USN-57-1: Linux kernel vulnerabilities
Posted on: 01/09/2005 08:48 AM

An updated Linux kernel package is available for Ubuntu Linux 4.10

==========================================================
Ubuntu Security Notice USN-57-1 January 09, 2005
linux-source-2.6.8.1 vulnerabilities
CAN-2004-1235, CAN-2004-1337
==========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

linux-image-2.6.8.1-4-386
linux-image-2.6.8.1-4-686
linux-image-2.6.8.1-4-686-smp
linux-image-2.6.8.1-4-amd64-generic
linux-image-2.6.8.1-4-amd64-k8
linux-image-2.6.8.1-4-amd64-k8-smp
linux-image-2.6.8.1-4-amd64-xeon
linux-image-2.6.8.1-4-k7
linux-image-2.6.8.1-4-k7-smp
linux-image-2.6.8.1-4-power3
linux-image-2.6.8.1-4-power3-smp
linux-image-2.6.8.1-4-power4
linux-image-2.6.8.1-4-power4-smp
linux-image-2.6.8.1-4-powerpc
linux-image-2.6.8.1-4-powerpc-smp
linux-patch-debian-2.6.8.1

The problem can be corrected by upgrading the affected package to version 2.6.8.1-16.8. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Paul Starzetz discovered a race condition in the ELF library and a.out binary format loaders, which can be locally exploited in several different ways to gain root privileges. (CAN-2004-1235)

Liang Bin found a design flaw in the capability module. After this module was loaded on demand in a running system, all unprivileged user space processes got all kernel capabilities (thus essentially root privileges). This is mitigated by the fact that the capability module is loaded very early in the boot process of a standard Ubuntu system, when no unprivileged user processes are yet running. (CAN-2004-1337)

Finally, this update fixes a memory leak in the ip_conntrack_ftp iptables module. However, it is believed that this is not exploitable.

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8.diff.gz
Size/MD5: 3119076 f57582c0606d1ea0e076b65d91eb05cd
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8.dsc
Size/MD5: 2119 922c3d6e417c76131ba8b7b5d97d11f8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1.orig.tar.gz
Size/MD5: 44728688 79730a3ad4773ba65fab65515369df84

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-doc-2.6.8.1_2.6.8.1-16.8_all.deb
Size/MD5: 6158108 56751d7f854af87ff13abaf07cc320ab
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-patch-debian-2.6.8.1_2.6.8.1-16.8_all.deb
Size/MD5: 1474804 3755cba14e58fa15fe2668a23fc7c541
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8_all.deb
Size/MD5: 36721386 4cdf59d135078a70d53e452639a8ee95
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-tree-2.6.8.1_2.6.8.1-16.8_all.deb
Size/MD5: 307050 fd55b766e61818b11d4be2637b7ed327

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-generic_2.6.8.1-16.8_amd64.deb
Size/MD5: 247258 925bd87655e7bcfdbd9ba63259ebc97a
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.8_amd64.deb
Size/MD5: 242812 bd45abc5a7d111058cdbddb112edf788
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8_2.6.8.1-16.8_amd64.deb
Size/MD5: 246360 8c7a1a5ce123368fc7c406f64f0e1362
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-xeon_2.6.8.1-16.8_amd64.deb
Size/MD5: 241166 7b1efc7c6bdcf0c5ef860c4fea64c2f1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_amd64.deb
Size/MD5: 3177796 dc6779154eaa2611ff962e82a97ea06d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-generic_2.6.8.1-16.8_amd64.deb
Size/MD5: 14353270 9138d0af85f5470120f5f5aebf2b87c8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.8_amd64.deb
Size/MD5: 14828294 4b1543eb21a6a95bc55e9957e52db973
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8_2.6.8.1-16.8_amd64.deb
Size/MD5: 14861218 3a72804e772899f91313d42732aec7dc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-xeon_2.6.8.1-16.8_amd64.deb
Size/MD5: 14684396 4f267f32b0718d4934e84b68363263a5

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-386_2.6.8.1-16.8_i386.deb
Size/MD5: 276100 885167bfed03fc111dbf50fc242a175e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686-smp_2.6.8.1-16.8_i386.deb
Size/MD5: 270682 525c395bf145741ba8acbdf711759388
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686_2.6.8.1-16.8_i386.deb
Size/MD5: 273868 904cf784d687ee7f266a3c6fb7cfe84e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7-smp_2.6.8.1-16.8_i386.deb
Size/MD5: 270930 15611aa887ef00452f4b91081d0d146e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7_2.6.8.1-16.8_i386.deb
Size/MD5: 273912 4a2bbeed39e35ade837bf0c5252d18a8
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_i386.deb
Size/MD5: 3218544 1728d522d94682e28c019ac52114e5ee
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-386_2.6.8.1-16.8_i386.deb
Size/MD5: 15495620 07d960f58f7c62219f3bab8c84f5351d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686-smp_2.6.8.1-16.8_i386.deb
Size/MD5: 16344592 43736aeb35e58650a4dc669d24586c9e
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686_2.6.8.1-16.8_i386.deb
Size/MD5: 16510374 58e769a36c95b7e2fb02c346f8e1a023
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7-smp_2.6.8.1-16.8_i386.deb
Size/MD5: 16446580 707ab31fed50380301987cdf908f32fc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7_2.6.8.1-16.8_i386.deb
Size/MD5: 16572122 130a1e3e0756f36baeb2abe1d4cc4d18

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 211976 28527f537245e89463b6d864f35f7618
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3_2.6.8.1-16.8_powerpc.deb
Size/MD5: 212792 d4caa028ddd148a5cf626e24fd56e2b1
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 211770 1a679f9a8cb5ca1ac9ca09e94620b932
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4_2.6.8.1-16.8_powerpc.deb
Size/MD5: 212552 24bd43a4175096d6c6902c09d3f27ada
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 212468 cf64644599f48e6f79607f2ef2828a4f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc_2.6.8.1-16.8_powerpc.deb
Size/MD5: 214188 e9e282b0a5bced4d7076be4c3579d2fc
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_powerpc.deb
Size/MD5: 3295930 2f1221af1c58f4022c4b1d2bd65969b0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 16365444 43639f3be7e293022b35ee5c81ab5e56
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3_2.6.8.1-16.8_powerpc.deb
Size/MD5: 15943014 29b418119238132d57cec31b664ded6f
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 16352068 14ba608517df8f646a0566d8ccf8d8d0
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4_2.6.8.1-16.8_powerpc.deb
Size/MD5: 15922188 e0e7bb9b81990390b0a10b98b9cb628d
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc-smp_2.6.8.1-16.8_powerpc.deb
Size/MD5: 16287446 1056d6e8e50c52acd204fa03ad0deb40
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc_2.6.8.1-16.8_powerpc.deb
Size/MD5: 15976232 857d8bfc1d5f658c319cba44b676ed7b


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_57_1_linux_kernel_vulnerabilities.html)