DSA 479-1: New Linux 2.4.18 packages fix local root exploit
Posted on: 04/14/2004 11:12 AM

A Kernel 2.4.18 update has been released for Debian GNU/Linux

---------------------------------------------------------------------------
Debian Security Advisory DSA 479-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 14th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : kernel-source-2.4.18 kernel-image-2.4.18-1-alpha kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf kernel-patch-2.4.18-powerpc
Vulnerability : several vulnerabilities
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178

Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.18 for the alpha, i386 and powerpc architectures. The Common Vulnerabilities and Exposures project identifies the following problems that will be fixed with this update:

CAN-2004-0003

A vulnerability has been discovered in the R128 drive in the Linux kernel which could potentially lead an attacker to gain unauthorised privileges. Alan Cox and Thomas Biege developed a correction for this

CAN-2004-0010

Arjan van de Ven discovered a stack-based buffer overflow in the ncp_lookup function for ncpfs in the Linux kernel, which could lead an attacker to gain unauthorised privileges. Petr Vandrovec developed a correction for this.

CAN-2004-0109

zen-parse discovered a buffer overflow vulnerability in the ISO9660 filesystem component of Linux kernel which could be abused by an attacker to gain unauthorised root access. Sebastian Krahmer and Ernie Petrides developed a correction for this.

CAN-2004-0177

Solar Designer discovered an information leak in the ext3 code of Linux. In a worst case an attacker could read sensitive data such as cryptographic keys which would otherwise never hit disk media. Theodore Ts'o developed a correction for this.

CAN-2004-0178

Andreas Kies discovered a denial of service condition in the Sound Blaster driver in Linux. He also developed a correction.

These problems will also be fixed by upstream in Linux 2.4.26 and future versions of 2.6.

The following security matrix explains which kernel versions for which architecture are already fixed. Kernel images in the unstable Debian distribution (sid) will be fixed soon.

Architecture stable (woody) unstable (sid) removed in sid
source 2.4.18-14.3 2.4.25-3 --
alpha 2.4.18-15 soon --
i386 2.4.18-13 soon --
i386bf 2.4.18-5woody8 soon --
powerpc 2.4.18-1woody5 2.4.25-8 2.4.22

We recommend that you upgrade your kernel packages immediately, either with a Debian provided kernel or with a self compiled one.


Upgrade Instructions
---------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
---------------------------------

Source archives:

http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.dsc
Size/MD5 checksum: 664 a9d96cc8553c3a9085bad09e071c5814
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.diff.gz
Size/MD5 checksum: 70724 4de077af92c196a6af7797d1ceea4004
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.dsc
Size/MD5 checksum: 876 453a2a47eb3c6b748e75e0cb65bdd6bb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.tar.gz
Size/MD5 checksum: 24922 f822e7999659ddcfd53dee73894afdc1

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.dsc
Size/MD5 checksum: 1327 d37593f6e47c2b9809530eb54deeae3e
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.tar.gz
Size/MD5 checksum: 70213 c795ba781adbd8a19202d8d986a3d0da

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.dsc
Size/MD5 checksum: 656 278af48a357187864c52382eeb13451d
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.tar.gz
Size/MD5 checksum: 26780 1f0c2eba8d3d90eef1a183f6b27f1fff

http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.dsc
Size/MD5 checksum: 713 77511f3afefed1dd71c1f73e2e036000
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.tar.gz
Size/MD5 checksum: 79970 2720d9864cdd05bfc6b3bd7228ca9083

Architecture independent components:

http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.3_all.deb
Size/MD5 checksum: 1720106 f25772ce2d398adc25509a1ae040c76f
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3_all.deb
Size/MD5 checksum: 24138244 d63666d64cb91f59f2feded30ef8ea70

http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5_all.deb
Size/MD5 checksum: 79722 d822eaa6adcdd517d600d62c819db7b6

Alpha architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15_alpha.deb
Size/MD5 checksum: 3363486 862f6e8f85737dd13c6ca9b760384f1a
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15_alpha.deb
Size/MD5 checksum: 3512910 935ef424b222d336a642b2e7cd291e4a
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15_alpha.deb
Size/MD5 checksum: 3515528 6ef19a362ec019e79fdb057fea1c9fc2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15_alpha.deb
Size/MD5 checksum: 12424690 725ff255cf8941cfb5c77581d8a518d4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15_alpha.deb
Size/MD5 checksum: 12801130 8d15f05215223ffcf9b11b3f682667d3

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13_i386.deb
Size/MD5 checksum: 3429534 1aac0648c6f5fdee84721799806ef07a
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13_i386.deb
Size/MD5 checksum: 3446290 a13776eb95c3661696f86e06a6dbac48
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13_i386.deb
Size/MD5 checksum: 3446482 233230438756120878a4e4b96876e61b
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13_i386.deb
Size/MD5 checksum: 3446444 b5f8437bfd3279ed3f4b2f63fc2d75f5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13_i386.deb
Size/MD5 checksum: 3446458 6dbbfba03667156316b184bd939d21e2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13_i386.deb
Size/MD5 checksum: 3446350 ff76c153c3eb285b1f7b035223bc1e39
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13_i386.deb
Size/MD5 checksum: 3446324 dc2a142c75db787fdeb8a0c8e8941d1a
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13_i386.deb
Size/MD5 checksum: 1154336 96f1e8262a5b11a8498d70643e87f546
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13_i386.deb
Size/MD5 checksum: 1154362 8b4bc947b6ab39a2deb0731f891889f3
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13_i386.deb
Size/MD5 checksum: 1154358 a6e7db160b30f90711be11260128a6bb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13_i386.deb
Size/MD5 checksum: 1154414 cde845ca2c7b351ce79b66965a04a748
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13_i386.deb
Size/MD5 checksum: 1154338 407aa3a3a95aa5cd8aaf5b34b306b1a4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13_i386.deb
Size/MD5 checksum: 1154342 152aca9d4a2d7014a9834c239d754d0e
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13_i386.deb
Size/MD5 checksum: 5746 9a5675e9da37620b2b3c8dc1aebfa5d0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13_i386.deb
Size/MD5 checksum: 5758 325071afd718f4c0c1ba8769aba9864d
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13_i386.deb
Size/MD5 checksum: 5778 212f47c992067729e8eb3da05c89c242
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13_i386.deb
Size/MD5 checksum: 5804 683e3a330cfde650ede99e8a6a771149
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13_i386.deb
Size/MD5 checksum: 5760 8a73b13a799928232f5028be37356ad2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13_i386.deb
Size/MD5 checksum: 5762 be2713125a6111ab76458e07d42f3634

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody8_i386.deb
Size/MD5 checksum: 3411032 c97ea4fcff846ac6d0dc945d601cb97c
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody8_i386.deb
Size/MD5 checksum: 6425640 83dc812db817e703eaa21451d048f4f7

PowerPC architecture:

http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody5_powerpc.deb
Size/MD5 checksum: 3433044 0836b0d1fbcc5c9f440d5c75ff14f006
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody5_powerpc.deb
Size/MD5 checksum: 9456688 4473c2577d3be988993219b82ed90eda
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody5_powerpc.deb
Size/MD5 checksum: 10105472 ae0b1d57bfc8593d9aa4ad1403044607
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody5_powerpc.deb
Size/MD5 checksum: 10351786 f84fe609d7192a51c4f091c1c0893680


These files will probably be moved into the stable distribution on its next revision.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/dsa_479_1_new_linux_2418_packages_fix_local_root_exploit.html)