Lucene search

K
debianDebianDEBIAN:DSA-1304-1:F0B6A
HistoryJun 16, 2007 - 10:57 a.m.

[SECURITY] [DSA 1304-1] New Linux kernel 2.6.8 packages fix several vulnerabilities

2007-06-1610:57:02
lists.debian.org
25

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

37.8%


Debian Security Advisory DSA 1304-1 [email protected]
http://www.debian.org/security/ Dann Frazier
June 16th, 2007 http://www.debian.org/security/faq


Package : kernel-source-2.6.8
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID : CVE-2005-4811 CVE-2006-4814 CVE-2006-4623 CVE-2006-5753
CVE-2006-5754 CVE-2006-5757 CVE-2006-6053 CVE-2006-6056
CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
CVE-2007-1357 CVE-2007-1592

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.

This update also fixes a regression in the smbfs subsystem which was introduced
in DSA-1233 which caused symlinks to be interpreted as regular files.

The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2005-4811

David Gibson reported an issue in the hugepage code which could permit
a local DoS (system crash) on appropriately configured systems.

CVE-2006-4814

Doug Chapman discovered a potential local DoS (deadlock) in the mincore
function caused by improper lock handling.

CVE-2006-4623

Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
can be triggered by a ULE package with an SNDU length of 0.

CVE-2006-5753

Eric Sandeen provided a fix for a local memory corruption vulnerability
resulting from a misinterpretation of return values when operating on
inodes which have been marked bad.

CVE-2006-5754

Darrick Wong discovered a local DoS (crash) vulnerability resulting from
the incorrect initialization of "nr_pages" in aio_setup_ring().

CVE-2006-5757

LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted iso9660 filesystem.

CVE-2006-6053

LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted ext3 filesystem.

CVE-2006-6056

LMH reported a potential local DoS which could be exploited by a malicious
user with the privileges to mount and read a corrupted hfs filesystem on
systems with SELinux hooks enabled (Debian does not enable SELinux by
default).

CVE-2006-6060

LMH reported a potential local DoS (infinie loop) which could be exploited
by a malicious user with the privileges to mount and read a corrupted NTFS
filesystem.

CVE-2006-6106

Marcel Holtman discovered multiple buffer overflows in the Bluetooth
subsystem which can be used to trigger a remote DoS (crash) and potentially
execute arbitray code.

CVE-2006-6535

Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
which could be exploited by a local user to cause data corruption.

CVE-2007-0958

Santosh Eraniose reported a vulnerability that allows local users to read
otherwise unreadable files by triggering a core dump while using PT_INTERP.
This is related to CVE-2004-1073.

CVE-2007-1357

Jean Delvare reported a vulnerability in the appletalk subsystem.
Systems with the appletalk module loaded can be triggered to crash
by other systems on the local network via a malformed frame.

CVE-2007-1592

Masayuki Nakagawa discovered that flow labels were inadvertently
being shared between listening sockets and child sockets. This defect
can be exploited by local users to cause a DoS (Oops).

The following matrix explains which kernel version for which architecture
fix the problems mentioned above:

                             Debian 3.1 (sarge)
 Source                      2.6.8-16sarge7
 Alpha architecture          2.6.8-16sarge7
 AMD64 architecture          2.6.8-16sarge7
 HP Precision architecture   2.6.8-6sarge7
 Intel IA-32 architecture    2.6.8-16sarge7
 Intel IA-64 architecture    2.6.8-14sarge7
 Motorola 680x0 architecture 2.6.8-4sarge7
 PowerPC architecture        2.6.8-12sarge7
 IBM S/390 architecture      2.6.8-5sarge7
 Sun Sparc architecture      2.6.8-15sarge7

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

Upgrade Instructions


wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.dsc
  Size/MD5 checksum:      621 5549801d7afb55815fdbdab176ca876e
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6.tar.gz
  Size/MD5 checksum:    30783 ca74ee036a13e209a496d86cfa216a3a
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.dsc
  Size/MD5 checksum:     1092 5873dba0c647976525db473f74acb9e0
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge2.tar.gz
  Size/MD5 checksum:     2310 77fa2acc4981a8139a83ab5ba38b2496
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.dsc
  Size/MD5 checksum:      812 31724186421d5e75b4d30bc4c5ac4cfe
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge7.tar.gz
  Size/MD5 checksum:    41795 5cf6d42b220f46f3dac97d1c04a8f259
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.dsc
  Size/MD5 checksum:     1103 375e1122fd79645e41edab034be9de0f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge7.tar.gz
  Size/MD5 checksum:    79256 ca9f65f94ea59b6d7edaf6b78de20adb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.dsc
  Size/MD5 checksum:     1013 f815fd7077a24a9bc1639e8965ac8436
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge7.tar.gz
  Size/MD5 checksum:    70389 9ebd6b53dfe6592d0783727b994c093e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.dsc
  Size/MD5 checksum:     1047 77659b43aa4f6e16200a2fc7c965f38d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge7.tar.gz
  Size/MD5 checksum:    93525 8def6bcf41cc21b34233d64a91fd3711
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.dsc
  Size/MD5 checksum:     1191 672189ecf8912c0c58dc83dee1db8c43
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge7.tar.gz
  Size/MD5 checksum:    67022 d9201644c379a6014c0cc604bfb8e0ab
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.dsc
  Size/MD5 checksum:      874 faf43ca53f82737f123afab17a74f052
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge7.tar.gz
  Size/MD5 checksum:    20214 82cb545e2b7abbb013cae38deebf4e08
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.dsc
  Size/MD5 checksum:      846 64007a13f7e337cbf008bc2c74b52ea1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge7.tar.gz
  Size/MD5 checksum:    15750 201c22a6234947a99c468f2779160b33
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.dsc
  Size/MD5 checksum:     1036 354dca83df1ed4b6fd9eb056aa868a0e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge7.tar.gz
  Size/MD5 checksum:    29718 2238b6f81d4b7c64e75d21749a2c9c71
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.dsc
  Size/MD5 checksum:     1071 1bc90c9c9a884ca21de67e47f7f71831
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge7.tar.gz
  Size/MD5 checksum:    29824 c5af34b00421bbf54f73210fae7da80a
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.dsc
  Size/MD5 checksum:     1002 045ef1474c1a353d5aa48dea8c67183b
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7.diff.gz
  Size/MD5 checksum:  1086810 4d9a1726c26fb571d1b10bc94f4ee102
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
  Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc
  Size/MD5 checksum:      703 adb50819acd30f02a8c22f0397675bb5
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz
  Size/MD5 checksum:     4358 469b36e05242fb4ce2adfc0d102fa2aa

Architecture independent components:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge7_all.deb
  Size/MD5 checksum:    13864 651d60ecebfed7a105e0263f6fe5478e
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge7_all.deb
  Size/MD5 checksum:  6185220 661002c3ad09bbd5dcab929d531041b2
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge7_all.deb
  Size/MD5 checksum:  1142308 4cbfb30ffaf7e431cf8b162a37c543a3
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge7_all.deb
  Size/MD5 checksum: 34947952 2487a3846e7143fdfca3ad5664028c88
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge7_all.deb
  Size/MD5 checksum:    37742 9d7013f35ef4f2720147f393efa265a4

Alpha architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-16sarge7_alpha.deb
  Size/MD5 checksum:  2762560 84e7e74114738170f4d9f7df9e270b78
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
  Size/MD5 checksum:   234956 23c852ab91eb4a3ac982c9cbe04eff84
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
  Size/MD5 checksum:   229566 aa37cc2ff3b38f45f0e83bed8d177b47
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-16sarge7_alpha.deb
  Size/MD5 checksum: 20243562 d927ee8555993b8d6fc77790d3b55711
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-16sarge7_alpha.deb
  Size/MD5 checksum: 20097284 206b31b2bd3751fcea2607ee351c9889

AMD64 architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:  2725500 3f3ab58e8870ab61b9e23c23761a4604
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:   228840 d16b8661666cdde1b13b566da719f49e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:   228024 afcb92db3b32fcef246cfdbaebc7c488
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:   224084 d726ad34628dce5f56a292726ef77418
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:   225808 d284e53c3827339b685be9c0b2c2bfb0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum:   222522 97e162f7245121533a0a20fd6e439b1f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum: 12574610 c65adc755a40692b1351fa778a7ce25b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum: 13273222 e94fdc0178812250ce7beb3cbcb5156d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum: 13229476 87dfdba1729330c694e488fc9bef1bd2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum: 13077014 02066ed9e51dbd403e4774492a1f1a4c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_amd64.deb
  Size/MD5 checksum: 13058474 9599a93b640a5d5e8da7f23ed7f4ab27

HP Precision architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum:  2803824 0eb5a4184865094e9e835cd6f199b00c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum:   214636 3292ec383938984d8131a40f277319a5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum:   213972 61f3fc8bb2046797b43a00c2221e1171
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum:   213562 ee18d9c16cc6331dbb298d9262abbc9e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum:   212888 698a340ca8a5e1d1609dc6352b0199ae
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum: 16039300 662e50ec503587eeb8745cc5744bfcc1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum: 16947726 551b44ab6365f48c3728046f9c625406
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum: 17493200 d463b06fd140bedf5ff92c922b3cff50
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-6sarge7_hppa.deb
  Size/MD5 checksum: 18325380 6b79ea34d4e01ee2aea71140b379b380

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge6_i386.deb
  Size/MD5 checksum: 12007024 966cfd1adb7d4eb8b14eff257ad90576
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   140588 4d3d9c96e4566ea0ae5b8ce33892b9f5
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   153216 ec1de04dfe524ed566c9168317c7f96d
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   156142 d3d7ccde57a411d1e57fd606dac627fb
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   160348 3f0273700f3be9fa5430046ba227dd91
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   149216 69c40d1ebb04a5ceca0374d28ff6faa2
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   154834 49bca7c096574c6c0dbfe44db03c2cd0
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   158768 d31bb7bcec9ea2d123df2d9d2fc3ccff
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   147778 16e794df6938137a2bd066f4765c5cb2
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   165352 c92a69dee0c20259819ff4a6e1ce127f
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   169670 fa480aa39abd471188776c526fd168fc
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   163782 ae0f354c82688de2119cd9ade09e74c7
http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb
  Size/MD5 checksum:   168098 bf6e5340a8f9c1484ee5ec72def36707
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:  2782142 060404a3576c79845753ca1d7fd32a20
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   260950 875fa8dd31aa4ec2cd60789028b8998a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   259062 0aec026194b11813344b17bfcce1f891
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   256060 8bb21af70c57b6dce4f6e21e1681e1f9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   259116 d894737b2d3bd873362fe8df8ec413b2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   256212 7bbbee51dae99f8a71d85284311bef37
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 14068328 6086f827005699f3ce18e8e38a4e6fff
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 15553736 91c0c8cf6f38ff8b13c33ff8eb76914f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 15391134 41f0635a9278030173cb9a949111e14e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 15275512 9e089adef128031a8f2115243ee03bd2
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 15168590 2d54f3727c4d608a21400408b2c9d493
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:  2725464 90eeb0a9f5709f84c3c938616b1fccb5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   228766 ffbb8044767a4e03782e14941b72f96d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   227862 5a0d244abec1d92b8405c2d55f8d8ccc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   224060 bbd653fcc567ce1c4c39af98e4e14f5c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   225776 52376bf8dc98cbd4729ca25461efb079
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum:   222518 39139014fc8b44bbc87db457a49ac084
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 12574442 d17f627e1d88d8bb3c57d10b108ce4d0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 13273306 fd8193f685bc9ea4f76b39f00bba8f50
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 13229824 5989357674d3f4e12bc2fc89a86ba549
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 13226862 dc2ebac9133fcd8c1b85fb539d779683
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-16sarge7_i386.deb
  Size/MD5 checksum: 13205066 6daa6858e61b1843e038f9e2a04df41c

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9496 bd1b20781c0a0261864cb25bfd65d9a4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9560 7e3ff1e6eee69c81f42dd9912dce7baf
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9526 4d29c68fcde4f1164f310a8071783953
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9586 4b0c7ca8651f9c785eccce8b356f766b
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:  3101574 b38d525273063519f869b8025e586bf5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:   203348 25239d213c84ee50c68884e6285a95c4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:   202850 8dc59012398a37e508bb33ed5088addd
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:   202972 4370ad87aa8f711509fec39878608621
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:   202650 804b0b5408cf7d67187f620bf7c0c6c1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9486 f2391dc971232c3c8a8ab0de5b551fe6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9556 3cae8e8cdf69ec485d731937ff6f0c30
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9516 1febb236a0987f6a4be151e3923a7ed5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum:     9582 275b6170b6857bd1af929448dc54436c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum: 21496480 8ba69f1e15994cfe843718d7b46e069f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum: 22145752 8ac7fa1bf92bf1c4c0205c182e70c0e9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum: 21409290 211383f4405c60f9dcd6f4abd63a863a
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-14sarge7_ia64.deb
  Size/MD5 checksum: 22161834 89aa6c21852a1dd897de9ee9c6686d31

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3308982 e5231d0f463e8cfad8a2b0affc640639
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3106740 4cb685cf5ba010c1af6c345b72bf9a09
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3019810 daedbf476546953537e8b2fd0947bac4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  2991960 7f83fcf87edd48606c27e6e539c5e8ab
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3180758 479afd4614662b56a7f877a16c5733a8
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  2984108 246b0da97b814115941b6b367a5a6d69
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3052328 2a85ffeca76f8a87c09aab9da0365b35
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  3113210 f6f561b65d33a58a0b4a2ba3b5d4eb37
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge7_m68k.deb
  Size/MD5 checksum:  2998472 665ea6e94f3e3215bdddde333a8e9109

PowerPC architecture:

http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409476 5e7a4e3b2ed13f34b1e2677a497ee1e9
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409404 20c20aa48f210bda7407c38b025aa55e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409410 f334dac64177c488d67f466ebcf3e169
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409324 de89552c4f4a5b12c56653cd50fc7f95
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409688 fcafa2cd922a131165ab0595375426ab
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:   409482 034ca72a697bfaaaf3f2594a5403f59c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum:  5150300 70cca6665a0fc4f994c5ce7fda3a59e6
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13587026 458c7359fbbc76bc02eb8ef2b55cc0b9
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13948056 a720aaf5f4b6ce53847e96435676842d
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13579066 36f3e22d4d878a5733272019c5b3f25e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13934448 689456442e9921f8f5f724b82c1a4388
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13605826 589790a4236615c0b2e7ad508edfbe7c
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-12sarge7_powerpc.deb
  Size/MD5 checksum: 13864916 50a87b0529f598e4d4684ee6221e3cef
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb
  Size/MD5 checksum:    38440 5dd90d5f03bfe8457c5c2ecadc9c2d1c
http://security.debian.org/pool/updates/main/m/mol-modules-2.6.8/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb
  Size/MD5 checksum:    39372 4edd33511d47ff9e6cf971b0e930374e

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-5sarge7_s390.deb
  Size/MD5 checksum:  5089222 1df72a6dadb3d4c860e7fb98b8059055
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-5sarge7_s390.deb
  Size/MD5 checksum:  2987292 c1defc5cabc10eaaf039513911ef0bb1
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-5sarge7_s390.deb
  Size/MD5 checksum:  1147294 d2b7b3d5780fca7a4c02f26c2d13c0ba
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-5sarge7_s390.deb
  Size/MD5 checksum:  3194032 d8e5e1f978e0342345190501e22bce49

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:     8128 2c3760c5ad3d06d389c33f5fc4cb0bca
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:  2893516 02e8eca22069fc8d5ccaf3fb20ac3c52
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:   113334 ed0eb1de3b97b909c45dffeed89d40fb
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:   148128 bafc5bf78fae912f73a38d927a2cbd47
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:   148594 2d01718f8cd038942004778a23ce91b4
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:  4556924 0061d182061c7b821fb208f348ed870f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:  7440258 ce79e30d9a4807a8bf565b9045b47f9c
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-15sarge7_sparc.deb
  Size/MD5 checksum:  7638478 306f0c1fc183597513943c030c06505a

These files will probably be moved into the stable distribution on
its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

37.8%

Related for DEBIAN:DSA-1304-1:F0B6A