Executive Summary
Summary | |
---|---|
Title | New Linux 2.6.18 packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1436 | First vendor Publication | 2007-12-20 |
Vendor | Debian | Last vendor Modification | 2007-12-20 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-6058 LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem. CVE-2007-5966 Warren Togami discovered an issue in the hrtimer subsystem that allows a local user to cause a DoS (soft lockup) by requesting a timer sleep for a long period of time leading to an integer overflow. CVE-2007-6063 Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl handling, exploitable by a local user. CVE-2007-6206 Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information. CVE-2007-6417 Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page maybe improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash). These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-13etch6. The following matrix lists additional packages that were rebuilt for compatability with or to take advantage of this update: Debian 4.0 (etch) fai-kernels 1.17+etch.13etch6 user-mode-linux 2.6.18-1um-2etch.13etch6 We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1436 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-200 | Information Exposure |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
17 % | CWE-399 | Resource Management Errors |
17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10774 | |||
Oval ID: | oval:org.mitre.oval:def:10774 | ||
Title: | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. | ||
Description: | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5966 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20546 | |||
Oval ID: | oval:org.mitre.oval:def:20546 | ||
Title: | DSA-1436-1 linux-2.6 fai-kernels user-mode-linux - several vulnerabilities | ||
Description: | Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1436-1 CVE-2006-6058 CVE-2007-5966 CVE-2007-6063 CVE-2007-6206 CVE-2007-6417 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 fai-kernels user-mode-linux |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6514 | |||
Oval ID: | oval:org.mitre.oval:def:6514 | ||
Title: | Linux Kernel ISDN_Net.C Local Buffer Overflow Vulnerability | ||
Description: | Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6063 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8125 | |||
Oval ID: | oval:org.mitre.oval:def:8125 | ||
Title: | VMware kernel integer overflow vulnerability in hrtimer_start function | ||
Description: | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-5966 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8920 | |||
Oval ID: | oval:org.mitre.oval:def:8920 | ||
Title: | The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). | ||
Description: | The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6417 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386 File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1193 centos5 i386 File : nvt/gb_CESA-2009_1193_kernel_centos5_i386.nasl |
2010-09-10 | Name : SuSE Update for kernel SUSE-SA:2010:036 File : nvt/gb_suse_2010_036.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1193 (kernel) File : nvt/ovcesa2009_1193.nasl |
2009-08-17 | Name : RedHat Security Advisory RHSA-2009:1193 File : nvt/RHSA_2009_1193.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:112 (kernel) File : nvt/gb_mandriva_MDVSA_2008_112.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:044 (kernel) File : nvt/gb_mandriva_MDVSA_2008_044.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:232 (kernel) File : nvt/gb_mandriva_MDKSA_2007_232.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDKSA-2007:226 (kernel) File : nvt/gb_mandriva_MDKSA_2007_226.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-578-1 File : nvt/gb_ubuntu_USN_578_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-574-1 File : nvt/gb_ubuntu_USN_574_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerabilities USN-558-1 File : nvt/gb_ubuntu_USN_558_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0211-01 File : nvt/gb_RHSA-2008_0211-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0973-03 File : nvt/gb_RHSA-2008_0973-03_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0885-01 File : nvt/gb_RHSA-2008_0885-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0154-01 File : nvt/gb_RHSA-2008_0154-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0055-01 File : nvt/gb_RHSA-2008_0055-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0089-01 File : nvt/gb_RHSA-2008_0089-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64 File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 i386 File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0211 centos3 x86_64 File : nvt/gb_CESA-2008_0211_kernel_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0211 centos3 i386 File : nvt/gb_CESA-2008_0211_kernel_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 x86_64 File : nvt/gb_CESA-2008_0055_kernel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0055 centos4 i386 File : nvt/gb_CESA-2008_0055_kernel_centos4_i386.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0001-01 (kernel) File : nvt/ovcesa2009_0001_01.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:064 File : nvt/gb_suse_2007_064.nasl |
2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:059 File : nvt/gb_suse_2007_059.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:007 File : nvt/gb_suse_2008_007.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:032 File : nvt/gb_suse_2008_032.nasl |
2009-01-13 | Name : RedHat Security Advisory RHSA-2009:0001 File : nvt/RHSA_2009_0001.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2008:0787 File : nvt/RHSA_2008_0787.nasl |
2008-03-11 | Name : Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7)) File : nvt/deb_1503_2.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1)) File : nvt/deb_1504_1.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6)) File : nvt/deb_1503_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1436-1 (linux-2.6) File : nvt/deb_1436_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44120 | Linux Kernel mm/shmem.c shmem_getpage Function Arbitrary Memory Disclosure |
40248 | Linux Kernel hrtimer.c hrtimer_start Function Local Overflow |
39243 | Linux Kernel fs/exec.c do_coredump() Function Local Information Disclosure |
39240 | Linux Kernel isdn_net.c isdn_net_setcfg() Function Local Overflow |
30506 | Linux Kernel minix File System Malformed Stream minix_bmap Function Local DoS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-10-22 | IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0021867 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0017.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2006.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2005.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0211.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0079.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080123_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080305_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080507_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080924_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090808_kernel_for_SL_5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080131_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5370.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4938.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4745.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12636.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-08-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1193.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2008-0011.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-232.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-044.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-112.nasl - Type : ACT_GATHER_INFO |
2009-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5375.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5336.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0211.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0211.nasl - Type : ACT_GATHER_INFO |
2008-03-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0154.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1503.nasl - Type : ACT_GATHER_INFO |
2008-02-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1504.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-578-1.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4986.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4935.nasl - Type : ACT_GATHER_INFO |
2008-02-11 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4970.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2008-02-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-574-1.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0055.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4943.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4941.nasl - Type : ACT_GATHER_INFO |
2008-02-01 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4929.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0089.nasl - Type : ACT_GATHER_INFO |
2008-01-08 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4752.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1436.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-558-1.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4741.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4641.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0672.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:07 |
|