[Full-Disclosure] [USN-57-1] Linux kernel vulnerabilities

Sun, 09 Jan 2005 04:42:44 -0800 

===========================================================
Ubuntu Security Notice USN-57-1            January 09, 2005
linux-source-2.6.8.1 vulnerabilities
CAN-2004-1235, CAN-2004-1337
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

linux-image-2.6.8.1-4-386
linux-image-2.6.8.1-4-686
linux-image-2.6.8.1-4-686-smp
linux-image-2.6.8.1-4-amd64-generic
linux-image-2.6.8.1-4-amd64-k8
linux-image-2.6.8.1-4-amd64-k8-smp
linux-image-2.6.8.1-4-amd64-xeon
linux-image-2.6.8.1-4-k7
linux-image-2.6.8.1-4-k7-smp
linux-image-2.6.8.1-4-power3
linux-image-2.6.8.1-4-power3-smp
linux-image-2.6.8.1-4-power4
linux-image-2.6.8.1-4-power4-smp
linux-image-2.6.8.1-4-powerpc
linux-image-2.6.8.1-4-powerpc-smp
linux-patch-debian-2.6.8.1

The problem can be corrected by upgrading the affected package to
version 2.6.8.1-16.8.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Paul Starzetz discovered a race condition in the ELF library and a.out
binary format loaders, which can be locally exploited in several
different ways to gain root privileges. (CAN-2004-1235)

Liang Bin found a design flaw in the capability module. After this
module was loaded on demand in a running system, all unprivileged user
space processes got all kernel capabilities (thus essentially root
privileges). This is mitigated by the fact that the capability module
is loaded very early in the boot process of a standard Ubuntu system,
when no unprivileged user processes are yet running. (CAN-2004-1337)

Finally, this update fixes a memory leak in the ip_conntrack_ftp
iptables module. However, it is believed that this is not exploitable.

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8.diff.gz
      Size/MD5:  3119076 f57582c0606d1ea0e076b65d91eb05cd
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8.dsc
      Size/MD5:     2119 922c3d6e417c76131ba8b7b5d97d11f8
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1.orig.tar.gz
      Size/MD5: 44728688 79730a3ad4773ba65fab65515369df84

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-doc-2.6.8.1_2.6.8.1-16.8_all.deb
      Size/MD5:  6158108 56751d7f854af87ff13abaf07cc320ab
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-patch-debian-2.6.8.1_2.6.8.1-16.8_all.deb
      Size/MD5:  1474804 3755cba14e58fa15fe2668a23fc7c541
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-source-2.6.8.1_2.6.8.1-16.8_all.deb
      Size/MD5: 36721386 4cdf59d135078a70d53e452639a8ee95
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-tree-2.6.8.1_2.6.8.1-16.8_all.deb
      Size/MD5:   307050 fd55b766e61818b11d4be2637b7ed327

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-generic_2.6.8.1-16.8_amd64.deb
      Size/MD5:   247258 925bd87655e7bcfdbd9ba63259ebc97a
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.8_amd64.deb
      Size/MD5:   242812 bd45abc5a7d111058cdbddb112edf788
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-k8_2.6.8.1-16.8_amd64.deb
      Size/MD5:   246360 8c7a1a5ce123368fc7c406f64f0e1362
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-amd64-xeon_2.6.8.1-16.8_amd64.deb
      Size/MD5:   241166 7b1efc7c6bdcf0c5ef860c4fea64c2f1
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_amd64.deb
      Size/MD5:  3177796 dc6779154eaa2611ff962e82a97ea06d
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-generic_2.6.8.1-16.8_amd64.deb
      Size/MD5: 14353270 9138d0af85f5470120f5f5aebf2b87c8
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8-smp_2.6.8.1-16.8_amd64.deb
      Size/MD5: 14828294 4b1543eb21a6a95bc55e9957e52db973
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-k8_2.6.8.1-16.8_amd64.deb
      Size/MD5: 14861218 3a72804e772899f91313d42732aec7dc
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-amd64-xeon_2.6.8.1-16.8_amd64.deb
      Size/MD5: 14684396 4f267f32b0718d4934e84b68363263a5

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-386_2.6.8.1-16.8_i386.deb
      Size/MD5:   276100 885167bfed03fc111dbf50fc242a175e
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686-smp_2.6.8.1-16.8_i386.deb
      Size/MD5:   270682 525c395bf145741ba8acbdf711759388
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-686_2.6.8.1-16.8_i386.deb
      Size/MD5:   273868 904cf784d687ee7f266a3c6fb7cfe84e
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7-smp_2.6.8.1-16.8_i386.deb
      Size/MD5:   270930 15611aa887ef00452f4b91081d0d146e
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-k7_2.6.8.1-16.8_i386.deb
      Size/MD5:   273912 4a2bbeed39e35ade837bf0c5252d18a8
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_i386.deb
      Size/MD5:  3218544 1728d522d94682e28c019ac52114e5ee
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-386_2.6.8.1-16.8_i386.deb
      Size/MD5: 15495620 07d960f58f7c62219f3bab8c84f5351d
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686-smp_2.6.8.1-16.8_i386.deb
      Size/MD5: 16344592 43736aeb35e58650a4dc669d24586c9e
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-686_2.6.8.1-16.8_i386.deb
      Size/MD5: 16510374 58e769a36c95b7e2fb02c346f8e1a023
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7-smp_2.6.8.1-16.8_i386.deb
      Size/MD5: 16446580 707ab31fed50380301987cdf908f32fc
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-k7_2.6.8.1-16.8_i386.deb
      Size/MD5: 16572122 130a1e3e0756f36baeb2abe1d4cc4d18

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   211976 28527f537245e89463b6d864f35f7618
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power3_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   212792 d4caa028ddd148a5cf626e24fd56e2b1
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   211770 1a679f9a8cb5ca1ac9ca09e94620b932
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-power4_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   212552 24bd43a4175096d6c6902c09d3f27ada
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   212468 cf64644599f48e6f79607f2ef2828a4f
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4-powerpc_2.6.8.1-16.8_powerpc.deb
      Size/MD5:   214188 e9e282b0a5bced4d7076be4c3579d2fc
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-headers-2.6.8.1-4_2.6.8.1-16.8_powerpc.deb
      Size/MD5:  3295930 2f1221af1c58f4022c4b1d2bd65969b0
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 16365444 43639f3be7e293022b35ee5c81ab5e56
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power3_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 15943014 29b418119238132d57cec31b664ded6f
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 16352068 14ba608517df8f646a0566d8ccf8d8d0
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-power4_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 15922188 e0e7bb9b81990390b0a10b98b9cb628d
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc-smp_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 16287446 1056d6e8e50c52acd204fa03ad0deb40
    
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/linux-image-2.6.8.1-4-powerpc_2.6.8.1-16.8_powerpc.deb
      Size/MD5: 15976232 857d8bfc1d5f658c319cba44b676ed7b

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to