[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] [ MDVSA-2009:233 ] kernel
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] [ MDVSA-2009:233 ] kernel
- From: security@xxxxxxxxxxxx
- Date: Tue, 15 Sep 2009 01:07:00 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:233
http://www.mandriva.com/security/
_______________________________________________________________________
Package : kernel
Date : September 14, 2009
Affected: 2008.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Problem Description:
A vulnerability was discovered and corrected in the Linux 2.6 kernel:
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4,
does not initialize all function pointers for socket operations
in proto_ops structures, which allows local users to trigger a NULL
pointer dereference and gain privileges by using mmap to map page zero,
placing arbitrary code on this page, and then invoking an unavailable
operation, as demonstrated by the sendpage operation on a PF_PPPOX
socket. (CVE-2009-2692)
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.1:
09f9ce71fb6eaec4ba06acde23ade724
2008.1/i586/kernel-2.6.24.7-3mnb-1-1mnb1.i586.rpm
ae602cc8d9699174f7a547bb60e6aded
2008.1/i586/kernel-desktop-2.6.24.7-3mnb-1-1mnb1.i586.rpm
07852147042399185c1854c436206cad
2008.1/i586/kernel-desktop586-2.6.24.7-3mnb-1-1mnb1.i586.rpm
d2da36f55db468e58cb000f9f4b9b163
2008.1/i586/kernel-desktop586-devel-2.6.24.7-3mnb-1-1mnb1.i586.rpm
cdacb4f44b0c88054866e168201af62e
2008.1/i586/kernel-desktop586-devel-latest-2.6.24.7-3mnb1.i586.rpm
5b1e613192c0b43d39e5d1cf44dee7bc
2008.1/i586/kernel-desktop586-latest-2.6.24.7-3mnb1.i586.rpm
8663e4966000f62a9d7e0f73ad0b5adb
2008.1/i586/kernel-desktop-devel-2.6.24.7-3mnb-1-1mnb1.i586.rpm
e8fac7b0eb07e205af711bca89b60a28
2008.1/i586/kernel-desktop-devel-latest-2.6.24.7-3mnb1.i586.rpm
e5f9266b2244a26c1d90ec87976fc5b0
2008.1/i586/kernel-desktop-latest-2.6.24.7-3mnb1.i586.rpm
0c3d5a8181efe5b10e3afec16691fa4d
2008.1/i586/kernel-doc-2.6.24.7-3mnb1.i586.rpm
db1296432ff88aa33410c8d3a1b1a2c0
2008.1/i586/kernel-laptop-2.6.24.7-3mnb-1-1mnb1.i586.rpm
0193271cabdc1f547a3432e8a99986b9
2008.1/i586/kernel-laptop-devel-2.6.24.7-3mnb-1-1mnb1.i586.rpm
bdfab6a2386fa89dd250a494e725a5d9
2008.1/i586/kernel-laptop-devel-latest-2.6.24.7-3mnb1.i586.rpm
7ed708045f382289fddddbd0e10a0ae9
2008.1/i586/kernel-laptop-latest-2.6.24.7-3mnb1.i586.rpm
688c23aa32b234d6581a76adbe66ea8c
2008.1/i586/kernel-server-2.6.24.7-3mnb-1-1mnb1.i586.rpm
32f1a47070ee2a7f83a016d001bff014
2008.1/i586/kernel-server-devel-2.6.24.7-3mnb-1-1mnb1.i586.rpm
04a464bf850a840fa27f5cf6068dccc4
2008.1/i586/kernel-server-devel-latest-2.6.24.7-3mnb1.i586.rpm
f82288c9d9d250d6a01ff44bb98ea3ee
2008.1/i586/kernel-server-latest-2.6.24.7-3mnb1.i586.rpm
a05598c1a1b1cef7c98f65b284a86cb5
2008.1/i586/kernel-source-2.6.24.7-3mnb-1-1mnb1.i586.rpm
9ecb21b4c7fc58cc8231fb9979bed563
2008.1/i586/kernel-source-latest-2.6.24.7-3mnb1.i586.rpm
2f39f719d288c36c7600ce1ff3ce98b8 2008.1/SRPMS/kernel-2.6.24.7-3mnb1.src.rpm
Mandriva Linux 2008.1/X86_64:
ee40c52e1e9d7df0ff082c1132f78ca7
2008.1/x86_64/kernel-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
62e03fc5353c7091da3f1e3d8684482b
2008.1/x86_64/kernel-desktop-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
53e78922ee128c8dd01fb992df712122
2008.1/x86_64/kernel-desktop-devel-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
0da13998db3248630fa0da98f9061b2c
2008.1/x86_64/kernel-desktop-devel-latest-2.6.24.7-3mnb1.x86_64.rpm
81b720b2da87dcaa3c9a06522e3f106c
2008.1/x86_64/kernel-desktop-latest-2.6.24.7-3mnb1.x86_64.rpm
f72b340ae0e01ed73d64e8f2962b4b4a
2008.1/x86_64/kernel-doc-2.6.24.7-3mnb1.x86_64.rpm
3c9cf5d346d4fc5df58633d4a70abe27
2008.1/x86_64/kernel-laptop-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
8c3c36e81f42d1c2f29c9ed27200a9d8
2008.1/x86_64/kernel-laptop-devel-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
751574973fc2aa889bbd7971bbc61596
2008.1/x86_64/kernel-laptop-devel-latest-2.6.24.7-3mnb1.x86_64.rpm
476b32a7eab657d18185f83f0faed3bc
2008.1/x86_64/kernel-laptop-latest-2.6.24.7-3mnb1.x86_64.rpm
acc8e71cda1807fc12ec2c376adfd7e5
2008.1/x86_64/kernel-server-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
3f0dec17ff7636efc8e848bcc2dd5b44
2008.1/x86_64/kernel-server-devel-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
dca5c6a627768b204f01076c4d237e03
2008.1/x86_64/kernel-server-devel-latest-2.6.24.7-3mnb1.x86_64.rpm
d450db60670cc44a5bcd1291b6fba03e
2008.1/x86_64/kernel-server-latest-2.6.24.7-3mnb1.x86_64.rpm
de4226fc5ba36a84e332f2a5afdf2212
2008.1/x86_64/kernel-source-2.6.24.7-3mnb-1-1mnb1.x86_64.rpm
6e27e3e78a54a1e94e6c12716771c5a5
2008.1/x86_64/kernel-source-latest-2.6.24.7-3mnb1.x86_64.rpm
2f39f719d288c36c7600ce1ff3ce98b8 2008.1/SRPMS/kernel-2.6.24.7-3mnb1.src.rpm
Corporate 3.0:
748af5e6897f2e461c61e52c34d80c80
corporate/3.0/i586/kernel-2.6.3.41mdk-1-1mdk.i586.rpm
8fc6a7b3805adecb4a56534f12fcae90
corporate/3.0/i586/kernel-BOOT-2.6.3.41mdk-1-1mdk.i586.rpm
956b447b815899a5db2a23efbd9c0706
corporate/3.0/i586/kernel-doc-2.6.3-41mdk.i586.rpm
d3ef79f5b3b0d36d8f090d961a6d7227
corporate/3.0/i586/kernel-enterprise-2.6.3.41mdk-1-1mdk.i586.rpm
99e24b00d352e7dbc0ceef3adb260e24
corporate/3.0/i586/kernel-i686-up-4GB-2.6.3.41mdk-1-1mdk.i586.rpm
f5b9b5c5af0289eadc0524fde55f158b
corporate/3.0/i586/kernel-p3-smp-64GB-2.6.3.41mdk-1-1mdk.i586.rpm
7a28d45cc743da45609294b2845e10dc
corporate/3.0/i586/kernel-secure-2.6.3.41mdk-1-1mdk.i586.rpm
f4758ba6a1c74188063baedf9e67ac28
corporate/3.0/i586/kernel-smp-2.6.3.41mdk-1-1mdk.i586.rpm
2f000dc2f0618abc8c4d9a0039b223fd
corporate/3.0/i586/kernel-source-2.6.3-41mdk.i586.rpm
c18f27937a3d4bc01beef22edbfb7db0
corporate/3.0/i586/kernel-source-stripped-2.6.3-41mdk.i586.rpm
05e587fc230c88937cb5944af4a6f046
corporate/3.0/SRPMS/kernel-2.6.3.41mdk-1-1mdk.src.rpm
Corporate 3.0/X86_64:
1fc5885f0a82d5f6e6645c2438695cca
corporate/3.0/x86_64/kernel-2.6.3.41mdk-1-1mdk.x86_64.rpm
bca522e3a26ba842e03f8a11163e0c96
corporate/3.0/x86_64/kernel-BOOT-2.6.3.41mdk-1-1mdk.x86_64.rpm
b41ca978accdb24394fef601b1b8dc53
corporate/3.0/x86_64/kernel-doc-2.6.3-41mdk.x86_64.rpm
9134977f58741a8523cbfb4a829516a6
corporate/3.0/x86_64/kernel-secure-2.6.3.41mdk-1-1mdk.x86_64.rpm
2dbd7043da6a8d93be955c70c326d94c
corporate/3.0/x86_64/kernel-smp-2.6.3.41mdk-1-1mdk.x86_64.rpm
d5a41e708c9d10f423b3b42cb1c468b5
corporate/3.0/x86_64/kernel-source-2.6.3-41mdk.x86_64.rpm
8c3d5430f5271bb78e0d2956dacaf575
corporate/3.0/x86_64/kernel-source-stripped-2.6.3-41mdk.x86_64.rpm
05e587fc230c88937cb5944af4a6f046
corporate/3.0/SRPMS/kernel-2.6.3.41mdk-1-1mdk.src.rpm
Corporate 4.0:
601bc40d3e1aee417e84a0ead160a7b0
corporate/4.0/i586/kernel-2.6.12.41mdk-1-1mdk.i586.rpm
c063f187ac49fc74f221ad8ab7bf5262
corporate/4.0/i586/kernel-BOOT-2.6.12.41mdk-1-1mdk.i586.rpm
b60281d821ea76fdb9675ff6bdaa81c4
corporate/4.0/i586/kernel-doc-2.6.12.41mdk-1-1mdk.i586.rpm
62028f52a661b0bfb74db7f5a448b1bb
corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.41mdk-1-1mdk.i586.rpm
6b2a3b620559d0752c25176aecf6e57b
corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.41mdk-1-1mdk.i586.rpm
071c3988845e4a4992f111b7339157f3
corporate/4.0/i586/kernel-smp-2.6.12.41mdk-1-1mdk.i586.rpm
74c2b1a2901e50bcad3890af6efcdf2c
corporate/4.0/i586/kernel-source-2.6.12.41mdk-1-1mdk.i586.rpm
276dfcf2a9ae0910c8a9be627c0cf07e
corporate/4.0/i586/kernel-source-stripped-2.6.12.41mdk-1-1mdk.i586.rpm
ba8334270d6b11740292a83fc4252baa
corporate/4.0/i586/kernel-xbox-2.6.12.41mdk-1-1mdk.i586.rpm
e09627e78d3d6c25527f0e3eaae38ca7
corporate/4.0/i586/kernel-xen0-2.6.12.41mdk-1-1mdk.i586.rpm
1644f80debb044913ad386009a4cc857
corporate/4.0/i586/kernel-xenU-2.6.12.41mdk-1-1mdk.i586.rpm
0661ee7f8519e51a45cd25b5f2161d6a
corporate/4.0/SRPMS/kernel-2.6.12.41mdk-1-1mdk.src.rpm
Corporate 4.0/X86_64:
9d30033bd14864bf5ee38ba2c9ab099e
corporate/4.0/x86_64/kernel-2.6.12.41mdk-1-1mdk.x86_64.rpm
a058d1972e00d201d45a42296642309d
corporate/4.0/x86_64/kernel-BOOT-2.6.12.41mdk-1-1mdk.x86_64.rpm
129fa378cd061fa034e5cff663231b71
corporate/4.0/x86_64/kernel-doc-2.6.12.41mdk-1-1mdk.x86_64.rpm
37622197500de29d3735b27713c3f0d2
corporate/4.0/x86_64/kernel-smp-2.6.12.41mdk-1-1mdk.x86_64.rpm
1181593c02d069fad2c3b358ac857b3b
corporate/4.0/x86_64/kernel-source-2.6.12.41mdk-1-1mdk.x86_64.rpm
b010075acfcab9ef7c9d5dce39a77ea0
corporate/4.0/x86_64/kernel-source-stripped-2.6.12.41mdk-1-1mdk.x86_64.rpm
12239493b97086a4f49a7c0b66b99407
corporate/4.0/x86_64/kernel-xen0-2.6.12.41mdk-1-1mdk.x86_64.rpm
a014566de60953577fad67048c2fda54
corporate/4.0/x86_64/kernel-xenU-2.6.12.41mdk-1-1mdk.x86_64.rpm
0661ee7f8519e51a45cd25b5f2161d6a
corporate/4.0/SRPMS/kernel-2.6.12.41mdk-1-1mdk.src.rpm
Multi Network Firewall 2.0:
748af5e6897f2e461c61e52c34d80c80
mnf/2.0/i586/kernel-2.6.3.41mdk-1-1mdk.i586.rpm
8fc6a7b3805adecb4a56534f12fcae90
mnf/2.0/i586/kernel-BOOT-2.6.3.41mdk-1-1mdk.i586.rpm
956b447b815899a5db2a23efbd9c0706 mnf/2.0/i586/kernel-doc-2.6.3-41mdk.i586.rpm
d3ef79f5b3b0d36d8f090d961a6d7227
mnf/2.0/i586/kernel-enterprise-2.6.3.41mdk-1-1mdk.i586.rpm
99e24b00d352e7dbc0ceef3adb260e24
mnf/2.0/i586/kernel-i686-up-4GB-2.6.3.41mdk-1-1mdk.i586.rpm
f5b9b5c5af0289eadc0524fde55f158b
mnf/2.0/i586/kernel-p3-smp-64GB-2.6.3.41mdk-1-1mdk.i586.rpm
7a28d45cc743da45609294b2845e10dc
mnf/2.0/i586/kernel-secure-2.6.3.41mdk-1-1mdk.i586.rpm
f4758ba6a1c74188063baedf9e67ac28
mnf/2.0/i586/kernel-smp-2.6.3.41mdk-1-1mdk.i586.rpm
2f000dc2f0618abc8c4d9a0039b223fd
mnf/2.0/i586/kernel-source-2.6.3-41mdk.i586.rpm
c18f27937a3d4bc01beef22edbfb7db0
mnf/2.0/i586/kernel-source-stripped-2.6.3-41mdk.i586.rpm
05e587fc230c88937cb5944af4a6f046
mnf/2.0/SRPMS/kernel-2.6.3.41mdk-1-1mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKrp/xmqjQ0CJFipgRAjA1AJwMnryyeZQDX35q8ti4c9R+rerqwwCgsfVU
HAazQp7JoMOduywRS/LC0SQ=
=iCPs
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/