Executive Summary
Summary | |
---|---|
Title | New Linux 2.6.18 packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1378 | First vendor Publication | 2007-09-27 |
Vendor | Debian | Last vendor Modification | 2007-09-28 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3731 Evan Teran discovered a potential local denial of service (oops) in the handling of PTRACE_SETREGS and PTRACE_SINGLESTEP requests. CVE-2007-3739 Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages. CVE-2007-3740 Steve French reported that CIFS filesystems with CAP_UNIX enabled were not honoring a process' umask which may lead to unintentinally relaxed permissions. CVE-2007-4573 Wojciech Purczynski discovered a vulnerability that can be exploitd by a local user to obtain superuser privileges on x86_64 systems. This resulted from improper clearing of the high bits of registers during ia32 system call emulation. This vulnerability is relevant to the Debian amd64 port as well as users of the i386 port who run the amd64 linux-image flavour. CVE-2007-4849 Michael Stone reported an issue with the JFFS2 filesystem. Legacy modes for inodes that were created with POSIX ACL support enabled were not being written out to the medium, resulting in incorrect permissions upon remount. These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-13etch3. This advisory has been updated to include a build for the arm architecture, which was not yet available at the time of DSA-1378-1. The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update: Debian 4.0 (etch) fai-kernels 1.17+etch.13etch3 user-mode-linux 2.6.18-1um-2etch.13etch3 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1378 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
17 % | CWE-399 | Resource Management Errors |
17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10394 | |||
Oval ID: | oval:org.mitre.oval:def:10394 | ||
Title: | The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function. | ||
Description: | The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SETREGS and PTRACE_SINGLESTEP requests, related to the TRACE_IRQS_ON function, and possibly related to the arch_ptrace function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3731 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18649 | |||
Oval ID: | oval:org.mitre.oval:def:18649 | ||
Title: | DSA-1378-2 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
Description: | Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1378-2 CVE-2007-3731 CVE-2007-3739 CVE-2007-3740 CVE-2007-4573 CVE-2007-4849 | Version: | 9 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 fai-kernels user-mode-linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20370 | |||
Oval ID: | oval:org.mitre.oval:def:20370 | ||
Title: | DSA-1378-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
Description: | Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1378-1 CVE-2007-3731 CVE-2007-3739 CVE-2007-3740 CVE-2007-4573 CVE-2007-4849 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 fai-kernels user-mode-linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21705 | |||
Oval ID: | oval:org.mitre.oval:def:21705 | ||
Title: | ELSA-2007:0936: kernel security update (Important) | ||
Description: | The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0936-01 CVE-2007-4573 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-12-09 | Name : Mandriva Update for kernel MDVSA-2010:247 (kernel) File : nvt/gb_mandriva_MDVSA_2010_247.nasl |
2010-10-19 | Name : Mandriva Update for kernel MDVSA-2010:198 (kernel) File : nvt/gb_mandriva_MDVSA_2010_198.nasl |
2010-09-27 | Name : Mandriva Update for kernel MDVSA-2010:188 (kernel) File : nvt/gb_mandriva_MDVSA_2010_188.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5020541.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:105 (kernel) File : nvt/gb_mandriva_MDVSA_2008_105.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:195 (kernel) File : nvt/gb_mandriva_MDKSA_2007_195.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15/17/20 vulnerabilities USN-518-1 File : nvt/gb_ubuntu_USN_518_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-558-1 File : nvt/gb_ubuntu_USN_558_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1 File : nvt/gb_ubuntu_USN_574_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2007:1049-01 File : nvt/gb_RHSA-2007_1049-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2007:1049 centos3 x86_64 File : nvt/gb_CESA-2007_1049_kernel_centos3_x86_64.nasl |
2009-02-27 | Name : Fedora Update for kernel FEDORA-2007-2298 File : nvt/gb_fedora_2007_2298_kernel_fc7.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2007:1049 centos3 i386 File : nvt/gb_CESA-2007_1049_kernel_centos3_i386.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:053 File : nvt/gb_suse_2007_053.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:064 File : nvt/gb_suse_2007_064.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1)) File : nvt/deb_1504_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1378-1 (linux-2.6) File : nvt/deb_1378_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1381-2 (linux-2.6) File : nvt/deb_1381_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1381-1 (linux-2.6) File : nvt/deb_1381_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1378-2 (linux-2.6) File : nvt/deb_1378_2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
40597 | Linux Kernel CIFS Filesystem Process umask Local Privilege Escalation |
40564 | JFFS2 POSIX ACL Support Legacy Modes Local Information Disclosure |
37287 | Linux Kernel on x86_64 IA32 System Call Emulation %RAX Register Local Privile... |
37286 | Linux Kernel Invalid LDT Segment Selector Local DoS |
37285 | Linux hugetlb Kernel on PowerPC mm/mmap.c Stack Expansion Local DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1049.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0939.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0938.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0937.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0936.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0940.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071101_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071022_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20070927_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071203_kernel_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4472.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO |
2010-12-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-247.nasl - Type : ACT_GATHER_INFO |
2010-10-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-198.nasl - Type : ACT_GATHER_INFO |
2010-09-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-188.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0940.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-105.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0939.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4929.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-558-1.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4471.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1049.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1049.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-518-1.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2298.nasl - Type : ACT_GATHER_INFO |
2007-11-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0939.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-195.nasl - Type : ACT_GATHER_INFO |
2007-10-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0940.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4503.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4473.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4487.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0937.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0936.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0938.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1378.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1381.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0938.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0937.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0936.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-712.nasl - Type : ACT_GATHER_INFO |
2007-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:26:54 |
|