USN-346-1: Linux kernel vulnerabilities
15 September 2006
Linux kernel vulnerabilities
Releases
Details
A Denial of service vulnerability was reported in iptables' SCTP
conntrack module. On computers which use this iptables module, a
remote attacker could expoit this to trigger a kernel crash.
(CVE-2006-2934)
A buffer overflow has been discovered in the dvd_read_bca() function.
By inserting a specially crafted DVD, USB stick, or similar
automatically mounted removable device, a local user could crash the
machine or potentially even execute arbitrary code with full root
privileges. (CVE-2006-2935)
The ftdi_sio driver for serial USB ports did not limit the amount of
pending data to be written. A local user could exploit this to drain
all available kernel memory and thus render the system unusable.
(CVE-2006-2936)
James McKenzie discovered a Denial of Service vulnerability in the NFS
driver. When exporting an ext3 file system over NFS, a remote attacker
could exploit this to trigger a file system panic by sending a
specially crafted UDP packet. (CVE-2006-3468)
Wei Wang of McAfee Avert Labs discovered a buffer overflow in the
sctp_make_abort_user() function of iptables' SCTP module. On computers
which use this module, a local attacker could expoit this to execute
arbitrary code with root privileges. (CVE-2006-3745)
Olof Johansson discovered that the kernel did not disable the 'HID0'
bit on PowerPC 970 processors so that the ATTN instruction was
enabled. A local user could exploit this to crash the kernel. This
flaw only affects the powerpc architecture. (CVE-2006-4093)
The UDF file system does not handle extends larger than 1 GB, but did
not check for this restriction on truncating files. A local user could
exploit this to crash the kernel. (CVE-2006-4145)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 6.06
-
linux-image-2.6.15-26-hppa32-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-powerpc64-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-hppa64
-
2.6.15-26.47
-
linux-image-2.6.15-26-386
-
2.6.15-26.47
-
linux-image-2.6.15-26-amd64-xeon
-
2.6.15-26.47
-
linux-image-2.6.15-26-amd64-server
-
2.6.15-26.47
-
linux-image-2.6.15-26-amd64-k8
-
2.6.15-26.47
-
linux-source-2.6.15
-
2.6.15-26.47
-
linux-image-2.6.15-26-hppa64-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-k7
-
2.6.15-26.47
-
linux-image-2.6.15-26-server-bigiron
-
2.6.15-26.47
-
linux-image-2.6.15-26-powerpc
-
2.6.15-26.47
-
linux-image-2.6.15-26-mckinley-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-amd64-generic
-
2.6.15-26.47
-
linux-image-2.6.15-26-server
-
2.6.15-26.47
-
linux-image-2.6.15-26-mckinley
-
2.6.15-26.47
-
linux-image-2.6.15-26-itanium-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-hppa32
-
2.6.15-26.47
-
linux-image-2.6.15-26-686
-
2.6.15-26.47
-
linux-image-2.6.15-26-itanium
-
2.6.15-26.47
-
linux-image-2.6.15-26-powerpc-smp
-
2.6.15-26.47
-
linux-image-2.6.15-26-sparc64
-
2.6.15-26.47
-
linux-image-2.6.15-26-sparc64-smp
-
2.6.15-26.47
Ubuntu 5.10
-
linux-image-2.6.12-10-powerpc-smp
-
2.6.12-10.39
-
linux-patch-ubuntu-2.6.12
-
2.6.12-10.39
-
linux-image-2.6.12-10-hppa32
-
2.6.12-10.39
-
linux-image-2.6.12-10-itanium-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-sparc64
-
2.6.12-10.39
-
linux-image-2.6.12-10-powerpc64-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-hppa64-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-amd64-generic
-
2.6.12-10.39
-
linux-image-2.6.12-10-iseries-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-k7-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-amd64-xeon
-
2.6.12-10.39
-
linux-image-2.6.12-10-itanium
-
2.6.12-10.39
-
linux-image-2.6.12-10-hppa32-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-powerpc
-
2.6.12-10.39
-
linux-image-2.6.12-10-mckinley
-
2.6.12-10.39
-
linux-image-2.6.12-10-sparc64-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-hppa64
-
2.6.12-10.39
-
linux-image-2.6.12-10-amd64-k8-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-686
-
2.6.12-10.39
-
linux-image-2.6.12-10-686-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-k7
-
2.6.12-10.39
-
linux-image-2.6.12-10-mckinley-smp
-
2.6.12-10.39
-
linux-image-2.6.12-10-386
-
2.6.12-10.39
-
linux-image-2.6.12-10-amd64-k8
-
2.6.12-10.39
Ubuntu 5.04
-
linux-patch-ubuntu-2.6.10
-
2.6.10-34.23
-
linux-image-2.6.10-6-686
-
2.6.10-34.23
-
linux-image-2.6.10-6-powerpc
-
2.6.10-34.23
-
linux-image-2.6.10-6-itanium
-
2.6.10-34.23
-
linux-image-2.6.10-6-power4-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-sparc64-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-hppa64-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-power3-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-hppa32-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-386
-
2.6.10-34.23
-
linux-image-2.6.10-6-hppa32
-
2.6.10-34.23
-
linux-image-2.6.10-6-sparc64
-
2.6.10-34.23
-
linux-image-2.6.10-6-hppa64
-
2.6.10-34.23
-
linux-image-2.6.10-6-amd64-xeon
-
2.6.10-34.23
-
linux-image-2.6.10-6-itanium-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-powerpc-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-k7-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-power3
-
2.6.10-34.23
-
linux-image-2.6.10-6-k7
-
2.6.10-34.23
-
linux-image-2.6.10-6-power4
-
2.6.10-34.23
-
linux-image-2.6.10-6-mckinley
-
2.6.10-34.23
-
linux-image-2.6.10-6-686-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-amd64-k8-smp
-
2.6.10-34.23
-
linux-image-2.6.10-6-amd64-generic
-
2.6.10-34.23
-
linux-image-2.6.10-6-amd64-k8
-
2.6.10-34.23
-
linux-image-2.6.10-6-mckinley-smp
-
2.6.10-34.23
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.