USN-470-1: Linux kernel vulnerabilities
8 June 2007
Linux kernel vulnerabilities
Releases
Details
USN-464-1 fixed several vulnerabilities in the Linux kernel. Some
additional code changes were accidentally included in the Feisty update
which caused trouble for some people who were not using UUID-based
filesystem mounts. These changes have been reverted. We apologize for
the inconvenience. For more information see:
https://launchpad.net/bugs/117314
https://wiki.ubuntu.com/UsingUUID
Ilja van Sprundel discovered that Bluetooth setsockopt calls could leak
kernel memory contents via an uninitialized stack buffer. A local
attacker could exploit this flaw to view sensitive kernel information.
(CVE-2007-1353)
The GEODE-AES driver did not correctly initialize its encryption key.
Any data encrypted using this type of device would be easily compromised.
(CVE-2007-2451)
The random number generator was hashing a subset of the available
entropy, leading to slightly less random numbers. Additionally, systems
without an entropy source would be seeded with the same inputs at boot
time, leading to a repeatable series of random numbers. (CVE-2007-2453)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 7.04
-
linux-image-2.6.20-16-386
-
2.6.20-16.29
-
linux-image-2.6.20-16-powerpc
-
2.6.20-16.29
-
linux-image-2.6.20-16-server
-
2.6.20-16.29
-
linux-image-2.6.20-16-mckinley
-
2.6.20-16.29
-
linux-image-2.6.20-16-sparc64-smp
-
2.6.20-16.29
-
linux-image-2.6.20-16-hppa32
-
2.6.20-16.29
-
linux-image-2.6.20-16-powerpc64-smp
-
2.6.20-16.29
-
linux-image-2.6.20-16-itanium
-
2.6.20-16.29
-
linux-image-2.6.20-16-powerpc-smp
-
2.6.20-16.29
-
linux-image-2.6.20-16-generic
-
2.6.20-16.29
-
linux-image-2.6.20-16-sparc64
-
2.6.20-16.29
-
linux-image-2.6.20-16-hppa64
-
2.6.20-16.29
-
linux-image-2.6.20-16-lowlatency
-
2.6.20-16.29
-
linux-image-2.6.20-16-server-bigiron
-
2.6.20-16.29
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
References
Related notices
- USN-489-1: linux-image-2.6.15-28-server-bigiron, linux-image-2.6.15-28-sparc64, linux-image-2.6.15-28-amd64-server, linux-image-2.6.15-28-386, linux-image-2.6.15-28-mckinley, linux-image-2.6.15-28-amd64-k8, linux-image-2.6.15-28-amd64-generic, linux-image-2.6.15-28-amd64-xeon, linux-image-2.6.15-28-686, linux-image-2.6.15-28-powerpc64-smp, linux-image-2.6.15-28-sparc64-smp, linux-image-2.6.15-28-k7, linux-image-2.6.15-28-mckinley-smp, linux-image-2.6.15-28-powerpc-smp, linux-image-2.6.15-28-powerpc, linux-image-2.6.15-28-server
- USN-486-1: linux-image-2.6.17-12-sparc64, linux-image-2.6.17-12-mckinley, linux-image-2.6.17-12-hppa32, linux-image-2.6.17-12-386, linux-image-2.6.17-12-sparc64-smp, linux-image-2.6.17-12-itanium, linux-image-2.6.17-12-powerpc, linux-image-2.6.17-12-powerpc-smp, linux-image-2.6.17-12-generic, linux-image-2.6.17-12-server, linux-image-2.6.17-12-hppa64, linux-image-2.6.17-12-powerpc64-smp, linux-image-2.6.17-12-server-bigiron