (CVE-2007-5500)
 
 The tcp_sacktag_write_queue function in the Linux kernel 2.6.21 through
 2.6.23.7 allowed remote attackers to cause a denial of service (crash)
 via crafted ACK responses that trigger a NULL pointer dereference
 (CVE-2007-5501).
 
 The do_corefump function in fs/exec.c in the Linux kernel prior to
 2.6.24-rc3 did not change the UID of a core dump file if it exists
 before a root process creates a core dump in the same location, which
 could possibly allow local users to obtain sensitive information
 (CVE-2007-6206).
 
 VFS in the Linux kernel before 2.6.22.16 performed tests of access
 mode by using the flag variable instead of the acc_mode variable,
 which could possibly allow local users to bypass intended permissions
 and remove directories (CVE-2008-0001).
 
 The Linux kernel prior to 2.6.22.17, when using certain drivers
 that register a fault handler that does not perform range checks,
 allowed local users to access kernel memory via an out-of-range offset
 (CVE-2008-0007).
 
 A flaw in the vmsplice system call did not properly verify address
 arguments passed by user-space processes, which allowed local
 attackers to overwrite arbitrary kernel memory and gain root privileges
 (CVE-2008-0600).
 
 Mandriva urges all users to upgrade to these new kernels immediately
 as the CVE-2008-0600 flaw is being actively exploited.  This issue
 only affects 2.6.17 and newer Linux kernels, so neither Corporate
 3.0 nor Corporate 4.0 are affected.
 
 Additionally, this kernel updates the version from 2.6.22.12 to
 2.6.22.18 and fixes numerous other bugs, including:
 
   - fix freeze when ejecting a cm40x0 PCMCIA card
   - fix crash on unloading netrom
   - fixes alsa-related sound issues on Dell XPS M1210 and M1330 models
   - the HZ value was increased on the laptop kernel to increase
     interactivity and reduce latency
   - netfilter ipset, psd, and ifwlog support was re-enabled
   - unionfs was reverted to a working 1.4 branch that is less buggy
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5500
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5501
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0001
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600
 http://qa.mandriva.com/show_bug.cgi?id=26376
 http://qa.mandriva.com/show_bug.cgi?id=29800
 http://qa.mandriva.com/show_bug.cgi?id=29982
 http://qa.mandriva.com/show_bug.cgi?id=30172
 http://qa.mandriva.com/show_bug.cgi?id=31402
 http://qa.mandriva.com/show_bug.cgi?id=32399
 http://qa.mandriva.com/show_bug.cgi?id=33069
 http://qa.mandriva.com/show_bug.cgi?id=32518
 http://qa.mandriva.com/show_bug.cgi?id=33821
 http://qa.mandriva.com/show_bug.cgi?id=34281
 http://qa.mandriva.com/show_bug.cgi?id=34382
 http://qa.mandriva.com/show_bug.cgi?id=34473
 http://qa.mandriva.com/show_bug.cgi?id=34555
 http://qa.mandriva.com/show_bug.cgi?id=34545
 http://qa.mandriva.com/show_bug.cgi?id=34586
 http://qa.mandriva.com/show_bug.cgi?id=34669
 http://qa.mandriva.com/show_bug.cgi?id=34672
 http://qa.mandriva.com/show_bug.cgi?id=35739
 http://qa.mandriva.com/show_bug.cgi?id=35887
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2008.0:
 7b5ceca8ce64708f377eeb71c0e10e23  
2008.0/i586/kernel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 55a44ed6c80c19aefa92cb24c778151b  
2008.0/i586/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 c90ef43a4399b90601f4ce83d000c912  
2008.0/i586/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 ba4506fa31394301727cdec372dd11eb  
2008.0/i586/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 9767bf67321d55a35472e47500cf9bef  
2008.0/i586/kernel-desktop-latest-2.6.22.18-1mdv2008.0.i586.rpm
 eef0f77e0ce9097e04ff83d767d185cc  
2008.0/i586/kernel-desktop586-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 6faffa5511ee8b5e91e741936dc8a454  
2008.0/i586/kernel-desktop586-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 53e7bee334003b342a15132bed12023b  
2008.0/i586/kernel-desktop586-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 394a534e170c43d1b55b6708a924f95d  
2008.0/i586/kernel-desktop586-latest-2.6.22.18-1mdv2008.0.i586.rpm
 003f0d7e3b64edaac3ae3dede01e4e87  
2008.0/i586/kernel-doc-2.6.22.18-1mdv2008.0.i586.rpm
 3410c9d62fb9f2364f159f519ddc9ef1  
2008.0/i586/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 3a8426442dbb91d18c6684f4ef22efa8  
2008.0/i586/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 958f4be00ad9df4466629774fa926887  
2008.0/i586/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 7bb1033745587e8b9a5069b61c316c76  
2008.0/i586/kernel-laptop-latest-2.6.22.18-1mdv2008.0.i586.rpm
 ebe2489f7f1357e246563fabea2401ae  
2008.0/i586/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 a6be151dbc9c40b4e3ca181e64f76475  
2008.0/i586/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 c70a9e6846d383ada63d65730d5bbf5a  
2008.0/i586/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.i586.rpm
 3c80910bc870474990439b2a24a2ccf1  
2008.0/i586/kernel-server-latest-2.6.22.18-1mdv2008.0.i586.rpm
 9be418acd2c39224c341f4c0fcd9c3ce  
2008.0/i586/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.i586.rpm
 a616addeb5cf234668b26ccf4a4cc7bd  
2008.0/i586/kernel-source-latest-2.6.22.18-1mdv2008.0.i586.rpm 
 d3419624d951fbdb358849a60639efbf  
2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a043c2596652edf905109924045103da  
2008.0/x86_64/kernel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 f8921ac78c1acfc6bbd9b03a9676d315  
2008.0/x86_64/kernel-desktop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 61a39804f6460a7f087c6ae7695aacce  
2008.0/x86_64/kernel-desktop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 505d6b320b4f9feef2d40f1c8e537035  
2008.0/x86_64/kernel-desktop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 bb8a829cd780094992161f92d94bd2c8  
2008.0/x86_64/kernel-desktop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 23bb1b9557c46cbc52770a20c8ba81b1  
2008.0/x86_64/kernel-doc-2.6.22.18-1mdv2008.0.x86_64.rpm
 f7edfd597fc01cef7c0bfdf3bf0e7315  
2008.0/x86_64/kernel-laptop-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 208f863d0cce2262ee099daa250605e2  
2008.0/x86_64/kernel-laptop-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 cbe57c60ec79096f9f2b9ae3ebb26ab5  
2008.0/x86_64/kernel-laptop-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 add09ce293fd8c7605c3b49c5990ab92  
2008.0/x86_64/kernel-laptop-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 b8125bfe9b765e8281e30a667a2c501c  
2008.0/x86_64/kernel-server-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 dfaa2aedd25d8f9f91939c9e1e0247d6  
2008.0/x86_64/kernel-server-devel-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 cb703b65dd2b935737183562509130a6  
2008.0/x86_64/kernel-server-devel-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 27e6fd0a49b49952aa164be304a491b3  
2008.0/x86_64/kernel-server-latest-2.6.22.18-1mdv2008.0.x86_64.rpm
 38644d73897d971d4bdca8e8a71ac962  
2008.0/x86_64/kernel-source-2.6.22.18-1mdv-1-1mdv2008.0.x86_64.rpm
 f21aef3923cdd51c3444add2e97fc0d6  
2008.0/x86_64/kernel-source-latest-2.6.22.18-1mdv2008.0.x86_64.rpm 
 d3419624d951fbdb358849a60639efbf  
2008.0/SRPMS/kernel-2.6.22.18-1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHsUIOmqjQ0CJFipgRAp5kAKDDJWsqKNEFNrMda0AF9KQY7Glt3ACffY6G
8qA8TQpDH/TNXmq0c51Wqhw=
=wL/x
-----END PGP SIGNATURE-----
Prev by Date: FLEA-2008-0001-1 firefox
Next by Date: gkrellweather
Previous by thread: FLEA-2008-0001-1 firefox
Next by thread: gkrellweather
Index(es):
- Date
- Thread