The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs


<< Previous INDEX Search src / Print Next >>
To: [email protected]
Subject: [ MDKSA-2007:012 ] - Updated kernel packages fix multiple vulnerabilities and bugs
Date: Fri, 12 Jan 2007 12:57:09 -0700
From: [email protected]
Reply-To: <xsecurity@mandriva.com.>
Message-Id: <E1H5SWT-0006VX-6e@artemis.annvix.ca.>
Sender: QA Team <qateam@artemis.annvix.ca.>
X-Virus-Scanned: antivirus-gw at tyumen.ru


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:012
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : January 12, 2007
 Affected: 2006.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Some vulnerabilities were discovered and corrected in the Linux 2.6
 kernel:

 The __block_prepate_write function in the 2.6 kernel before 2.6.13 does
 not properly clear buffers during certain error conditions, which
 allows users to read portions of files that have been unlinked
 (CVE-2006-4813).

 The clip_mkip function of the ATM subsystem in the 2.6 kernel allows
 remote attackers to dause a DoS (panic) via unknown vectors that cause
 the ATM subsystem to access the memory of socket buffers after they are
 freed (CVE-2006-4997).

 The NFS lockd in the 2.6 kernel before 2.6.16 allows remote attackers
 to cause a DoS (process crash) and deny access to NFS exports via
 unspecified vectors that trigger a kernel oops and a deadlock
 (CVE-2006-5158).

 The seqfile handling in the 2.6 kernel up to 2.6.18 allows local users
 to cause a DoS (hang or oops) via unspecified manipulations that
 trigger an infinite loop while searching for flowlabels
 (CVE-2006-5619).

 A missing call to init_timer() in the isdn_ppp code of the Linux kernel
 can allow remote attackers to send a special kind of PPP pakcet which
 may trigger a kernel oops (CVE-2006-5749).

 An integer overflow in the 2.6 kernel prior to 2.6.18.4 could allow a
 local user to execute arbitrary code via a large maxnum value in an
 ioctl request (CVE-2006-5751).

 A race condition in the ISO9660 filesystem handling could allow a local
 user to cause a DoS (infinite loop) by mounting a crafted ISO9660
 filesystem containing malformed data structures (CVE-2006-5757).

 A vulnerability in the bluetooth support could allow for overwriting
 internal CMTP and CAPI data structures via malformed packets
 (CVE-2006-6106).

 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.

 In addition to these security fixes, other fixes have been included
 such as:

 - __bread oops fix


 - added e1000_ng (nineveh support)


 - added sata_svw (Broadcom SATA support)


 - added Marvell PATA chipset support


 - disabled mmconf on some broken hardware/BIOSes


 - use GENERICARCH and enable bigsmp apic model for tulsa machines


 To update your kernel, please follow the directions located at:

 http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4813
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4997
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5158
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5619
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5749
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5751
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5757
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6106
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 216001d652fabd832ececf7cf9c95c06  2006.0/i586/kernel-2.6.12.29mdk-1-1mdk.i586.rpm
 cdbd68f744d8d3ee6f0a0ed06b026009  2006.0/i586/kernel-BOOT-2.6.12.29mdk-1-1mdk.i586.rpm
 7d2a30c05269de7665eeb4e7cf70c331  2006.0/i586/kernel-doc-2.6.12.29mdk-1-1mdk.i586.rpm
 bcc0dbbdb3fab97b48ba7e8f8222726d  2006.0/i586/kernel-i586-up-1GB-2.6.12.29mdk-1-1mdk.i586.rpm
 4e5f28170ff06990ebd5161628768788  2006.0/i586/kernel-i686-up-4GB-2.6.12.29mdk-1-1mdk.i586.rpm
 e2b082f507336f699b15a7b9ac6ab690  2006.0/i586/kernel-smp-2.6.12.29mdk-1-1mdk.i586.rpm
 5340dc709650361a7e00aa348650dffb  2006.0/i586/kernel-source-2.6.12.29mdk-1-1mdk.i586.rpm
 2816a03b52913c6e49cb0624b16818e4  2006.0/i586/kernel-source-stripped-2.6.12.29mdk-1-1mdk.i586.rpm
 280c941e5a443928475e7a2bdb6dafc2  2006.0/i586/kernel-xbox-2.6.12.29mdk-1-1mdk.i586.rpm
 d8dac00da6f9404192d080f9afa121ec  2006.0/i586/kernel-xen0-2.6.12.29mdk-1-1mdk.i586.rpm
 9f82a34d60c3eee2b3346f5613de8118  2006.0/i586/kernel-xenU-2.6.12.29mdk-1-1mdk.i586.rpm 
 428e0b597e1aeeb045a809b610678276  2006.0/SRPMS/kernel-2.6.12.29mdk-1-1mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 f7f2e8ee35b0110a43c9d1efab28c64f  2006.0/x86_64/kernel-2.6.12.29mdk-1-1mdk.x86_64.rpm
 8b7b2786b0b41ddc8184e89cbc19040b  2006.0/x86_64/kernel-BOOT-2.6.12.29mdk-1-1mdk.x86_64.rpm
 2be165973d0f5aae26a0c1648858bd1b  2006.0/x86_64/kernel-doc-2.6.12.29mdk-1-1mdk.x86_64.rpm
 bf7e5235f52befa60c7593f8d3a586ea  2006.0/x86_64/kernel-smp-2.6.12.29mdk-1-1mdk.x86_64.rpm
 2578c75a975945e0dd4b6d851f847c6a  2006.0/x86_64/kernel-source-2.6.12.29mdk-1-1mdk.x86_64.rpm
 40bcc0d30d9966a6ee6d25bf2ae16956  2006.0/x86_64/kernel-source-stripped-2.6.12.29mdk-1-1mdk.x86_64.rpm
 1692695d617d9d7bd6449e5ac2008b67  2006.0/x86_64/kernel-xen0-2.6.12.29mdk-1-1mdk.x86_64.rpm
 ed3afd03e76be23d0cda2e7f9e181993  2006.0/x86_64/kernel-xenU-2.6.12.29mdk-1-1mdk.x86_64.rpm 
 428e0b597e1aeeb045a809b610678276  2006.0/SRPMS/kernel-2.6.12.29mdk-1-1mdk.src.rpm

 Corporate 4.0:
 216001d652fabd832ececf7cf9c95c06  corporate/4.0/i586/kernel-2.6.12.29mdk-1-1mdk.i586.rpm
 cdbd68f744d8d3ee6f0a0ed06b026009  corporate/4.0/i586/kernel-BOOT-2.6.12.29mdk-1-1mdk.i586.rpm
 7d2a30c05269de7665eeb4e7cf70c331  corporate/4.0/i586/kernel-doc-2.6.12.29mdk-1-1mdk.i586.rpm
 bcc0dbbdb3fab97b48ba7e8f8222726d  corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.29mdk-1-1mdk.i586.rpm
 4e5f28170ff06990ebd5161628768788  corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.29mdk-1-1mdk.i586.rpm
 e2b082f507336f699b15a7b9ac6ab690  corporate/4.0/i586/kernel-smp-2.6.12.29mdk-1-1mdk.i586.rpm
 5340dc709650361a7e00aa348650dffb  corporate/4.0/i586/kernel-source-2.6.12.29mdk-1-1mdk.i586.rpm
 2816a03b52913c6e49cb0624b16818e4  corporate/4.0/i586/kernel-source-stripped-2.6.12.29mdk-1-1mdk.i586.rpm
 280c941e5a443928475e7a2bdb6dafc2  corporate/4.0/i586/kernel-xbox-2.6.12.29mdk-1-1mdk.i586.rpm
 d8dac00da6f9404192d080f9afa121ec  corporate/4.0/i586/kernel-xen0-2.6.12.29mdk-1-1mdk.i586.rpm
 9f82a34d60c3eee2b3346f5613de8118  corporate/4.0/i586/kernel-xenU-2.6.12.29mdk-1-1mdk.i586.rpm 
 428e0b597e1aeeb045a809b610678276  corporate/4.0/SRPMS/kernel-2.6.12.29mdk-1-1mdk.src.rpm

 Corporate 4.0/X86_64:
 f7f2e8ee35b0110a43c9d1efab28c64f  corporate/4.0/x86_64/kernel-2.6.12.29mdk-1-1mdk.x86_64.rpm
 8b7b2786b0b41ddc8184e89cbc19040b  corporate/4.0/x86_64/kernel-BOOT-2.6.12.29mdk-1-1mdk.x86_64.rpm
 2be165973d0f5aae26a0c1648858bd1b  corporate/4.0/x86_64/kernel-doc-2.6.12.29mdk-1-1mdk.x86_64.rpm
 bf7e5235f52befa60c7593f8d3a586ea  corporate/4.0/x86_64/kernel-smp-2.6.12.29mdk-1-1mdk.x86_64.rpm
 2578c75a975945e0dd4b6d851f847c6a  corporate/4.0/x86_64/kernel-source-2.6.12.29mdk-1-1mdk.x86_64.rpm
 40bcc0d30d9966a6ee6d25bf2ae16956  corporate/4.0/x86_64/kernel-source-stripped-2.6.12.29mdk-1-1mdk.x86_64.rpm
 1692695d617d9d7bd6449e5ac2008b67  corporate/4.0/x86_64/kernel-xen0-2.6.12.29mdk-1-1mdk.x86_64.rpm
 ed3afd03e76be23d0cda2e7f9e181993  corporate/4.0/x86_64/kernel-xenU-2.6.12.29mdk-1-1mdk.x86_64.rpm 
 428e0b597e1aeeb045a809b610678276  corporate/4.0/SRPMS/kernel-2.6.12.29mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFp7yYmqjQ0CJFipgRAraMAKDht2apZ9EaWGk0h4a0xXmkdS7A0ACgw+l2
GMbeA7P03YWvktIcJSi2X4s=
=zEBo
-----END PGP SIGNATURE-----



<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру