Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

linux-source-2.6.15⁄22, linux vulnerabilities

Related Vulnerabilities: CVE-2008-5079   CVE-2008-5134   CVE-2008-5182   CVE-2008-5300   CVE-2008-5700   CVE-2008-5702   CVE-2008-5713  

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)

It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)

Source

29 January 2009

linux-source-2.6.1522, linux vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 8.04 LTS
  • Ubuntu 7.10
  • Ubuntu 6.06 LTS

Software Description

  • linux
  • linux-source-2.6.22
  • linux-source-2.6.15

Details

Hugo Dias discovered that the ATM subsystem did not correctly manage socket counts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5079)

It was discovered that the libertas wireless driver did not correctly handle beacon and probe responses. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5134)

It was discovered that the inotify subsystem contained watch removal race conditions. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-5182)

Dann Frazier discovered that in certain situations sendmsg did not correctly release allocated memory. A local attacker could exploit this to force the system to run out of free memory, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2008-5300)

It was discovered that the ATA subsystem did not correctly set timeouts. A local attacker could exploit this to cause a system hang, leading to a denial of service. (CVE-2008-5700)

It was discovered that the ib700 watchdog timer did not correctly check buffer sizes. A local attacker could send a specially crafted ioctl to the device to cause a system crash, leading to a denial of service. (CVE-2008-5702)

It was discovered that in certain situations the network scheduler did not correctly handle very large levels of traffic. A local attacker could produce a high volume of UDP traffic resulting in a system hang, leading to a denial of service. Ubuntu 8.04 was not affected. (CVE-2008-5713)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04 LTS
linux-image-2.6.24-23-386 - 2.6.24-23.48
linux-image-2.6.24-23-generic - 2.6.24-23.48
linux-image-2.6.24-23-hppa32 - 2.6.24-23.48
linux-image-2.6.24-23-hppa64 - 2.6.24-23.48
linux-image-2.6.24-23-itanium - 2.6.24-23.48
linux-image-2.6.24-23-lpia - 2.6.24-23.48
linux-image-2.6.24-23-lpiacompat - 2.6.24-23.48
linux-image-2.6.24-23-mckinley - 2.6.24-23.48
linux-image-2.6.24-23-openvz - 2.6.24-23.48
linux-image-2.6.24-23-powerpc - 2.6.24-23.48
linux-image-2.6.24-23-powerpc-smp - 2.6.24-23.48
linux-image-2.6.24-23-powerpc64-smp - 2.6.24-23.48
linux-image-2.6.24-23-rt - 2.6.24-23.48
linux-image-2.6.24-23-server - 2.6.24-23.48
linux-image-2.6.24-23-sparc64 - 2.6.24-23.48
linux-image-2.6.24-23-sparc64-smp - 2.6.24-23.48
linux-image-2.6.24-23-virtual - 2.6.24-23.48
linux-image-2.6.24-23-xen - 2.6.24-23.48
Ubuntu 7.10
linux-image-2.6.22-16-386 - 2.6.22-16.61
linux-image-2.6.22-16-cell - 2.6.22-16.61
linux-image-2.6.22-16-generic - 2.6.22-16.61
linux-image-2.6.22-16-hppa32 - 2.6.22-16.61
linux-image-2.6.22-16-hppa64 - 2.6.22-16.61
linux-image-2.6.22-16-itanium - 2.6.22-16.61
linux-image-2.6.22-16-lpia - 2.6.22-16.61
linux-image-2.6.22-16-lpiacompat - 2.6.22-16.61
linux-image-2.6.22-16-mckinley - 2.6.22-16.61
linux-image-2.6.22-16-powerpc - 2.6.22-16.61
linux-image-2.6.22-16-powerpc-smp - 2.6.22-16.61
linux-image-2.6.22-16-powerpc64-smp - 2.6.22-16.61
linux-image-2.6.22-16-rt - 2.6.22-16.61
linux-image-2.6.22-16-server - 2.6.22-16.61
linux-image-2.6.22-16-sparc64 - 2.6.22-16.61
linux-image-2.6.22-16-sparc64-smp - 2.6.22-16.61
linux-image-2.6.22-16-ume - 2.6.22-16.61
linux-image-2.6.22-16-virtual - 2.6.22-16.61
linux-image-2.6.22-16-xen - 2.6.22-16.61
Ubuntu 6.06 LTS
linux-image-2.6.15-53-386 - 2.6.15-53.75
linux-image-2.6.15-53-686 - 2.6.15-53.75
linux-image-2.6.15-53-amd64-generic - 2.6.15-53.75
linux-image-2.6.15-53-amd64-k8 - 2.6.15-53.75
linux-image-2.6.15-53-amd64-server - 2.6.15-53.75
linux-image-2.6.15-53-amd64-xeon - 2.6.15-53.75
linux-image-2.6.15-53-hppa32 - 2.6.15-53.75
linux-image-2.6.15-53-hppa32-smp - 2.6.15-53.75
linux-image-2.6.15-53-hppa64 - 2.6.15-53.75
linux-image-2.6.15-53-hppa64-smp - 2.6.15-53.75
linux-image-2.6.15-53-itanium - 2.6.15-53.75
linux-image-2.6.15-53-itanium-smp - 2.6.15-53.75
linux-image-2.6.15-53-k7 - 2.6.15-53.75
linux-image-2.6.15-53-mckinley - 2.6.15-53.75
linux-image-2.6.15-53-mckinley-smp - 2.6.15-53.75
linux-image-2.6.15-53-powerpc - 2.6.15-53.75
linux-image-2.6.15-53-powerpc-smp - 2.6.15-53.75
linux-image-2.6.15-53-powerpc64-smp - 2.6.15-53.75
linux-image-2.6.15-53-server - 2.6.15-53.75
linux-image-2.6.15-53-server-bigiron - 2.6.15-53.75
linux-image-2.6.15-53-sparc64 - 2.6.15-53.75
linux-image-2.6.15-53-sparc64-smp - 2.6.15-53.75

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started