19 September 2006
linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.06 LTS
- Ubuntu 5.10
- Ubuntu 5.04
Software Description
Details
Sridhar Samudrala discovered a local Denial of Service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)
Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538)
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 6.06 LTS
- linux-image-2.6.15-27-386 - 2.6.15-27.48
- linux-image-2.6.15-27-686 - 2.6.15-27.48
- linux-image-2.6.15-27-amd64-generic - 2.6.15-27.48
- linux-image-2.6.15-27-amd64-k8 - 2.6.15-27.48
- linux-image-2.6.15-27-amd64-server - 2.6.15-27.48
- linux-image-2.6.15-27-amd64-xeon - 2.6.15-27.48
- linux-image-2.6.15-27-hppa32 - 2.6.15-27.48
- linux-image-2.6.15-27-hppa32-smp - 2.6.15-27.48
- linux-image-2.6.15-27-hppa64 - 2.6.15-27.48
- linux-image-2.6.15-27-hppa64-smp - 2.6.15-27.48
- linux-image-2.6.15-27-itanium - 2.6.15-27.48
- linux-image-2.6.15-27-itanium-smp - 2.6.15-27.48
- linux-image-2.6.15-27-k7 - 2.6.15-27.48
- linux-image-2.6.15-27-mckinley - 2.6.15-27.48
- linux-image-2.6.15-27-mckinley-smp - 2.6.15-27.48
- linux-image-2.6.15-27-powerpc - 2.6.15-27.48
- linux-image-2.6.15-27-powerpc-smp - 2.6.15-27.48
- linux-image-2.6.15-27-powerpc64-smp - 2.6.15-27.48
- linux-image-2.6.15-27-server - 2.6.15-27.48
- linux-image-2.6.15-27-server-bigiron - 2.6.15-27.48
- linux-image-2.6.15-27-sparc64 - 2.6.15-27.48
- linux-image-2.6.15-27-sparc64-smp - 2.6.15-27.48
- linux-source-2.6.15 - 2.6.15-27.48
- Ubuntu 5.10
- linux-image-2.6.12-10-386 - 2.6.12-10.40
- linux-image-2.6.12-10-686 - 2.6.12-10.40
- linux-image-2.6.12-10-686-smp - 2.6.12-10.40
- linux-image-2.6.12-10-amd64-generic - 2.6.12-10.40
- linux-image-2.6.12-10-amd64-k8 - 2.6.12-10.40
- linux-image-2.6.12-10-amd64-k8-smp - 2.6.12-10.40
- linux-image-2.6.12-10-amd64-xeon - 2.6.12-10.40
- linux-image-2.6.12-10-hppa32 - 2.6.12-10.40
- linux-image-2.6.12-10-hppa32-smp - 2.6.12-10.40
- linux-image-2.6.12-10-hppa64 - 2.6.12-10.40
- linux-image-2.6.12-10-hppa64-smp - 2.6.12-10.40
- linux-image-2.6.12-10-iseries-smp - 2.6.12-10.40
- linux-image-2.6.12-10-itanium - 2.6.12-10.40
- linux-image-2.6.12-10-itanium-smp - 2.6.12-10.40
- linux-image-2.6.12-10-k7 - 2.6.12-10.40
- linux-image-2.6.12-10-k7-smp - 2.6.12-10.40
- linux-image-2.6.12-10-mckinley - 2.6.12-10.40
- linux-image-2.6.12-10-mckinley-smp - 2.6.12-10.40
- linux-image-2.6.12-10-powerpc - 2.6.12-10.40
- linux-image-2.6.12-10-powerpc-smp - 2.6.12-10.40
- linux-image-2.6.12-10-powerpc64-smp - 2.6.12-10.40
- linux-image-2.6.12-10-sparc64 - 2.6.12-10.40
- linux-image-2.6.12-10-sparc64-smp - 2.6.12-10.40
- linux-patch-ubuntu-2.6.12 - 2.6.12-10.40
- Ubuntu 5.04
- linux-image-2.6.10-6-386 - 2.6.10-34.24
- linux-image-2.6.10-6-686 - 2.6.10-34.24
- linux-image-2.6.10-6-686-smp - 2.6.10-34.24
- linux-image-2.6.10-6-amd64-generic - 2.6.10-34.24
- linux-image-2.6.10-6-amd64-k8 - 2.6.10-34.24
- linux-image-2.6.10-6-amd64-k8-smp - 2.6.10-34.24
- linux-image-2.6.10-6-amd64-xeon - 2.6.10-34.24
- linux-image-2.6.10-6-hppa32 - 2.6.10-34.24
- linux-image-2.6.10-6-hppa32-smp - 2.6.10-34.24
- linux-image-2.6.10-6-hppa64 - 2.6.10-34.24
- linux-image-2.6.10-6-hppa64-smp - 2.6.10-34.24
- linux-image-2.6.10-6-itanium - 2.6.10-34.24
- linux-image-2.6.10-6-itanium-smp - 2.6.10-34.24
- linux-image-2.6.10-6-k7 - 2.6.10-34.24
- linux-image-2.6.10-6-k7-smp - 2.6.10-34.24
- linux-image-2.6.10-6-mckinley - 2.6.10-34.24
- linux-image-2.6.10-6-mckinley-smp - 2.6.10-34.24
- linux-image-2.6.10-6-power3 - 2.6.10-34.24
- linux-image-2.6.10-6-power3-smp - 2.6.10-34.24
- linux-image-2.6.10-6-power4 - 2.6.10-34.24
- linux-image-2.6.10-6-power4-smp - 2.6.10-34.24
- linux-image-2.6.10-6-powerpc - 2.6.10-34.24
- linux-image-2.6.10-6-powerpc-smp - 2.6.10-34.24
- linux-image-2.6.10-6-sparc64 - 2.6.10-34.24
- linux-image-2.6.10-6-sparc64-smp - 2.6.10-34.24
- linux-patch-ubuntu-2.6.10 - 2.6.10-34.24
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
ATTENTION: Due to an unavoidable ABI change the Ubuntu 6.06 kernel
update has been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might have
installed. If you use linux-restricted-modules, you have to update
that package as well to get modules which work with the new kernel
version. Unless you manually uninstalled the standard kernel
metapackages (linux-386, linux-powerpc, linux-amd64-generic), a
standard system upgrade will automatically perform this as well.
References