USN-137-1: Linux kernel vulnerabilities

Releases

• Ubuntu 5.04
• Ubuntu 4.10

Details

Alexander Nyberg discovered that ptrace() insufficiently validated
addresses on the amd64 platform so that it was possible to set an
invalid segment base. A local attacker could exploit this to crash the
kernel. This does not affect the i386 and powerpc platforms in any
way. (CAN-2005-0756)

Chris Wright discovered that the mmap() function could create illegal
memory maps (using the "mmap" function) with the start address
pointing beyond the end address. A local user could exploit this to
crash the kernel or possibly even execute arbitrary code with kernel
privileges. (CAN-2005-1265)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04

• linux-patch-ubuntu-2.6.10 -
• linux-image-2.6.8.1-5-powerpc-smp -
• linux-image-2.6.8.1-5-power4-smp -
• linux-image-2.6.10-5-386 -
• linux-image-2.6.10-5-itanium-smp -
• linux-image-2.6.10-5-power4 -
• linux-image-2.6.10-5-amd64-k8 -
• linux-image-2.6.10-5-amd64-xeon -
• linux-image-2.6.10-5-mckinley-smp -
• linux-image-2.6.10-5-power4-smp -
• linux-image-2.6.8.1-5-amd64-generic -
• linux-image-2.6.10-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-k7-smp -
• linux-image-2.6.8.1-5-power3-smp -
• linux-image-2.6.8.1-5-amd64-xeon -
• linux-image-2.6.10-5-powerpc-smp -
• linux-image-2.6.8.1-5-power3 -
• linux-image-2.6.8.1-5-power4 -
• linux-image-2.6.8.1-5-powerpc -
• linux-image-2.6.10-5-mckinley -
• linux-image-2.6.10-5-itanium -
• linux-image-2.6.10-5-power3-smp -
• linux-image-2.6.10-5-k7 -
• linux-image-2.6.10-5-power3 -
• linux-image-2.6.8.1-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-686 -
• linux-image-2.6.8.1-5-686-smp -
• linux-patch-debian-2.6.8.1 -
• linux-image-2.6.10-5-powerpc -
• linux-image-2.6.8.1-5-k7 -
• linux-image-2.6.10-5-k7-smp -
• linux-image-2.6.10-5-amd64-generic -
• linux-image-2.6.10-5-686-smp -
• linux-image-2.6.8.1-5-386 -
• linux-image-2.6.10-5-686 -
• linux-image-2.6.8.1-5-amd64-k8 -

Ubuntu 4.10

• linux-patch-ubuntu-2.6.10 -
• linux-image-2.6.8.1-5-powerpc-smp -
• linux-image-2.6.8.1-5-power4-smp -
• linux-image-2.6.10-5-386 -
• linux-image-2.6.10-5-itanium-smp -
• linux-image-2.6.10-5-power4 -
• linux-image-2.6.10-5-amd64-k8 -
• linux-image-2.6.10-5-amd64-xeon -
• linux-image-2.6.10-5-mckinley-smp -
• linux-image-2.6.10-5-power4-smp -
• linux-image-2.6.8.1-5-amd64-generic -
• linux-image-2.6.10-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-k7-smp -
• linux-image-2.6.8.1-5-power3-smp -
• linux-image-2.6.8.1-5-amd64-xeon -
• linux-image-2.6.10-5-powerpc-smp -
• linux-image-2.6.8.1-5-power3 -
• linux-image-2.6.8.1-5-power4 -
• linux-image-2.6.8.1-5-powerpc -
• linux-image-2.6.10-5-mckinley -
• linux-image-2.6.10-5-itanium -
• linux-image-2.6.10-5-power3-smp -
• linux-image-2.6.10-5-k7 -
• linux-image-2.6.10-5-power3 -
• linux-image-2.6.8.1-5-amd64-k8-smp -
• linux-image-2.6.8.1-5-686 -
• linux-image-2.6.8.1-5-686-smp -
• linux-patch-debian-2.6.8.1 -
• linux-image-2.6.10-5-powerpc -
• linux-image-2.6.8.1-5-k7 -
• linux-image-2.6.10-5-k7-smp -
• linux-image-2.6.10-5-amd64-generic -
• linux-image-2.6.10-5-686-smp -
• linux-image-2.6.8.1-5-386 -
• linux-image-2.6.10-5-686 -
• linux-image-2.6.8.1-5-amd64-k8 -

In general, a standard system update will make all the necessary changes.

References

• CVE-2005-0756
• CVE-2005-1265