Lucene search

HistoryNov 06, 2009 - 12:51 a.m.

[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities


Debian Security Advisory DSA-1929-1 Dann Frazier
November 5, 2009

Package : linux-2.6
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-1883 CVE-2009-2909 CVE-2009-3001 CVE-2009-3002
CVE-2009-3228 CVE-2009-3238 CVE-2009-3286 CVE-2009-3547
CVE-2009-3612 CVE-2009-3621

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:


Solar Designer discovered a missing capability check in the
z90crypt driver or s390 systems. This vulnerability may allow
a local user to gain elevated privileges.


Arjan van de Ven discovered an issue in the AX.25 protocol
implementation. A specially crafted call to setsockopt() can
result in a denial of service (kernel oops).


Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE
802.2 LLC implementation. This is not exploitable in the Debian
lenny kernel as root privileges are required to exploit this


Eric Dumazet fixed several sensitive memory leaks in the IrDA,
X.25 PLP (Rose), NET/ROM, Acorn Econet/AUN, and Controller Area
Network (CAN) implementations. Local users can exploit these
issues to gain access to kernel memory.


Eric Dumazet reported an instance of uninitialized kernel memory
in the network packet scheduler. Local users may be able to
exploit this issue to read the contents of sensitive kernel


Linus Torvalds provided a change to the get_random_int() function
to increase its randomness.


Eric Paris discovered an issue with the NFSv4 server
implementation.  When an O_EXCL create fails, files may be left
with corrupted permissions, possibly granting unintentional
privileges to other local users.


Earl Chew discovered a NULL pointer dereference issue in the
pipe_rdwr_open function which can be used by local users to gain
elevated privileges.


Jiri Pirko discovered a typo in the initialization of a structure
in the netlink subsystem that may allow local users to gain access
to sensitive kernel memory.


Tomoki Sekiyama discovered a deadlock condition in the UNIX domain
socket implementation. Local users can exploit this vulnerability
to cause a denial of service (system hang).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch1.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases. All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

                                         Debian 4.0 (etch)
 fai-kernels                             1.17+etch.26etch1
 user-mode-linux                         2.6.18-1um-2etch.26etch1

Upgrade instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Oldstable updates are available for alpha, amd64, hppa, i386,
ia64, powerpc and s390 architectures. Updates for other
architectures will be released as the they become available.

Source archives:
Size/MD5 checksum: 5514957 b9cb3b1e1ba1196b9020e6d07d48b752
Size/MD5 checksum: 5673 4ba2595893287a7b82713ca182aad7be
Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060

Architecture independent packages:
Size/MD5 checksum: 3721660 836e780dd306ee60318d8ac1c28087eb
Size/MD5 checksum: 41474520 7457b0e444adb6b31dbcda82768671cd
Size/MD5 checksum: 1852976 ec11d9e2967a87b27fac807f80218d0e
Size/MD5 checksum: 58896 e7dc19b1c3f0a22c1764420642117fa8
Size/MD5 checksum: 3593482 146e26a9c17bfa1a0a1fa198afdf1c70
Size/MD5 checksum: 1091166 7a089920e547412d07cf1ef44e47bbb1

alpha architecture (DEC Alpha)
Size/MD5 checksum: 58290 7a1661641c432bc5a1e442a71f0584ac
Size/MD5 checksum: 58254 223e25b49b1ce3fefe9934ecdda7cec4
Size/MD5 checksum: 23374558 fc6fad80b66536f0c86fe4a4923057fa
Size/MD5 checksum: 266914 bd1cb44848eb7ed46418783e958046de
Size/MD5 checksum: 267502 b719376ff7b69b31e59f49010c249d17
Size/MD5 checksum: 23440762 aace7bef32f7f7f69e1aeed69d191c41
Size/MD5 checksum: 266308 228979a449e897802d4089909eef0326
Size/MD5 checksum: 2978226 214923bbb5171e2a3daa23ed31240118
Size/MD5 checksum: 267100 60048c2f207f0b00b1fab86639f3c276
Size/MD5 checksum: 23393346 1fcae90244756e9b1ed37b08a8e39b99
Size/MD5 checksum: 23752762 c6b5c665617a937c6caee0558daa8b2d
Size/MD5 checksum: 3001856 cb672b346cd9b30717e4446ee2545fff

amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 3339600 83ef8191115cf0c23599b2ad45da661c
Size/MD5 checksum: 15279100 dba0ecedc142a8f29c08ff3cb35fc9e5
Size/MD5 checksum: 3362362 7acf6afbec42d7e386e4e99f45e07849
Size/MD5 checksum: 16822140 04e89e226683aee6fc0f5e2d2751e258
Size/MD5 checksum: 277136 04ba98f1750e31f17a52caa0add3e419
Size/MD5 checksum: 3196356 37e16a42ebf900a63d15ec1c47bd2a2a
Size/MD5 checksum: 15266172 647285195e9651e86fc78f47ca3e6aa3
Size/MD5 checksum: 1687964 2556db55e5438dc01309d7d461f91ee3
Size/MD5 checksum: 3173540 5e0fd0af39da8904a5fc459e00fe1592
Size/MD5 checksum: 276536 ac228fd76c2a64910f1194c39f5dd9a5
Size/MD5 checksum: 274660 9817c928baacf675542085e0387cfedc
Size/MD5 checksum: 16868682 d99a5ffc0a0c88dee5f8c279e3f96f64
Size/MD5 checksum: 58278 4825706649861dcc9afd8438f961ec6e
Size/MD5 checksum: 1656646 633e8373c64bb27bc283e87300ebe6cf
Size/MD5 checksum: 276056 60aec7d94ae1a1afa21cc68d5b7d3c53
Size/MD5 checksum: 58254 8bb6069f2f74da9b2bb5603898dc22e3
Size/MD5 checksum: 58240 51d240b42f43c2cb30c31f5c4bf2117c
Size/MD5 checksum: 58254 31e336851095fea2499e594987acea4b

hppa architecture (HP PA RISC)
Size/MD5 checksum: 10563254 4486c3660f904e4bd439c370b7f97c69
Size/MD5 checksum: 11814740 f178d4aa3358d09a492436d29dbee5cb
Size/MD5 checksum: 202308 42a4b6b6b9c2f711d4c3b932353457fb
Size/MD5 checksum: 11404596 9bd75cb26f23cc0c012dbcc1458c547f
Size/MD5 checksum: 11005460 01d3a246f1ffe6f368fa6ca9f4548e97
Size/MD5 checksum: 3026810 ef214434dcb13fe3bdd684bf580a6b9b
Size/MD5 checksum: 203070 d50c921e10f3dd82ff85287acaf0b14f
Size/MD5 checksum: 201556 da0a211d54dcd3e34fa29514c9934f9d
Size/MD5 checksum: 58368 9917c0b22afe4c440ec64ff6d2a608e4
Size/MD5 checksum: 201912 163590408b3e663b5f8cfae14e3c89a5
Size/MD5 checksum: 58338 58f6a43a14a89d67bb46c796e8bde247

i386 architecture (Intel ia32)
Size/MD5 checksum: 290694 8a08177d6d4f46a20086b489ce4decf2
Size/MD5 checksum: 280544 0ffbb9bc4aee76a067cebcec6f31f62e
Size/MD5 checksum: 287894 831999c67686f31d2346b0fa6b4948aa
Size/MD5 checksum: 16543512 c0b9fdc137151b96ccb8198fab8b5f72
Size/MD5 checksum: 16931792 b73f3867a2efef757fcd111916116105
Size/MD5 checksum: 14401768 eb0e34a9dfc17344c471b158faeab021
Size/MD5 checksum: 58386 9ef707bff12f1cdb495a075c13325564
Size/MD5 checksum: 58324 a00b5e3696278aa2d9c59f16267e3d06
Size/MD5 checksum: 16326580 3ad3c0068e6343b6e5f70f3c44fdb3d5
Size/MD5 checksum: 289228 4fcd19b2eb92b4550dc4a7673acc4f62
Size/MD5 checksum: 16645286 1b2290466641e1d9ef3ecf942180fe79
Size/MD5 checksum: 3215828 0c99ba0dd4abce66cda2fe6c554ccc03
Size/MD5 checksum: 16517286 a729d0b07130c615d0d32d7b2ac46852
Size/MD5 checksum: 289284 183af751e23717e0ac5821f60959e5ad
Size/MD5 checksum: 14392520 cc51caf6cedda77521b7ee9065478392
Size/MD5 checksum: 288014 c4834561b492ff42175353c524e0cbd1
Size/MD5 checksum: 58340 7c463341e612b3159e0032aaf62ab5e1
Size/MD5 checksum: 16477446 5829e6f2dce15ae1f3f74ca4d4180847
Size/MD5 checksum: 291792 74558945d364674729b71b4d2598d1c8
Size/MD5 checksum: 1304666 d9f7fb52fe8d29a9880ebc697eaae90f
Size/MD5 checksum: 3239372 a7e8ba983a1e45176d33b86871e3940e
Size/MD5 checksum: 3117812 36cc1af70a13016e79224a3f90981ac8
Size/MD5 checksum: 1332688 a1c7f6d7435eaeb22c4e7097611602e5
Size/MD5 checksum: 278926 cf2ec90e9c683c7c5904e76145b2b562
Size/MD5 checksum: 3231506 8e9ff0b708e2e616072f569f0682fa11
Size/MD5 checksum: 16604666 4d7eb157fa109072d21ec472bbbb46f1
Size/MD5 checksum: 280110 d34163dab810a30572c7c1a29b9efdb6
Size/MD5 checksum: 58326 bd8f5323a48ba297f6f404a4f26fd864

ia64 architecture (Intel ia64)
Size/MD5 checksum: 58254 d64ce41c696ae0af6e65348111b0e1c2
Size/MD5 checksum: 58276 509dcd2833bd560ed6dccffc0a448593
Size/MD5 checksum: 259696 9e187526ddd2342af180682ab502f302
Size/MD5 checksum: 259718 b670f97d9bd044492111b7698ed228c3
Size/MD5 checksum: 28023040 9c2dbc349ec7702f781f978f27987da9
Size/MD5 checksum: 3087206 3638b390791d5053b67b060e6a124866
Size/MD5 checksum: 28194506 228765e996a15ef56fc2cb94e74abeeb

powerpc architecture (PowerPC)
Size/MD5 checksum: 3462292 f3f1c68ba029943c6054421c1ba23059
Size/MD5 checksum: 261230 26a45e4c0a77f21af0e5a6ffb0dc2b63
Size/MD5 checksum: 58266 f717cc289546c2037e4ca18aa630ceb9
Size/MD5 checksum: 3486460 4c5d5df532d84da56f78e47ce6262d60
Size/MD5 checksum: 262664 e499f6e0e4278f5d4263c9a952877624
Size/MD5 checksum: 263770 d12d5f3fce934b3db4dd29d5349d84a4
Size/MD5 checksum: 15240084 96adc4183855af04aaeca7db1d37a27e
Size/MD5 checksum: 17113852 9db05c81e32ef07f342eb54374c6ac6e
Size/MD5 checksum: 16727566 dfbc08d63a91ba7bef73dfca238559f7
Size/MD5 checksum: 16506028 0f65a31aecb306f281348ad410174926
Size/MD5 checksum: 17068826 bc0941830a8d7369abaf876837a0c81e
Size/MD5 checksum: 262882 d5d2a01011e0a9efea7a7b2c0cbacc41
Size/MD5 checksum: 18433752 23a6d8183e781a43469daf3cd7769fcb
Size/MD5 checksum: 237826 90097f02a1ed0a29b81fe3bc64259696
Size/MD5 checksum: 58312 6330638237601d3ea55b2a80d1c54540
Size/MD5 checksum: 18384182 18eabc40e998896c8f77243e84f99458
Size/MD5 checksum: 254332 4ac0852bf3ba527f890f828ecd749284
Size/MD5 checksum: 262220 a5ee6d47da04555615ad2bab7f646b13

s390 architecture (IBM S/390)
Size/MD5 checksum: 148246 96f1a25db3b6aa699af3ad7185a96bd2
Size/MD5 checksum: 149402 44a4ec702fc2410f733aabe494c0f4e4
Size/MD5 checksum: 148624 78919a54c4a93dbf395369a106c76b5b
Size/MD5 checksum: 58276 133b1b15cca9cb34e07eae4f3ec4a3db
Size/MD5 checksum: 5410288 dd1b3737c133081f4b512c2a1ecb1cf6
Size/MD5 checksum: 5626808 5b7dc2c64fac5988d6070a1cddeb19f3
Size/MD5 checksum: 5672368 f31471a55f12bb17eade213d7672cb80
Size/MD5 checksum: 2971470 e546925e4309b61b6b598de04b6a1e5a
Size/MD5 checksum: 1445974 f80e8929c0406cbae86ba2bdf6c611e2
Size/MD5 checksum: 58256 3c413237e42a72c9b70f58cb65278ce9
Size/MD5 checksum: 2948300 f57e56f38edd5977cf95012c373f9519

These changes will probably be included in the oldstable distribution on
its next update.

For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and;pkg&gt;

How to protect your server from attacks?

Related for DEBIAN:DSA-1929-1:8AEEF