Lucene search

K
osvGoogleOSV:DSA-1304
HistoryJun 16, 2007 - 12:00 a.m.

kernel-source-2.6.8 - several

2007-06-1600:00:00
Google
osv.dev
16

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

0.289 Low

EPSS

Percentile

96.3%

CVE-2006-6060 CVE-2006-6106 CVE-2006-6535 CVE-2007-0958
CVE-2007-1357 CVE-2007-1592

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.

This update also fixes a regression in the smbfs subsystem which was introduced
in DSA-1233
which caused symlinks to be interpreted as regular files.

The Common Vulnerabilities and Exposures project identifies the
following problems:

  • CVE-2005-4811
    David Gibson reported an issue in the hugepage code which could permit
    a local DoS (system crash) on appropriately configured systems.
  • CVE-2006-4814
    Doug Chapman discovered a potential local DoS (deadlock) in the mincore
    function caused by improper lock handling.
  • CVE-2006-4623
    Ang Way Chuang reported a remote DoS (crash) in the dvb driver which
    can be triggered by a ULE package with an SNDU length of 0.
  • CVE-2006-5753
    Eric Sandeen provided a fix for a local memory corruption vulnerability
    resulting from a misinterpretation of return values when operating on
    inodes which have been marked bad.
  • CVE-2006-5754
    Darrick Wong discovered a local DoS (crash) vulnerability resulting from
    the incorrect initialization of nr_pages in aio_setup_ring().
  • CVE-2006-5757
    LMH reported a potential local DoS which could be exploited by a malicious
    user with the privileges to mount and read a corrupted iso9660 filesystem.
  • CVE-2006-6053
    LMH reported a potential local DoS which could be exploited by a malicious
    user with the privileges to mount and read a corrupted ext3 filesystem.
  • CVE-2006-6056
    LMH reported a potential local DoS which could be exploited by a malicious
    user with the privileges to mount and read a corrupted hfs filesystem on
    systems with SELinux hooks enabled (Debian does not enable SELinux by
    default).
  • CVE-2006-6060
    LMH reported a potential local DoS (infinite loop) which could be exploited
    by a malicious user with the privileges to mount and read a corrupted NTFS
    filesystem.
  • CVE-2006-6106
    Marcel Holtman discovered multiple buffer overflows in the Bluetooth
    subsystem which can be used to trigger a remote DoS (crash) and potentially
    execute arbitrary code.
  • CVE-2006-6535
    Kostantin Khorenko discovered an invalid error path in dev_queue_xmit()
    which could be exploited by a local user to cause data corruption.
  • CVE-2007-0958
    Santosh Eraniose reported a vulnerability that allows local users to read
    otherwise unreadable files by triggering a core dump while using PT_INTERP.
    This is related to CVE-2004-1073.
  • CVE-2007-1357
    Jean Delvare reported a vulnerability in the appletalk subsystem.
    Systems with the appletalk module loaded can be triggered to crash
    by other systems on the local network via a malformed frame.
  • CVE-2007-1592
    Masayuki Nakagawa discovered that flow labels were inadvertently
    being shared between listening sockets and child sockets. This defect
    can be exploited by local users to cause a DoS (Oops).

The following matrix explains which kernel version for which architecture
fix the problems mentioned above:

Debian 3.1 (sarge)
Source 2.6.8-16sarge7
Alpha architecture 2.6.8-16sarge7
AMD64 architecture 2.6.8-16sarge7
HP Precision architecture 2.6.8-6sarge7
Intel IA-32 architecture 2.6.8-16sarge7
Intel IA-64 architecture 2.6.8-14sarge7
Motorola 680x0 architecture 2.6.8-4sarge7
PowerPC architecture 2.6.8-12sarge7
IBM S/390 architecture 2.6.8-5sarge7
Sun Sparc architecture 2.6.8-15sarge7

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

0.289 Low

EPSS

Percentile

96.3%