[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ MDVSA-2010:214 ] kernel
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [ MDVSA-2010:214 ] kernel
- From: security@xxxxxxxxxxxx
- Date: Fri, 29 Oct 2010 23:22:02 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:214
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kernel
Date : October 29, 2010
Affected: Corporate 4.0
_______________________________________________________________________
Problem Description:
A vulnerability was discovered and corrected in the Linux 2.6 kernel:
A vulnerability in Linux kernel caused by insecure allocation of user
space memory when translating system call inputs to 64-bit. A stack
pointer underflow can occur when using the compat_alloc_user_space
method with an arbitrary length input. (CVE-2010-3081)
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081
https://qa.mandriva.com/61447
_______________________________________________________________________
Updated Packages:
Corporate 4.0:
fabca395b39b6ed6d458799eb412572e
corporate/4.0/i586/kernel-2.6.12.42mdk-1-1mdk.i586.rpm
3077f89b0ee23364826844a7d9a83dcb
corporate/4.0/i586/kernel-BOOT-2.6.12.42mdk-1-1mdk.i586.rpm
c3e963bcd59b676adf367224c8580998
corporate/4.0/i586/kernel-doc-2.6.12.42mdk-1-1mdk.i586.rpm
3fda402572a9ca2a6f3a2cce8a927ef5
corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.42mdk-1-1mdk.i586.rpm
74671054d68dd70b88042554a09dc70e
corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.42mdk-1-1mdk.i586.rpm
e5fbee70a2318efbae909957653f0d21
corporate/4.0/i586/kernel-smp-2.6.12.42mdk-1-1mdk.i586.rpm
aaf581038c6cebb9d748d4503ce37af7
corporate/4.0/i586/kernel-source-2.6.12.42mdk-1-1mdk.i586.rpm
c694977b8e08fa592ce384a4f4a77eff
corporate/4.0/i586/kernel-source-stripped-2.6.12.42mdk-1-1mdk.i586.rpm
52d63e629865ff6501d0c766c234f1ad
corporate/4.0/i586/kernel-xbox-2.6.12.42mdk-1-1mdk.i586.rpm
a5a3649d10977f5c637043ac1efdb144
corporate/4.0/i586/kernel-xen0-2.6.12.42mdk-1-1mdk.i586.rpm
a2f59640dbaa4d566ad41eb6512c4e63
corporate/4.0/i586/kernel-xenU-2.6.12.42mdk-1-1mdk.i586.rpm
0c316f3efcbaff64fea607cdc9e0a085
corporate/4.0/SRPMS/kernel-2.6.12.42mdk-1-1mdk.src.rpm
Corporate 4.0/X86_64:
c471d4337b179919823bc63588a27e47
corporate/4.0/x86_64/kernel-2.6.12.42mdk-1-1mdk.x86_64.rpm
0bef4a498595c2df1d6d8c5d5be6f0c2
corporate/4.0/x86_64/kernel-BOOT-2.6.12.42mdk-1-1mdk.x86_64.rpm
582eae8d7a9d12fbf85d3c2a08ff9824
corporate/4.0/x86_64/kernel-doc-2.6.12.42mdk-1-1mdk.x86_64.rpm
d76674127a48f49db5647c9b007872f8
corporate/4.0/x86_64/kernel-smp-2.6.12.42mdk-1-1mdk.x86_64.rpm
36d9743d4ff644c74a33b9cee2adec05
corporate/4.0/x86_64/kernel-source-2.6.12.42mdk-1-1mdk.x86_64.rpm
6d077ef61b3438888da3ec9f901e3ad8
corporate/4.0/x86_64/kernel-source-stripped-2.6.12.42mdk-1-1mdk.x86_64.rpm
ad64ebbf54fa5ecf30e1da88eaacf540
corporate/4.0/x86_64/kernel-xen0-2.6.12.42mdk-1-1mdk.x86_64.rpm
1311e12d6c8ab1d93a6eb9623cd11aea
corporate/4.0/x86_64/kernel-xenU-2.6.12.42mdk-1-1mdk.x86_64.rpm
0c316f3efcbaff64fea607cdc9e0a085
corporate/4.0/SRPMS/kernel-2.6.12.42mdk-1-1mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMyw/EmqjQ0CJFipgRAomrAJ0bZKR+DXaG5gd78VowqmVVdtp07ACfaoFQ
v6b4gKMa6SKoMRovnQ3bI+k=
=ENEg
-----END PGP SIGNATURE-----