USN-715-1: Linux kernel vulnerabilities
Posted on: 01/30/2009 04:30 AM

A new Linux kernel vulnerabilities update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-715-1 January 29, 2009
linux vulnerabilities
CVE-2008-5079, CVE-2008-5182, CVE-2008-5300, CVE-2008-5395,
CVE-2008-5700, CVE-2008-5702

A security issue affects the following Ubuntu releases:

Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.10:
linux-image-2.6.27-11-generic 2.6.27-11.27
linux-image-2.6.27-11-server 2.6.27-11.27
linux-image-2.6.27-11-virtual 2.6.27-11.27

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

Details follow:

Hugo Dias discovered that the ATM subsystem did not correctly manage
socket counts. A local attacker could exploit this to cause a system hang,
leading to a denial of service. (CVE-2008-5079)

It was discovered that the inotify subsystem contained watch removal
race conditions. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not
correctly release allocated memory. A local attacker could exploit
this to force the system to run out of free memory, leading to a denial
of service. (CVE-2008-5300)

Helge Deller discovered that PA-RISC stack unwinding was not handled
correctly. A local attacker could exploit this to crash the system,
leading do a denial of service. This did not affect official Ubuntu
kernels, but was fixed in the source for anyone performing HPPA kernel
builds. (CVE-2008-5395)

It was discovered that the ATA subsystem did not correctly set timeouts. A
local attacker could exploit this to cause a system hang, leading to a
denial of service. (CVE-2008-5700)

It was discovered that the ib700 watchdog timer did not correctly check
buffer sizes. A local attacker could send a specially crafted ioctl
to the device to cause a system crash, leading to a denial of service.

Updated packages for Ubuntu 8.10:

Source archives:
Size/MD5: 3045315 319b70724933690ebeaf2570c08e5872
Size/MD5: 1529 1f0ca8782583778c06befbe486a5537c
Size/MD5: 63721466 482b04f680ce6676114ccfaaf8f66a55

Architecture independent packages:
Size/MD5: 3480820 102ffe69d583daaea25e9dc16624cf1d
Size/MD5: 5782904 b7de142c5ded4e2e26037799b045b17d
Size/MD5: 52041978 3eb25260c3bf95d7110174a153457fe4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 36522 9e9b81519f796f9c8d970e369e6235b9
Size/MD5: 264132 781d177036c0d1f8d04fca8fd1322ad4
Size/MD5: 53470 8e367a9fbbb2aea106db18724fbd78e8
Size/MD5: 43124 32bb76a5c82cf4787e015a8d14a78b96
Size/MD5: 52340 46d233691c5842fa9f7347216eba0ce1
Size/MD5: 89726 a8ac9ef887eacc31ebc322cf37223aec
Size/MD5: 38136 9d6bf29c616ae927c9341f80cb1d354b
Size/MD5: 677334 2d925e6343fb97c1ce8c6c09438e3718
Size/MD5: 158556 40a73a5eb7858e877a17a6d0a28c3043
Size/MD5: 46412 641ffe0928f442956384d73dc5fcb9cb
Size/MD5: 154052 7891486ab310849caa511a7ea3a1bf7c
Size/MD5: 312654 b1d2f2e0e9806822dbdd40733a2cce06
Size/MD5: 2602056 b4700083fb77226533a5bd56e53e75e5
Size/MD5: 650884 057a9ec3b2e95418feb15f4ff322a0be
Size/MD5: 650812 78edc2defb2ee5021fc467dd1371165b
Size/MD5: 23066840 67bb78180690fd6c6279b3e6646949b6
Size/MD5: 23063204 17ec50d1369bf3c1de230498ec658de1
Size/MD5: 10458152 dfa3ac79fa292857dd7180a8b5533121
Size/MD5: 663848 8e0665e8893317c6b1129439cbf8612c
Size/MD5: 434908 b5a695a4f2f24657ea84c929f5d7ee62
Size/MD5: 186342 b7a1cca322d68a0f9527ae2d72fc6231
Size/MD5: 275584 b22e9e6b69184f316a19c962318aa10e
Size/MD5: 1808120 824533c7be48a5d527ba67b89bb5518f
Size/MD5: 151332 c649c8efebd591d06e236cf67038a3c7
Size/MD5: 194226 7dc44b61e6db4e263792a41021b32f23
Size/MD5: 167994 b0eec2b2c31f2722fa09b1f93146dfc1
Size/MD5: 36462 ac920fe410b1d3966c5b09771550160f
Size/MD5: 83386 c7bc43aad167ea7072f594048b631658
Size/MD5: 71942 628766ec1e59a39a404ea0347f610c59
Size/MD5: 23248 048d2bbe2abb50df1c7c3418ef1c41d4
Size/MD5: 9018 975b1829cf22116ac762dadb64134904
Size/MD5: 68450 e9f1d069286257e48656fd6bdcce9bab
Size/MD5: 110420 6ab3fac78aec7c2415f2c4f1125c4c13
Size/MD5: 1275722 c1679d35e5b5ac1ba621cf0be47c3183
Size/MD5: 47598 4a49b7ce281ba54376b481ce6262b893
Size/MD5: 13326 aba5704b3eb0815e06c1ea0e4b2ccdf6
Size/MD5: 393692 6d4c19e8ad0d57be0405765494b24e9d
Size/MD5: 200842 1381efd1c93a15db6624ae8e8d9df104
Size/MD5: 13584 4a7ccf52bdc9b3d0dad86552fa461f0d

i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 33940 53d8f886cc515299e0eb7fe2a71e98e2
Size/MD5: 244608 8d93bedf28c656de410ce24e1a350e8e
Size/MD5: 55386 cf79c0e3fe330fe240dd0f11b07e909a
Size/MD5: 41266 39a834a82711ec66c6b27937770d1805
Size/MD5: 48690 5f04814a5a76700b49ef21a75af6d161
Size/MD5: 86928 8a7931fd909cf6ae6d0564c97186d070
Size/MD5: 33954 8d3bcb9e61f855ea8b6386f01342b43f
Size/MD5: 674578 fd257461743980b6e4e8bb7e10ab6f3d
Size/MD5: 158190 520a2b2d77a7cbc688c4c70a12c7d7cb
Size/MD5: 43714 8b9aa57db293e55cef3d60f5becc7263
Size/MD5: 144884 7fbc0d69548b95a16eec745bddc79337
Size/MD5: 301946 8c81d047b7c026b20591d191e945e997
Size/MD5: 2431736 394df3bd7f18565be6901a5ea1712105
Size/MD5: 632990 c05b53970da1f25e9c81668a09e9b3ae
Size/MD5: 633356 b8307ea92110ae4c9b5ebeca7d36f4d8
Size/MD5: 23447370 9a758b4ecf00f126be500b1df7caf344
Size/MD5: 23581390 ec5535e94eb5775cb8a678c579de8df5
Size/MD5: 10096662 c1778afb9dabe62225b7d766e160498e
Size/MD5: 663792 7d3ab57dfd5d2f9c537634247e9398d5
Size/MD5: 432704 891b06a4f4240bab98735a0a26b15234
Size/MD5: 170998 f433e304c1e459f25988617280e15890
Size/MD5: 264000 6f2e567b929370211311a86899e85243
Size/MD5: 1991656 dca60f4f4fa22e08355e3cd4ce381b05
Size/MD5: 150938 db2ad37e334d23e2d775a7ee05e12652
Size/MD5: 183914 8c89dc120cd8ae8ab6a9ed22abe1ff4d
Size/MD5: 157596 a3f0343a661a2207d0c2a76234698a1c
Size/MD5: 34458 84e133df5aaa20cb1a9b6635c62dd48f
Size/MD5: 78180 206749d441c3ca3b944ef63882f0d3f1
Size/MD5: 86136 93ffbb4882c09e989335910e1c98530e
Size/MD5: 51164 3e1f3994e027b35c0cfd3824357415ac
Size/MD5: 8794 593b7c703dab68100a29326611f07071
Size/MD5: 64170 56a1b6a05fc9c6334fa232ee5753234c
Size/MD5: 101846 f72497e53cbb1517c01ad754dcbc68dd
Size/MD5: 1448908 d634feb7eace4987a4466dae309246b4
Size/MD5: 44520 a5e92227ba7d965e33ed76d9c53cc1d5
Size/MD5: 12478 c004549b61d3fb69fdbceb890f430cdc
Size/MD5: 372730 98180fd4bbe2441a04b191f1b6dae1a7
Size/MD5: 189760 27a4ed16ecfa113cce764df26c2a707f
Size/MD5: 12986 afde633f64a103dc86644d482210e552

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook lt;kees@outflux.netgt;


Printed from Linux Compatible (