RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Just to update anyone who cares, I moved the modules back and rebooted, and verified that the system would have on bootup. Then I converted from ext2 to ext3, and was able to boot just fine. I will let this system run over the weekend and see how it is on Monday. Jase > -Original Message- > From: Desai, Jason > Sent: Friday, February 29, 2008 12:23 PM > To: 'Vladislav Kurz' > Cc: 'debian-security@lists.debian.org'; > '[EMAIL PROTECTED]' > Subject: RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 > packages fix several issues > > I have noticed very similar things with one of my boxes which > was upgraded to the latest 2.4.27 kernel. Sometimes, it > would even hang when running depmod from the modutils init > script when booting. I did some troubleshooting, and found > that the older kernel boots fine. Moving some modules out to > a different directory allowed the system to boot. But it > would eventually hang after a few hours, sometimes after only > minutes. Like you indicated - ping would work. But there > was nothing in the logs on the screen for me. > > I had other systems upgraded to this kernel too, and they > seem ok. Most use ext3. However one does use ext2, and so > far it has been ok. The system giving me problems is a VM > running inside of VMWare Server. I was thinking the issue > may have been with VMWare. > > I may consider trying to go to ext3 to see if that improves things. > > Jase > > > -Original Message- > > From: Vladislav Kurz [mailto:[EMAIL PROTECTED] > > Sent: Friday, February 29, 2008 11:06 AM > > To: debian-security@lists.debian.org > > Cc: [EMAIL PROTECTED] > > Subject: Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 > > packages fix several issues > > > > Hello all, > > > > I wanted to file this through BTS but I'm not sure which > > package is the right > > place ot file kernel related bugs. Therefore I post here. > > > > It seems that last upgrade of kernel 2.4.27 is causing system > > crash and maybe > > even filesystem corruption at least with ext2 filesystem. > > > > Yesterday I have upgraded and rebooted couple of machines > > that still use > > kernel version 2.4.27, and one of them crashed after 5 and > half hours. > > It still responded to pings, maybe routing and firewalling as > > well, but SSH > > and other services were unavailable. This is the only machine > > still using > > ext2 filesystem. > > > > After rebooting i worked fine until I tried to access some parts of > > filesystem. I susected problems with hard disk but there were > > no messages on > > console (I expected I/O errors and such). Memory was fine as well. > > Checking filesystem with read-olny badblock scan "fsck -c > > /dev/hda2" reported > > everything OK. But at the moment I tried to copy (rsync, tar) > > the filesystem > > to new disk it crashed again. Copying the filesystem with dd > > was fine, but > > when i loop-mounted the image and tried to copy from there, > > system crashed > > again. So I ruled out hardware problems and tried to reboot > > with old kernel, > > and to my surprise I could read the "broken" filesystem > > without any problems. > > > > With old kernel I was able to rsync files to new hard drives, > > so the system is > > up and running now. (Using old kernel.) I can provide > > filesystem image > > of "broken" /usr partition for analysis. > > > > All my other servers running 2.4.27-4 kernels use ext3 > > filesystems seem to be > > OK, but I'm quite afraid if it might happen on ext3 as well. > > > > These bugfixes seem to be the only ones that have to do > > something with > > ext2/ext3. Could someone look into this issue? I will try to > > be as heplful as > > possibe debugging this stuff. > > > > > CVE-2006-6053 > > > > > > LMH reported a potential local DoS which could be > exploited by a > > > malicious user with the privileges to mount and read a > > corrupted ext3 > > > filesystem. > > > > > > CVE-2006-6054 > > > > > > LMH reported a potential local DoS which could be > exploited by a > > > malicious user with the privileges to mount and read a > > corrupted ext2 > > > filesystem. > > > > > > > Anyway, big thanks to the security team for the work that thay do. > > > > -- > > Regards > > Vladislav Kurz > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > >
RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
I have noticed very similar things with one of my boxes which was upgraded to the latest 2.4.27 kernel. Sometimes, it would even hang when running depmod from the modutils init script when booting. I did some troubleshooting, and found that the older kernel boots fine. Moving some modules out to a different directory allowed the system to boot. But it would eventually hang after a few hours, sometimes after only minutes. Like you indicated - ping would work. But there was nothing in the logs on the screen for me. I had other systems upgraded to this kernel too, and they seem ok. Most use ext3. However one does use ext2, and so far it has been ok. The system giving me problems is a VM running inside of VMWare Server. I was thinking the issue may have been with VMWare. I may consider trying to go to ext3 to see if that improves things. Jase > -Original Message- > From: Vladislav Kurz [mailto:[EMAIL PROTECTED] > Sent: Friday, February 29, 2008 11:06 AM > To: debian-security@lists.debian.org > Cc: [EMAIL PROTECTED] > Subject: Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 > packages fix several issues > > Hello all, > > I wanted to file this through BTS but I'm not sure which > package is the right > place ot file kernel related bugs. Therefore I post here. > > It seems that last upgrade of kernel 2.4.27 is causing system > crash and maybe > even filesystem corruption at least with ext2 filesystem. > > Yesterday I have upgraded and rebooted couple of machines > that still use > kernel version 2.4.27, and one of them crashed after 5 and half hours. > It still responded to pings, maybe routing and firewalling as > well, but SSH > and other services were unavailable. This is the only machine > still using > ext2 filesystem. > > After rebooting i worked fine until I tried to access some parts of > filesystem. I susected problems with hard disk but there were > no messages on > console (I expected I/O errors and such). Memory was fine as well. > Checking filesystem with read-olny badblock scan "fsck -c > /dev/hda2" reported > everything OK. But at the moment I tried to copy (rsync, tar) > the filesystem > to new disk it crashed again. Copying the filesystem with dd > was fine, but > when i loop-mounted the image and tried to copy from there, > system crashed > again. So I ruled out hardware problems and tried to reboot > with old kernel, > and to my surprise I could read the "broken" filesystem > without any problems. > > With old kernel I was able to rsync files to new hard drives, > so the system is > up and running now. (Using old kernel.) I can provide > filesystem image > of "broken" /usr partition for analysis. > > All my other servers running 2.4.27-4 kernels use ext3 > filesystems seem to be > OK, but I'm quite afraid if it might happen on ext3 as well. > > These bugfixes seem to be the only ones that have to do > something with > ext2/ext3. Could someone look into this issue? I will try to > be as heplful as > possibe debugging this stuff. > > > CVE-2006-6053 > > > > LMH reported a potential local DoS which could be exploited by a > > malicious user with the privileges to mount and read a > corrupted ext3 > > filesystem. > > > > CVE-2006-6054 > > > > LMH reported a potential local DoS which could be exploited by a > > malicious user with the privileges to mount and read a > corrupted ext2 > > filesystem. > > > > Anyway, big thanks to the security team for the work that thay do. > > -- > Regards > Vladislav Kurz > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Hello all, I wanted to file this through BTS but I'm not sure which package is the right place ot file kernel related bugs. Therefore I post here. It seems that last upgrade of kernel 2.4.27 is causing system crash and maybe even filesystem corruption at least with ext2 filesystem. Yesterday I have upgraded and rebooted couple of machines that still use kernel version 2.4.27, and one of them crashed after 5 and half hours. It still responded to pings, maybe routing and firewalling as well, but SSH and other services were unavailable. This is the only machine still using ext2 filesystem. After rebooting i worked fine until I tried to access some parts of filesystem. I susected problems with hard disk but there were no messages on console (I expected I/O errors and such). Memory was fine as well. Checking filesystem with read-olny badblock scan "fsck -c /dev/hda2" reported everything OK. But at the moment I tried to copy (rsync, tar) the filesystem to new disk it crashed again. Copying the filesystem with dd was fine, but when i loop-mounted the image and tried to copy from there, system crashed again. So I ruled out hardware problems and tried to reboot with old kernel, and to my surprise I could read the "broken" filesystem without any problems. With old kernel I was able to rsync files to new hard drives, so the system is up and running now. (Using old kernel.) I can provide filesystem image of "broken" /usr partition for analysis. All my other servers running 2.4.27-4 kernels use ext3 filesystems seem to be OK, but I'm quite afraid if it might happen on ext3 as well. These bugfixes seem to be the only ones that have to do something with ext2/ext3. Could someone look into this issue? I will try to be as heplful as possibe debugging this stuff. > CVE-2006-6053 > > LMH reported a potential local DoS which could be exploited by a > malicious user with the privileges to mount and read a corrupted ext3 > filesystem. > > CVE-2006-6054 > > LMH reported a potential local DoS which could be exploited by a > malicious user with the privileges to mount and read a corrupted ext2 > filesystem. > Anyway, big thanks to the security team for the work that thay do. -- Regards Vladislav Kurz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
