Articles / Ubuntu: New Linux packages …

Ubuntu: New Linux packages fix security vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities.

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service.

Vasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. It was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. Mauro Carvalho Chehab discovered that the si4713 radio driver did not correctly check the length of memory copies. If this hardware was available, a local attacker could exploit this to crash the system or gain root privileges.

Herbert Xu discovered that certain fields were incorrectly handled when Generic Receive Offload. The performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service.

Updated packages are available from security.ubuntu.com.

==========================================================================
Ubuntu Security Notice USN-1218-1
September 29, 2011

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Multiple kernel flaws have been fixed.

Software Description:
- linux: Linux kernel

Details:

Dan Rosenberg discovered that multiple terminal ioctls did not correctly
initialize structure memory. A local attacker could exploit this to read
portions of kernel stack memory, leading to a loss of privacy.
(CVE-2010-4076, CVE-2010-4077)

Alex Shi and Eric Dumazet discovered that the network stack did not
correctly handle packet backlogs. A remote attacker could exploit this by
sending a large amount of network traffic to cause the system to run out of
memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)

It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold open
files to examine details about programs running with higher privileges,
potentially increasing the chances of exploiting additional
vulnerabilities. (CVE-2011-1020)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly
handle certain fields. If a system was running with Rose enabled, a remote
attacker could send specially crafted traffic to gain root privileges.
(CVE-2011-1493)

Timo Warns discovered that the GUID partition parsing routines did not
correctly validate certain structures. A local attacker with physical
access could plug in a specially crafted block device to crash the system,
leading to a denial of service. (CVE-2011-1577)

Dan Rosenberg discovered that the IPv4 diagnostic routines did not
correctly validate certain requests. A local attacker could exploit this to
consume CPU resources, leading to a denial of service. (CVE-2011-2213)

Vasiliy Kulikov discovered that taskstats listeners were not correctly
handled. A local attacker could expoit this to exhaust memory and CPU
resources, leading to a denial of service. (CVE-2011-2484)

It was discovered that Bluetooth l2cap and rfcomm did not correctly
initialize structures. A local attacker could exploit this to read portions
of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)

Mauro Carvalho Chehab discovered that the si4713 radio driver did not
correctly check the length of memory copies. If this hardware was
available, a local attacker could exploit this to crash the system or gain
root privileges. (CVE-2011-2700)

Herbert Xu discovered that certain fields were incorrectly handled when
Generic Receive Offload (CVE-2011-2723)

The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system, leading
to a denial of service. (CVE-2011-2918)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
 linux-image-2.6.32-34-386       2.6.32-34.77
 linux-image-2.6.32-34-generic   2.6.32-34.77
 linux-image-2.6.32-34-generic-pae  2.6.32-34.77
 linux-image-2.6.32-34-ia64      2.6.32-34.77
 linux-image-2.6.32-34-lpia      2.6.32-34.77
 linux-image-2.6.32-34-powerpc   2.6.32-34.77
 linux-image-2.6.32-34-powerpc-smp  2.6.32-34.77
 linux-image-2.6.32-34-powerpc64-smp  2.6.32-34.77
 linux-image-2.6.32-34-preempt   2.6.32-34.77
 linux-image-2.6.32-34-server    2.6.32-34.77
 linux-image-2.6.32-34-sparc64   2.6.32-34.77
 linux-image-2.6.32-34-sparc64-smp  2.6.32-34.77
 linux-image-2.6.32-34-versatile  2.6.32-34.77
 linux-image-2.6.32-34-virtual   2.6.32-34.77

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
 http://www.ubuntu.com/usn/usn-1218-1
 CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805,
 CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213,
 CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723,
 CVE-2011-2918

Package Information:
 https://launchpad.net/ubuntu/+source/linux/2.6.32-34.77
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.