Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

linux, linux-{source-2.6.15,ec2,mvl-dove,ti-omap} vulnerabilities

Related Vulnerabilities: CVE-2008-7256   CVE-2010-1643   CVE-2010-1173   CVE-2010-1436   CVE-2010-1437   CVE-2010-1451   CVE-2010-1636   CVE-2010-1641   CVE-2010-2071   CVE-2010-2492  

Multiple security flaws.

Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. (Only Ubuntu 6.06 LTS and 8.04 LTS were affected.) (CVE-2008-7256, CVE-2010-1643)

Source

4 August 2010

linux, linux-{source-2.6.15,ec2,mvl-dove,ti-omap} vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 10.04 LTS
  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Summary

Multiple security flaws.

Software Description

  • linux - Linux kernel
  • linux-ec2 - Linux kernel for EC2
  • linux-mvl-dove - Linux kernel for MVL Dove
  • linux-ti-omap - Linux kernel for TI Omap
  • linux-source-2.6.15 - Linux kernel

Details

Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. (Only Ubuntu 6.06 LTS and 8.04 LTS were affected.) (CVE-2008-7256, CVE-2010-1643)

Chris Guo, Jukka Taimisto, and Olli Jarva discovered that SCTP did not correctly handle invalid parameters. A remote attacker could send specially crafted traffic that could crash the system, leading to a denial of service. (CVE-2010-1173)

Mario Mikocevic discovered that GFS2 did not correctly handle certain quota structures. A local attacker could exploit this to crash the system, leading to a denial of service. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1436)

Toshiyuki Okajima discovered that the kernel keyring did not correctly handle dead keyrings. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-1437)

Brad Spengler discovered that Sparc did not correctly implement non-executable stacks. This made userspace applications vulnerable to exploits that would have been otherwise blocked due to non-executable memory protections. (Ubuntu 10.04 LTS was not affected.) (CVE-2010-1451)

Dan Rosenberg discovered that the btrfs clone function did not correctly validate permissions. A local attacker could exploit this to read sensitive information, leading to a loss of privacy. (Only Ubuntu 9.10 was affected.) (CVE-2010-1636)

Dan Rosenberg discovered that GFS2 set_flags function did not correctly validate permissions. A local attacker could exploit this to gain access to files, leading to a loss of privacy and potential privilege escalation. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-1641)

Shi Weihua discovered that btrfs xattr_set_acl function did not correctly validate permissions. A local attacker could exploit this to gain access to files, leading to a loss of privacy and potential privilege escalation. (Only Ubuntu 9.10 and 10.04 LTS were affected.) (CVE-2010-2071)

Andre Osterhues discovered that eCryptfs did not correctly calculate hash values. A local attacker with certain uids could exploit this to crash the system or potentially gain root privileges. (Ubuntu 6.06 LTS was not affected.) (CVE-2010-2492)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 10.04 LTS
linux-image-2.6.32-207-dove - 2.6.32-207.21
linux-image-2.6.32-24-386 - 2.6.32-24.39
linux-image-2.6.32-24-generic - 2.6.32-24.39
linux-image-2.6.32-24-generic-pae - 2.6.32-24.39
linux-image-2.6.32-24-ia64 - 2.6.32-24.39
linux-image-2.6.32-24-lpia - 2.6.32-24.39
linux-image-2.6.32-24-powerpc - 2.6.32-24.39
linux-image-2.6.32-24-powerpc-smp - 2.6.32-24.39
linux-image-2.6.32-24-powerpc64-smp - 2.6.32-24.39
linux-image-2.6.32-24-preempt - 2.6.32-24.39
linux-image-2.6.32-24-server - 2.6.32-24.39
linux-image-2.6.32-24-sparc64 - 2.6.32-24.39
linux-image-2.6.32-24-sparc64-smp - 2.6.32-24.39
linux-image-2.6.32-24-versatile - 2.6.32-24.39
linux-image-2.6.32-24-virtual - 2.6.32-24.39
linux-image-2.6.32-308-ec2 - 2.6.32-308.14
linux-image-2.6.33-502-omap - 2.6.33-502.9
Ubuntu 9.10
linux-image-2.6.31-214-dove - 2.6.31-214.29
linux-image-2.6.31-214-dove-z0 - 2.6.31-214.29
linux-image-2.6.31-22-386 - 2.6.31-22.61
linux-image-2.6.31-22-generic - 2.6.31-22.61
linux-image-2.6.31-22-generic-pae - 2.6.31-22.61
linux-image-2.6.31-22-ia64 - 2.6.31-22.61
linux-image-2.6.31-22-lpia - 2.6.31-22.61
linux-image-2.6.31-22-powerpc - 2.6.31-22.61
linux-image-2.6.31-22-powerpc-smp - 2.6.31-22.61
linux-image-2.6.31-22-powerpc64-smp - 2.6.31-22.61
linux-image-2.6.31-22-server - 2.6.31-22.61
linux-image-2.6.31-22-sparc64 - 2.6.31-22.61
linux-image-2.6.31-22-sparc64-smp - 2.6.31-22.61
linux-image-2.6.31-22-virtual - 2.6.31-22.61
linux-image-2.6.31-307-ec2 - 2.6.31-307.16
Ubuntu 9.04
linux-image-2.6.28-19-generic - 2.6.28-19.62
linux-image-2.6.28-19-imx51 - 2.6.28-19.62
linux-image-2.6.28-19-iop32x - 2.6.28-19.62
linux-image-2.6.28-19-ixp4xx - 2.6.28-19.62
linux-image-2.6.28-19-lpia - 2.6.28-19.62
linux-image-2.6.28-19-server - 2.6.28-19.62
linux-image-2.6.28-19-versatile - 2.6.28-19.62
linux-image-2.6.28-19-virtual - 2.6.28-19.62
Ubuntu 8.04 LTS
linux-image-2.6.24-28-386 - 2.6.24-28.73
linux-image-2.6.24-28-generic - 2.6.24-28.73
linux-image-2.6.24-28-hppa32 - 2.6.24-28.73
linux-image-2.6.24-28-hppa64 - 2.6.24-28.73
linux-image-2.6.24-28-itanium - 2.6.24-28.73
linux-image-2.6.24-28-lpia - 2.6.24-28.73
linux-image-2.6.24-28-lpiacompat - 2.6.24-28.73
linux-image-2.6.24-28-mckinley - 2.6.24-28.73
linux-image-2.6.24-28-openvz - 2.6.24-28.73
linux-image-2.6.24-28-powerpc - 2.6.24-28.73
linux-image-2.6.24-28-powerpc-smp - 2.6.24-28.73
linux-image-2.6.24-28-powerpc64-smp - 2.6.24-28.73
linux-image-2.6.24-28-rt - 2.6.24-28.73
linux-image-2.6.24-28-server - 2.6.24-28.73
linux-image-2.6.24-28-sparc64 - 2.6.24-28.73
linux-image-2.6.24-28-sparc64-smp - 2.6.24-28.73
linux-image-2.6.24-28-virtual - 2.6.24-28.73
linux-image-2.6.24-28-xen - 2.6.24-28.73
Ubuntu 6.06 LTS
linux-image-2.6.15-55-386 - 2.6.15-55.86
linux-image-2.6.15-55-686 - 2.6.15-55.86
linux-image-2.6.15-55-amd64-generic - 2.6.15-55.86
linux-image-2.6.15-55-amd64-k8 - 2.6.15-55.86
linux-image-2.6.15-55-amd64-server - 2.6.15-55.86
linux-image-2.6.15-55-amd64-xeon - 2.6.15-55.86
linux-image-2.6.15-55-hppa32 - 2.6.15-55.86
linux-image-2.6.15-55-hppa32-smp - 2.6.15-55.86
linux-image-2.6.15-55-hppa64 - 2.6.15-55.86
linux-image-2.6.15-55-hppa64-smp - 2.6.15-55.86
linux-image-2.6.15-55-itanium - 2.6.15-55.86
linux-image-2.6.15-55-itanium-smp - 2.6.15-55.86
linux-image-2.6.15-55-k7 - 2.6.15-55.86
linux-image-2.6.15-55-mckinley - 2.6.15-55.86
linux-image-2.6.15-55-mckinley-smp - 2.6.15-55.86
linux-image-2.6.15-55-powerpc - 2.6.15-55.86
linux-image-2.6.15-55-powerpc-smp - 2.6.15-55.86
linux-image-2.6.15-55-powerpc64-smp - 2.6.15-55.86
linux-image-2.6.15-55-server - 2.6.15-55.86
linux-image-2.6.15-55-server-bigiron - 2.6.15-55.86
linux-image-2.6.15-55-sparc64 - 2.6.15-55.86
linux-image-2.6.15-55-sparc64-smp - 2.6.15-55.86

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started