Sicherheit: Mehrere Probleme in Linux

Lesezeichen hinzufügen

--===============8469723154727261958==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-jBgmnzdcVc1vB9oQ/P2t"

--=-jBgmnzdcVc1vB9oQ/P2t
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1240-1
October 25, 2011

linux-mvl-dove vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-mvl-dove: Linux kernel for DOVE

Details:

Ryan Sweat discovered that the kernel incorrectly handled certain VLAN
packets. On some systems, a remote attacker could send specially crafted
traffic to crash the system, leading to a denial of service.
(CVE-2011-1576)

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
correctly check the origin of mount points. A local attacker could exploit
this to trick the system into unmounting arbitrary mount points, leading to
a denial of service. (CVE-2011-1833)

Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)

Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2495)

Dan Rosenberg discovered that the Bluetooth stack incorrectly handled
certain L2CAP requests. If a system was using Bluetooth, a remote attacker
could send specially crafted traffic to crash the system or gain root
privileges. (CVE-2011-2497)

It was discovered that the EXT4 filesystem contained multiple off-by-one
flaws. A local attacker could exploit this to crash the system, leading to
a denial of service. (CVE-2011-2695)

Fernando Gont discovered that the IPv6 stack used predictable fragment
identification numbers. A remote attacker could exploit this to exhaust
network resources, leading to a denial of service. (CVE-2011-2699)

Christian Ohm discovered that the perf command looks for configuration
files in the current directory. If a privileged user were tricked into
running perf in a directory containing a malicious configuration file, an
attacker could run arbitrary commands and possibly gain privileges.
(CVE-2011-2905)

Time Warns discovered that long symlinks were incorrectly handled on Be
filesystems. A local attacker could exploit this with a malformed Be
filesystem and crash the system, leading to a denial of service.
(CVE-2011-2928)

Dan Kaminsky discovered that the kernel incorrectly handled random sequence
number generation. An attacker could use this flaw to possibly predict
sequence numbers and inject packets. (CVE-2011-3188)

Darren Lavender discovered that the CIFS client incorrectly handled certain
large values. A remote attacker with a malicious server could exploit this
to crash the system or possibly execute arbitrary code as the root user.
(CVE-2011-3191)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-219-dove 2.6.32-219.37

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1240-1
CVE-2011-1576, CVE-2011-1833, CVE-2011-2494, CVE-2011-2495,
CVE-2011-2497, CVE-2011-2695, CVE-2011-2699, CVE-2011-2905,
CVE-2011-2928, CVE-2011-3188, CVE-2011-3191

Package Information:
https://launchpad.net/ubuntu/+source/linux-mvl-dove/2.6.32-219.37

--ÓBgmnzdcVc1vB9oQ/P2t
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJOps+LAAoJEGVp2FWnRL6T/YkP/1LKj6AcHeTU8jGxasujLgjA
VL5w2MFrY7AFJMNnap9xznOvV1pYCAP2xjO1N8WA1DvDXq3VtERrQ/6oVYaFTw0I
D8rYRpmm8dIRwWSdijN3QyCT1uqlO+mzt+cEszvRs9rQ9xFbVV2J6xPUeyKhCsZV
PNvQzNiNOkvWHmgIfb9yTVeLAjDfh/aWUiq7044CSslPblDXFs98nBXin8O6FmP9
5xYZB2gzpAJVUURuXt4JhXTFvpzJRIGlpo+FYIXy9lxarb9AdTVR2PzQ8v2pL8fJ
OmpHVeAqRhma7aaWWpP6zIuZFjpew+7wXGWh+c1sGSOXiESh1lf3bbpX5ib071xb
PW3xBbroJwQguxwtRdj5ziPhsvSVpJViqUMhHPI1laYclXGCiRTWvDzHtAIkpI+d
YVXY4dj1BzJqyh3hB112kMMi1fPXFoTu04Tk+0DDpUh4Mt+8ssIRMAle6i6D8Z27
PoqmRrKu2iyPg+cIoiiqmJ6gafiCJ11mXU6I/qka+99/S18RgqvMrre59nR4P0IL
mQAs8Vs4ziCKY2fsyFr1ISkeGn2OAkb4gSQPNAo2bJeQyJO8Xi0lvm9bQbIeQxsJ
q/pqCh2glH0yjcoYC2MO4Px3NxN3FsQPDd4gklg+6fksaqoN6sgXyQB1sk3HSfLD
DdSla0wubJX/f9xMCWPS
=IjUc
-----END PGP SIGNATURE-----

--=-jBgmnzdcVc1vB9oQ/P2t--

--===============8469723154727261958==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8469723154727261958==--