Related Vulnerabilities: CVE-2004-0887 CVE-2004-1058 CVE-2004-2607 CVE-2005-0449 CVE-2005-1761 CVE-2005-2457 CVE-2005-2555 CVE-2005-2709 CVE-2005-2973 CVE-2005-3257 CVE-2005-3783 CVE-2005-3806 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4618

The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description: Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-0887 Martin Schwidefsky discovered that the privileged instruction SACF (Set Address Space Control Fast) on the S/390 platform is not handled properly, allowing for a local user to gain root privileges. CVE-2004-1058 A race condition allows for a local user to read the environment variables of another process that is still spawning through /proc/.../cmdline. CVE-2004-2607 A numeric casting discrepancy in sdla_xfer allows local users to read portions of kernel memory via a large len argument which is received as an int but cast to a short, preventing read loop from filling a buffer. CVE-2005-0449 An error in the skb_checksum_help() function from the netfilter framework has been discovered that allows the bypass of packet filter rules or a denial of service attack. CVE-2005-1761 A vulnerability in the ptrace subsystem of the IA-64 architecture can allow local attackers to overwrite kernel memory and crash the kernel. CVE-2005-2457 Tim Yamin discovered that insufficient input validation in the compressed ISO file system (zisofs) allows a denial of service attack through maliciously crafted ISO images. CVE-2005-2555 Herbert Xu discovered that the setsockopt() function was not restricted to users/processes with the CAP_NET_ADMIN capability. This allows attackers to manipulate IPSEC policies or initiate a denial of service attack. CVE-2005-2709 Al Viro discovered a race condition in the /proc handling of network devices. A (local) attacker could exploit the stale reference after interface shutdown to cause a denial of service or possibly execute code in kernel mode. CVE-2005-2973 Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code can be forced into an endless loop, which allows a denial of service attack. CVE-2005-3257 Rudolf Polzer discovered that the kernel improperly restricts access to the KDSKBSENT ioctl, which can possibly lead to privilege escalation. CVE-2005-3783 The ptrace code using CLONE_THREAD didn't use the thread group ID to determine whether the caller is attaching to itself, which allows a denial of service attack. CVE-2005-3806 Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable, which could lead to memory corruption and denial of service. CVE-2005-3848 Ollie Wild discovered a memory leak in the icmp_push_reply() function, which allows denial of service through memory consumption. CVE-2005-3857 Chris Wright discovered that excessive allocation of broken file lock leases in the VFS layer can exhaust memory and fill up the system logging, which allows denial of service. CVE-2005-3858 Patrick McHardy discovered a memory leak in the ip6_input_finish() function from the IPv6 code, which allows denial of service. CVE-2005-4618 Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which allows a denial of service attack. The following matrix explains which kernel version for which architecture fix the problems mentioned above: Debian 3.1 (sarge) Source 2.4.27-10sarge2 Alpha architecture 2.4.27-10sarge2 ARM architecture 2.4.27-2sarge2 Intel IA-32 architecture 2.4.27-10sarge2 Intel IA-64 architecture 2.4.27-10sarge2 Motorola 680x0 architecture 2.4.27-3sarge2 Big endian MIPS architecture 2.4.27-10.sarge1.040815-2 Little endian MIPS architecture2.4.27-10.sarge1.040815-2 PowerPC architecture 2.4.27-10sarge2 IBM S/390 architecture 2.4.27-2sarge2 Sun Sparc architecture 2.4.27-9sarge2 The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update: Debian 3.1 (sarge) kernel-latest-2.4-alpha 101sarge1 kernel-latest-2.4-i386 101sarge1 kernel-latest-2.4-s390 2.4.27-1sarge1 kernel-latest-2.4-sparc 42sarge1 kernel-latest-powerpc 102sarge1 fai-kernels 1.9.1sarge1 i2c 1:2.9.1-1sarge1 kernel-image-speakup-i386 2.4.27-1.1sasrge1 lm-sensors 1:2.9.1-1sarge3 mindi-kernel 2.4.27-2sarge1 pcmcia-modules-2.4.27-i3863.2.5+2sarge1 systemimager 3.2.3-6sarge1 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. This update introduces a change in the kernel's binary interface, the affected kernel packages inside Debian have been rebuilt, if you're running local addons you'll need to rebuild these as well.

Source

Debian Security Advisory

DSA-1018-2 kernel-source-2.4.27 -- several vulnerabilities

Date Reported:

24 Mar 2006

Affected Packages:

kernel-source-2.4.27

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2004-0887, CVE-2004-1058, CVE-2004-2607, CVE-2005-0449, CVE-2005-1761, CVE-2005-2457, CVE-2005-2555, CVE-2005-2709, CVE-2005-2973, CVE-2005-3257, CVE-2005-3783, CVE-2005-3806, CVE-2005-3848, CVE-2005-3857, CVE-2005-3858, CVE-2005-4618.

More information:

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2004-0887
Martin Schwidefsky discovered that the privileged instruction SACF (Set Address Space Control Fast) on the S/390 platform is not handled properly, allowing for a local user to gain root privileges.

CVE-2004-1058
A race condition allows for a local user to read the environment variables of another process that is still spawning through /proc/.../cmdline.

CVE-2004-2607
A numeric casting discrepancy in sdla_xfer allows local users to read portions of kernel memory via a large len argument which is received as an int but cast to a short, preventing read loop from filling a buffer.

CVE-2005-0449
An error in the skb_checksum_help() function from the netfilter framework has been discovered that allows the bypass of packet filter rules or a denial of service attack.

CVE-2005-1761
A vulnerability in the ptrace subsystem of the IA-64 architecture can allow local attackers to overwrite kernel memory and crash the kernel.

CVE-2005-2457
Tim Yamin discovered that insufficient input validation in the compressed ISO file system (zisofs) allows a denial of service attack through maliciously crafted ISO images.

CVE-2005-2555
Herbert Xu discovered that the setsockopt() function was not restricted to users/processes with the CAP_NET_ADMIN capability. This allows attackers to manipulate IPSEC policies or initiate a denial of service attack.

CVE-2005-2709
Al Viro discovered a race condition in the /proc handling of network devices. A (local) attacker could exploit the stale reference after interface shutdown to cause a denial of service or possibly execute code in kernel mode.

CVE-2005-2973
Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code can be forced into an endless loop, which allows a denial of service attack.

CVE-2005-3257
Rudolf Polzer discovered that the kernel improperly restricts access to the KDSKBSENT ioctl, which can possibly lead to privilege escalation.

CVE-2005-3783
The ptrace code using CLONE_THREAD didn't use the thread group ID to determine whether the caller is attaching to itself, which allows a denial of service attack.

CVE-2005-3806
Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable, which could lead to memory corruption and denial of service.

CVE-2005-3848
Ollie Wild discovered a memory leak in the icmp_push_reply() function, which allows denial of service through memory consumption.

CVE-2005-3857
Chris Wright discovered that excessive allocation of broken file lock leases in the VFS layer can exhaust memory and fill up the system logging, which allows denial of service.

CVE-2005-3858
Patrick McHardy discovered a memory leak in the ip6_input_finish() function from the IPv6 code, which allows denial of service.

CVE-2005-4618
Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which allows a denial of service attack.

The following matrix explains which kernel version for which architecture fix the problems mentioned above:

	Debian 3.1 (sarge)
Source	2.4.27-10sarge2
Alpha architecture	2.4.27-10sarge2
ARM architecture	2.4.27-2sarge2
Intel IA-32 architecture	2.4.27-10sarge2
Intel IA-64 architecture	2.4.27-10sarge2
Motorola 680x0 architecture	2.4.27-3sarge2
Big endian MIPS architecture	2.4.27-10.sarge1.040815-2
Little endian MIPS architecture	2.4.27-10.sarge1.040815-2
PowerPC architecture	2.4.27-10sarge2
IBM S/390 architecture	2.4.27-2sarge2
Sun Sparc architecture	2.4.27-9sarge2

The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update:

	Debian 3.1 (sarge)
kernel-latest-2.4-alpha	101sarge1
kernel-latest-2.4-i386	101sarge1
kernel-latest-2.4-s390	2.4.27-1sarge1
kernel-latest-2.4-sparc	42sarge1
kernel-latest-powerpc	102sarge1
fai-kernels	1.9.1sarge1
i2c	1:2.9.1-1sarge1
kernel-image-speakup-i386	2.4.27-1.1sasrge1
lm-sensors	1:2.9.1-1sarge3
mindi-kernel	2.4.27-2sarge1
pcmcia-modules-2.4.27-i386	3.2.5+2sarge1
systemimager	3.2.3-6sarge1

We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

This update introduces a change in the kernel's binary interface, the affected kernel packages inside Debian have been rebuilt, if you're running local addons you'll need to rebuild these as well.

Fixed in:

Debian GNU/Linux 3.1 (sarge)

Source:: http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2.diff.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge1.dsc; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3.dsc; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge2.dsc; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3.diff.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge2.tar.gz; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge2.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge2.dsc; http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge2.dsc; http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2.dsc; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge2.dsc; http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge1.tar.gz; http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1.diff.gz; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge2.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge2.dsc; http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge2.tar.gz; http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1.dsc; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1.orig.tar.gz; http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge2.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge2.dsc; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.dsc; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge2.040815-1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge1.dsc; http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1.orig.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge1.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge2.040815-1.dsc; http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge1.diff.gz
Architecture-independent component:: http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge2_all.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-source_2.9.1-1sarge3_all.deb; http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge1_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-source_2.9.1-1sarge1_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge2_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge2_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/i/i2c/kernel-patch-2.4-i2c_2.9.1-1sarge1_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge1_all.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/kernel-patch-2.4-lm-sensors_2.9.1-1sarge3_all.deb
Alpha:: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-smp_101sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-generic_101sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-generic_101sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-3_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge2_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-smp_101sarge1_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge2_arm.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge2_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k6_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k6_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-386_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-586tsc_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686-smp_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-586tsc_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686-smp_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-386_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-586tsc_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-386_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-386_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-386_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k6_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-586tsc_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-586tsc_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-386_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686-smp_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7-smp_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k6_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-586tsc_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k6_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k6_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686-smp_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-3_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7-smp_2.9.1-1sarge3_i386.deb; http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7_2.9.1-1sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7_101sarge1_i386.deb; http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7-smp_3.2.5+2sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge2_i386.deb; http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge3_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-3_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge2_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge2_ia64.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge2_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge2_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge2.040815-1_mips.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge2.040815-1_mips.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge2.040815-1_mips.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge2.040815-1_mips.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge2.040815-1_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge2.040815-1_mipsel.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge2.040815-1_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge2_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390x_2.4.27-1sarge1_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390_2.4.27-1sarge1_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-3_2.4.27-2sarge2_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-headers-2.4-s390_2.4.27-1sarge1_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge2_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64-smp_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-3_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32-smp_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32-smp_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge2_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64-smp_42sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge2_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

MD5 checksums of the listed files are available in the revised advisory.

DSA-1018-2 kernel-source-2.4.27 -- several vulnerabilities

Debian Security Advisory

DSA-1018-2 kernel-source-2.4.27 -- several vulnerabilities

Debian GNU/Linux 3.1 (sarge)

Vulmon Search

About

Products

Connect