USN-244-1: Linux kernel vulnerabilities

18 January 2006

Linux kernel vulnerabilities

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Details

Doug Chapman discovered a flaw in the reference counting in the
sys_mq_open() function. By calling this function in a special way, a
local attacker could exploit this to cause a kernel crash.
(CVE-2005-3356)

Karl Janmar discovered that the /proc file system module used signed
data types in a wrong way. A local attacker could exploit this to read
random kernel memory, which could possibly contain sensitive data like
passwords or private keys. (CVE-2005-4605)

Yi Yang discovered an off-by-one buffer overflow in the sysctl()
system call. By calling sysctl with a specially crafted long string, a
local attacker could exploit this to crash the kernel or possibly even
execute arbitrary code with full kernel privileges. (CVE-2005-4618)

Perceval Anichini found a buffer overflow in the TwinHan DST
Frontend/Card DVB driver. A local user could exploit this to crash the
kernel or possibly execute arbitrary code with full kernel privileges.
This only affects Ubuntu 5.10. (CVE-2005-4639)

Stefan Rompf discovered that the dm-crypt module did not clear memory
structures before releasing the memory allocation of it. This could
lead to the disclosure of encryption keys. (CVE-2006-0095)

The SDLA WAN driver did not restrict firmware upgrades to processes
that have the CAP_SYS_RAWIO kernel capability, it just required the
CAP_NET_ADMIN privilege. This could allow processes with the latter
privilege to update the SDLA firmware. Please note that this does not
affect a standard Ubuntu installation, and this cannot be exploited by
a normal (unprivileged) user. At most, this flaw might be relevant for
installations that use a fine-grained capability granting system like
RSBAC, cap_over, or grsecurity. This only affects Ubuntu 4.10.
(CVE-2006-0096)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.10
  • linux-patch-ubuntu-2.6.10 -
  • linux-image-2.6.12-10-powerpc-smp -
  • linux-patch-ubuntu-2.6.12 -
  • linux-image-2.6.12-10-itanium-smp -
  • linux-image-2.6.8.1-6-power3-smp -
  • linux-image-2.6.8.1-6-amd64-k8-smp -
  • linux-image-2.6.10-6-686 -
  • linux-image-2.6.10-6-powerpc -
  • linux-image-2.6.10-6-itanium -
  • linux-image-2.6.10-6-power4-smp -
  • linux-image-2.6.12-10-powerpc64-smp -
  • linux-image-2.6.8.1-6-k7 -
  • linux-image-2.6.8.1-6-powerpc -
  • linux-image-2.6.12-10-amd64-generic -
  • linux-image-2.6.12-10-iseries-smp -
  • linux-image-2.6.12-10-k7-smp -
  • linux-image-2.6.8.1-6-amd64-xeon -
  • linux-image-2.6.12-10-amd64-xeon -
  • linux-image-2.6.8.1-6-power4 -
  • linux-image-2.6.8.1-6-amd64-k8 -
  • linux-image-2.6.10-6-386 -
  • linux-image-2.6.8.1-6-power3 -
  • linux-image-2.6.12-10-itanium -
  • linux-image-2.6.12-10-powerpc -
  • linux-image-2.6.10-6-amd64-xeon -
  • linux-image-2.6.12-10-mckinley -
  • linux-image-2.6.10-6-itanium-smp -
  • linux-image-2.6.10-6-powerpc-smp -
  • linux-image-2.6.10-6-power4 -
  • linux-image-2.6.8.1-6-power4-smp -
  • linux-image-2.6.10-6-power3 -
  • linux-image-2.6.8.1-6-386 -
  • linux-image-2.6.8.1-6-powerpc-smp -
  • linux-image-2.6.10-6-k7 -
  • linux-image-2.6.12-10-amd64-k8-smp -
  • linux-image-2.6.10-6-k7-smp -
  • linux-image-2.6.12-10-686 -
  • linux-image-2.6.10-6-mckinley -
  • linux-image-2.6.12-10-686-smp -
  • linux-image-2.6.10-6-686-smp -
  • linux-image-2.6.8.1-6-amd64-generic -
  • linux-image-2.6.10-6-power3-smp -
  • linux-image-2.6.10-6-amd64-k8-smp -
  • linux-image-2.6.12-10-k7 -
  • linux-image-2.6.10-6-amd64-generic -
  • linux-image-2.6.8.1-6-686 -
  • linux-image-2.6.10-6-amd64-k8 -
  • linux-image-2.6.12-10-mckinley-smp -
  • linux-image-2.6.8.1-6-686-smp -
  • linux-patch-debian-2.6.8.1 -
  • linux-image-2.6.8.1-6-k7-smp -
  • linux-image-2.6.12-10-386 -
  • linux-image-2.6.10-6-mckinley-smp -
  • linux-image-2.6.12-10-amd64-k8 -
Ubuntu 5.04
  • linux-patch-ubuntu-2.6.10 -
  • linux-image-2.6.12-10-powerpc-smp -
  • linux-patch-ubuntu-2.6.12 -
  • linux-image-2.6.12-10-itanium-smp -
  • linux-image-2.6.8.1-6-power3-smp -
  • linux-image-2.6.8.1-6-amd64-k8-smp -
  • linux-image-2.6.10-6-686 -
  • linux-image-2.6.10-6-powerpc -
  • linux-image-2.6.10-6-itanium -
  • linux-image-2.6.10-6-power4-smp -
  • linux-image-2.6.12-10-powerpc64-smp -
  • linux-image-2.6.8.1-6-k7 -
  • linux-image-2.6.8.1-6-powerpc -
  • linux-image-2.6.12-10-amd64-generic -
  • linux-image-2.6.12-10-iseries-smp -
  • linux-image-2.6.12-10-k7-smp -
  • linux-image-2.6.8.1-6-amd64-xeon -
  • linux-image-2.6.12-10-amd64-xeon -
  • linux-image-2.6.8.1-6-power4 -
  • linux-image-2.6.8.1-6-amd64-k8 -
  • linux-image-2.6.10-6-386 -
  • linux-image-2.6.8.1-6-power3 -
  • linux-image-2.6.12-10-itanium -
  • linux-image-2.6.12-10-powerpc -
  • linux-image-2.6.10-6-amd64-xeon -
  • linux-image-2.6.12-10-mckinley -
  • linux-image-2.6.10-6-itanium-smp -
  • linux-image-2.6.10-6-powerpc-smp -
  • linux-image-2.6.10-6-power4 -
  • linux-image-2.6.8.1-6-power4-smp -
  • linux-image-2.6.10-6-power3 -
  • linux-image-2.6.8.1-6-386 -
  • linux-image-2.6.8.1-6-powerpc-smp -
  • linux-image-2.6.10-6-k7 -
  • linux-image-2.6.12-10-amd64-k8-smp -
  • linux-image-2.6.10-6-k7-smp -
  • linux-image-2.6.12-10-686 -
  • linux-image-2.6.10-6-mckinley -
  • linux-image-2.6.12-10-686-smp -
  • linux-image-2.6.10-6-686-smp -
  • linux-image-2.6.8.1-6-amd64-generic -
  • linux-image-2.6.10-6-power3-smp -
  • linux-image-2.6.10-6-amd64-k8-smp -
  • linux-image-2.6.12-10-k7 -
  • linux-image-2.6.10-6-amd64-generic -
  • linux-image-2.6.8.1-6-686 -
  • linux-image-2.6.10-6-amd64-k8 -
  • linux-image-2.6.12-10-mckinley-smp -
  • linux-image-2.6.8.1-6-686-smp -
  • linux-patch-debian-2.6.8.1 -
  • linux-image-2.6.8.1-6-k7-smp -
  • linux-image-2.6.12-10-386 -
  • linux-image-2.6.10-6-mckinley-smp -
  • linux-image-2.6.12-10-amd64-k8 -
Ubuntu 4.10
  • linux-patch-ubuntu-2.6.10 -
  • linux-image-2.6.12-10-powerpc-smp -
  • linux-patch-ubuntu-2.6.12 -
  • linux-image-2.6.12-10-itanium-smp -
  • linux-image-2.6.8.1-6-power3-smp -
  • linux-image-2.6.8.1-6-amd64-k8-smp -
  • linux-image-2.6.10-6-686 -
  • linux-image-2.6.10-6-powerpc -
  • linux-image-2.6.10-6-itanium -
  • linux-image-2.6.10-6-power4-smp -
  • linux-image-2.6.12-10-powerpc64-smp -
  • linux-image-2.6.8.1-6-k7 -
  • linux-image-2.6.8.1-6-powerpc -
  • linux-image-2.6.12-10-amd64-generic -
  • linux-image-2.6.12-10-iseries-smp -
  • linux-image-2.6.12-10-k7-smp -
  • linux-image-2.6.8.1-6-amd64-xeon -
  • linux-image-2.6.12-10-amd64-xeon -
  • linux-image-2.6.8.1-6-power4 -
  • linux-image-2.6.8.1-6-amd64-k8 -
  • linux-image-2.6.10-6-386 -
  • linux-image-2.6.8.1-6-power3 -
  • linux-image-2.6.12-10-itanium -
  • linux-image-2.6.12-10-powerpc -
  • linux-image-2.6.10-6-amd64-xeon -
  • linux-image-2.6.12-10-mckinley -
  • linux-image-2.6.10-6-itanium-smp -
  • linux-image-2.6.10-6-powerpc-smp -
  • linux-image-2.6.10-6-power4 -
  • linux-image-2.6.8.1-6-power4-smp -
  • linux-image-2.6.10-6-power3 -
  • linux-image-2.6.8.1-6-386 -
  • linux-image-2.6.8.1-6-powerpc-smp -
  • linux-image-2.6.10-6-k7 -
  • linux-image-2.6.12-10-amd64-k8-smp -
  • linux-image-2.6.10-6-k7-smp -
  • linux-image-2.6.12-10-686 -
  • linux-image-2.6.10-6-mckinley -
  • linux-image-2.6.12-10-686-smp -
  • linux-image-2.6.10-6-686-smp -
  • linux-image-2.6.8.1-6-amd64-generic -
  • linux-image-2.6.10-6-power3-smp -
  • linux-image-2.6.10-6-amd64-k8-smp -
  • linux-image-2.6.12-10-k7 -
  • linux-image-2.6.10-6-amd64-generic -
  • linux-image-2.6.8.1-6-686 -
  • linux-image-2.6.10-6-amd64-k8 -
  • linux-image-2.6.12-10-mckinley-smp -
  • linux-image-2.6.8.1-6-686-smp -
  • linux-patch-debian-2.6.8.1 -
  • linux-image-2.6.8.1-6-k7-smp -
  • linux-image-2.6.12-10-386 -
  • linux-image-2.6.10-6-mckinley-smp -
  • linux-image-2.6.12-10-amd64-k8 -

In general, a standard system update will make all the necessary changes.