Related Vulnerabilities: CVE-2004-2660 CVE-2005-4798 CVE-2006-1052 CVE-2006-1343 CVE-2006-1528 CVE-2006-1855 CVE-2006-1856 CVE-2006-2444 CVE-2006-2446 CVE-2006-2935 CVE-2006-2936 CVE-2006-3468 CVE-2006-3745 CVE-2006-4093 CVE-2006-4145 CVE-2006-4535

This advisory covers the S/390 components of the recent security update for the Linux 2.6.8 kernel that were missing due to technical problems. For reference, please see the text of the original advisory. Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-2660 Toshihiro Iwamoto discovered a memory leak in the handling of direct I/O writes that allows local users to cause a denial of service. CVE-2005-4798 A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service. CVE-2006-1052 Stephen Smalley discovered a bug in the SELinux ptrace handling that allows local users with ptrace permissions to change the tracer SID to the SID of another process. CVE-2006-1343 Pavel Kankovsky discovered an information leak in the getsockopt system call which can be exploited by a local program to leak potentially sensitive memory to userspace. CVE-2006-1528 Douglas Gilbert reported a bug in the sg driver that allows local users to cause a denial of service by performing direct I/O transfers from the sg driver to memory mapped I/O space. CVE-2006-1855 Mattia Belletti noticed that certain debugging code left in the process management code could be exploited by a local attacker to cause a denial of service. CVE-2006-1856 Kostik Belousov discovered a missing LSM file_permission check in the readv and writev functions which might allow attackers to bypass intended access restrictions. CVE-2006-2444 Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service. CVE-2006-2446 A race condition in the socket buffer handling allows remote attackers to cause a denial of service. CVE-2006-2935 Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code. CVE-2006-2936 A bug in the serial USB driver has been discovered that could be exploited by a custom made USB serial adapter to consume arbitrary amounts of memory. CVE-2006-3468 James McKenzie discovered a denial of service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. CVE-2006-3745 Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges. CVE-2006-4093 Olof Johansson discovered that the kernel does not disable the HID0 bit on PowerPC 970 processors which could be exploited by a local attacker to cause a denial of service. CVE-2006-4145 A bug in the Universal Disk Format (UDF) filesystem driver could be exploited by a local user to cause a denial of service. CVE-2006-4535 David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value. The following matrix explains which kernel version for which architecture fixes the problem mentioned above: stable (sarge) Source 2.6.8-16sarge5 Alpha architecture 2.6.8-16sarge5 AMD64 architecture 2.6.8-16sarge5 HP Precision architecture 2.6.8-6sarge5 Intel IA-32 architecture 2.6.8-16sarge5 Intel IA-64 architecture 2.6.8-14sarge5 Motorola 680x0 architecture 2.6.8-4sarge5 PowerPC architecture 2.6.8-12sarge5 IBM S/390 2.6.8-5sarge5 Sun Sparc architecture 2.6.8-15sarge5 FAI 1.9.1sarge4 For the unstable distribution (sid) these problems have been fixed in version 2.6.18-1. We recommend that you upgrade your kernel package and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

Source

Debian Security Advisory

DSA-1184-2 kernel-source-2.6.8 -- several vulnerabilities

Date Reported:

25 Sep 2006

Affected Packages:

kernel-source-2.6.8

Vulnerable:

Yes

Security database references:

In the Bugtraq database (at SecurityFocus): BugTraq ID 17203, BugTraq ID 17830, BugTraq ID 18081, BugTraq ID 18099, BugTraq ID 18101, BugTraq ID 18105, BugTraq ID 18847, BugTraq ID 19033, BugTraq ID 19396, BugTraq ID 19562, BugTraq ID 19615, BugTraq ID 19666, BugTraq ID 20087.
In Mitre's CVE dictionary: CVE-2004-2660, CVE-2005-4798, CVE-2006-1052, CVE-2006-1343, CVE-2006-1528, CVE-2006-1855, CVE-2006-1856, CVE-2006-2444, CVE-2006-2446, CVE-2006-2935, CVE-2006-2936, CVE-2006-3468, CVE-2006-3745, CVE-2006-4093, CVE-2006-4145, CVE-2006-4535.
CERT's vulnerabilities, advisories and incident notes: VU#681569.

More information:

Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2004-2660
Toshihiro Iwamoto discovered a memory leak in the handling of direct I/O writes that allows local users to cause a denial of service.

CVE-2005-4798
A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service.

CVE-2006-1052
Stephen Smalley discovered a bug in the SELinux ptrace handling that allows local users with ptrace permissions to change the tracer SID to the SID of another process.

CVE-2006-1343
Pavel Kankovsky discovered an information leak in the getsockopt system call which can be exploited by a local program to leak potentially sensitive memory to userspace.

CVE-2006-1528
Douglas Gilbert reported a bug in the sg driver that allows local users to cause a denial of service by performing direct I/O transfers from the sg driver to memory mapped I/O space.

CVE-2006-1855
Mattia Belletti noticed that certain debugging code left in the process management code could be exploited by a local attacker to cause a denial of service.

CVE-2006-1856
Kostik Belousov discovered a missing LSM file_permission check in the readv and writev functions which might allow attackers to bypass intended access restrictions.

CVE-2006-2444
Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service.

CVE-2006-2446
A race condition in the socket buffer handling allows remote attackers to cause a denial of service.

CVE-2006-2935
Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code.

CVE-2006-2936
A bug in the serial USB driver has been discovered that could be exploited by a custom made USB serial adapter to consume arbitrary amounts of memory.

CVE-2006-3468
James McKenzie discovered a denial of service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet.

CVE-2006-3745
Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges.

CVE-2006-4093
Olof Johansson discovered that the kernel does not disable the HID0 bit on PowerPC 970 processors which could be exploited by a local attacker to cause a denial of service.

CVE-2006-4145
A bug in the Universal Disk Format (UDF) filesystem driver could be exploited by a local user to cause a denial of service.

CVE-2006-4535
David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value.

The following matrix explains which kernel version for which architecture fixes the problem mentioned above:

	stable (sarge)
Source	2.6.8-16sarge5
Alpha architecture	2.6.8-16sarge5
AMD64 architecture	2.6.8-16sarge5
HP Precision architecture	2.6.8-6sarge5
Intel IA-32 architecture	2.6.8-16sarge5
Intel IA-64 architecture	2.6.8-14sarge5
Motorola 680x0 architecture	2.6.8-4sarge5
PowerPC architecture	2.6.8-12sarge5
IBM S/390	2.6.8-5sarge5
Sun Sparc architecture	2.6.8-15sarge5
FAI	1.9.1sarge4

For the unstable distribution (sid) these problems have been fixed in version 2.6.18-1.

We recommend that you upgrade your kernel package and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

Fixed in:

Debian GNU/Linux 3.1 (sarge)

Source:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge5.tar.gz; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5.dsc; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5.diff.gz; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz; http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge4.dsc; http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge4.tar.gz
Architecture-independent component:: http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge5_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge5_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge5_all.deb; http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge5_all.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge5_all.deb
Alpha:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2_2.6.8-16sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3_2.6.8-16sarge5_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge5_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge5_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge5_alpha.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge5_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_amd64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_amd64.deb
HPPA:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-32_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-64_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-32_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-32-smp_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-64_2.6.8-6sarge5_hppa.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-64-smp_2.6.8-6sarge5_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-generic_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-amd64-k8-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-11-em64t-p4-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-386_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-386_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-386_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge5_i386.deb; http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge4_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge5_m68k.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge5_m68k.deb
PowerPC:: http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-3_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge5_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb; http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-3_2.6.8-5sarge5_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390_2.6.8-5sarge5_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge5_s390.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390x_2.6.8-5sarge5_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-2_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-3_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge5_sparc.deb; http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge5_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

MD5 checksums of the listed files are available in the revised advisory.

DSA-1184-2 kernel-source-2.6.8 -- several vulnerabilities

Debian Security Advisory

DSA-1184-2 kernel-source-2.6.8 -- several vulnerabilities

Debian GNU/Linux 3.1 (sarge)

Vulmon Search

About

Products

Connect