USN-187-1: Linux kernel vulnerabilities

Releases

• Ubuntu 5.04
• Ubuntu 4.10

Details

A Denial of Service vulnerability was detected in the stack segment
fault handler. A local attacker could exploit this by causing stack
fault exceptions under special circumstances (scheduling), which lead
to a kernel crash. (CAN-2005-1767)

Vasiliy Averin discovered a Denial of Service vulnerability in the
"tiocgdev" ioctl call and in the "routing_ioctl" function. By calling
fget() and fput() in special ways, a local attacker could exploit this
to destroy file descriptor structures and crash the kernel.
(CAN-2005-3044)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04

• linux-patch-ubuntu-2.6.10 -
• linux-image-2.6.8.1-5-powerpc-smp -
• linux-image-2.6.8.1-5-power4-smp -
• linux-image-2.6.10-5-386 -
• linux-image-2.6.10-5-itanium-smp -
• linux-image-2.6.10-5-power4 -
• linux-image-2.6.10-5-amd64-k8 -
• linux-image-2.6.10-5-amd64-xeon -
• linux-image-2.6.10-5-mckinley-smp -
• linux-image-2.6.10-5-power4-smp -
• linux-image-2.6.8.1-5-amd64-generic -
• linux-image-2.6.10-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-k7-smp -
• linux-image-2.6.8.1-5-power3-smp -
• linux-image-2.6.8.1-5-amd64-xeon -
• linux-image-2.6.10-5-powerpc-smp -
• linux-image-2.6.8.1-5-power3 -
• linux-image-2.6.8.1-5-power4 -
• linux-image-2.6.8.1-5-powerpc -
• linux-image-2.6.10-5-mckinley -
• linux-image-2.6.10-5-itanium -
• linux-image-2.6.10-5-power3-smp -
• linux-image-2.6.10-5-k7 -
• linux-image-2.6.10-5-power3 -
• linux-image-2.6.8.1-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-686 -
• linux-image-2.6.8.1-5-686-smp -
• linux-patch-debian-2.6.8.1 -
• linux-image-2.6.10-5-powerpc -
• linux-image-2.6.8.1-5-k7 -
• linux-image-2.6.10-5-k7-smp -
• linux-image-2.6.10-5-amd64-generic -
• linux-image-2.6.10-5-686-smp -
• linux-image-2.6.8.1-5-386 -
• linux-image-2.6.10-5-686 -
• linux-image-2.6.8.1-5-amd64-k8 -

Ubuntu 4.10

• linux-patch-ubuntu-2.6.10 -
• linux-image-2.6.8.1-5-powerpc-smp -
• linux-image-2.6.8.1-5-power4-smp -
• linux-image-2.6.10-5-386 -
• linux-image-2.6.10-5-itanium-smp -
• linux-image-2.6.10-5-power4 -
• linux-image-2.6.10-5-amd64-k8 -
• linux-image-2.6.10-5-amd64-xeon -
• linux-image-2.6.10-5-mckinley-smp -
• linux-image-2.6.10-5-power4-smp -
• linux-image-2.6.8.1-5-amd64-generic -
• linux-image-2.6.10-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-k7-smp -
• linux-image-2.6.8.1-5-power3-smp -
• linux-image-2.6.8.1-5-amd64-xeon -
• linux-image-2.6.10-5-powerpc-smp -
• linux-image-2.6.8.1-5-power3 -
• linux-image-2.6.8.1-5-power4 -
• linux-image-2.6.8.1-5-powerpc -
• linux-image-2.6.10-5-mckinley -
• linux-image-2.6.10-5-itanium -
• linux-image-2.6.10-5-power3-smp -
• linux-image-2.6.10-5-k7 -
• linux-image-2.6.10-5-power3 -
• linux-image-2.6.8.1-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-686 -
• linux-image-2.6.8.1-5-686-smp -
• linux-patch-debian-2.6.8.1 -
• linux-image-2.6.10-5-powerpc -
• linux-image-2.6.8.1-5-k7 -
• linux-image-2.6.10-5-k7-smp -
• linux-image-2.6.10-5-amd64-generic -
• linux-image-2.6.10-5-686-smp -
• linux-image-2.6.8.1-5-386 -
• linux-image-2.6.10-5-686 -
• linux-image-2.6.8.1-5-amd64-k8 -

In general, a standard system update will make all the necessary changes.

References

• CVE-2005-1767
• CVE-2005-3044