Executive Summary
Summary | |
---|---|
Title | New Linux 2.6.24 packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1636 | First vendor Publication | 2008-09-11 |
Vendor | Debian | Last vendor Modification | 2008-09-11 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or leak sensitive data. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-3272 Tobias Klein reported a locally exploitable data leak in the snd_seq_oss_synth_make_info() function. This may allow local users to gain access to sensitive information. CVE-2008-3275 Zoltan Sogor discovered a coding error in the VFS that allows local users to exploit a kernel memory leak resulting in a denial of service. CVE-2008-3276 Eugene Teo reported an integer overflow in the DCCP subsystem that may allow remote attackers to cause a denial of service in the form of a kernel panic. CVE-2008-3526 Eugene Teo reported a missing bounds check in the SCTP subsystem. By exploiting an integer overflow in the SCTP_AUTH_KEY handling code, remote attackers may be able to cause a denial of service in the form of a kernel panic. CVE-2008-3534 Kel Modderman reported an issue in the tmpfs filesystem that allows local users to crash a system by triggering a kernel BUG() assertion. CVE-2008-3535 Alexey Dobriyan discovered an off-by-one-error in the iov_iter_advance function which can be exploited by local users to crash a system, resulting in a denial of service. CVE-2008-3792 Vlad Yasevich reported several NULL pointer reference conditions in the SCTP subsystem that can be triggered by entering sctp-auth codepaths when the AUTH feature is inactive. This may allow attackers to cause a denial of service condition via a system panic. CVE-2008-3915 Johann Dahm and David Richter reported and issue in the nfsd subsystem that may allow remote attackers to cause a denial of service via a buffer overflow. For the stable distribution (etch), these problems have been fixed in version 2.6.24-6~etchnhalf.5. We recommend that you upgrade your linux-2.6.24 packages. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1636 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
14 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
14 % | CWE-200 | Information Exposure |
14 % | CWE-193 | Off-by-one Error |
14 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
14 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11506 | |||
Oval ID: | oval:org.mitre.oval:def:11506 | ||
Title: | Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. | ||
Description: | Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3276 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18465 | |||
Oval ID: | oval:org.mitre.oval:def:18465 | ||
Title: | DSA-1630-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1630-1 CVE-2007-6282 CVE-2008-0598 CVE-2008-2729 CVE-2008-2812 CVE-2008-2826 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 9 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fai-kernels user-mode-linux linux-2.6 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18712 | |||
Oval ID: | oval:org.mitre.oval:def:18712 | ||
Title: | DSA-1636-1 linux-2.6.24 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or leak sensitive data. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1636-1 CVE-2008-3272 CVE-2008-3275 CVE-2008-3276 CVE-2008-3526 CVE-2008-3534 CVE-2008-3535 CVE-2008-3792 CVE-2008-3915 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6.24 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29129 | |||
Oval ID: | oval:org.mitre.oval:def:29129 | ||
Title: | RHSA-2008:0885 -- kernel security and bug fix update (Important) | ||
Description: | Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0885 CESA-2008:0885-CentOS 5 CVE-2007-6417 CVE-2007-6716 CVE-2008-2931 CVE-2008-3272 CVE-2008-3275 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6551 | |||
Oval ID: | oval:org.mitre.oval:def:6551 | ||
Title: | Linux Kernel UBIFS Orphan Inode Local Denial of Service Vulnerability | ||
Description: | The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3275 | Version: | 1 |
Platform(s): | VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0001-01 centos2 i386 File : nvt/gb_CESA-2009_0001-01_kernel_centos2_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0014 centos4 i386 File : nvt/gb_CESA-2009_0014_kernel_centos4_i386.nasl |
2010-09-10 | Name : SuSE Update for kernel SUSE-SA:2010:036 File : nvt/gb_suse_2010_036.nasl |
2009-10-13 | Name : SLES10: Security update for Linux Kernel (x86) File : nvt/sles10_kernel7.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5036146.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:223 (kernel) File : nvt/gb_mandriva_MDVSA_2008_223.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1 File : nvt/gb_ubuntu_USN_659_1.nasl |
2009-03-23 | Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-637-1 File : nvt/gb_ubuntu_USN_637_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0972-01 File : nvt/gb_RHSA-2008_0972-01_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0973-03 File : nvt/gb_RHSA-2008_0973-03_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0957-02 File : nvt/gb_RHSA-2008_0957-02_kernel.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0885-01 File : nvt/gb_RHSA-2008_0885-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 i386 File : nvt/gb_CESA-2008_0973_kernel_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 x86_64 File : nvt/gb_CESA-2008_0972_kernel_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0972 centos4 i386 File : nvt/gb_CESA-2008_0972_kernel_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0973 centos3 x86_64 File : nvt/gb_CESA-2008_0973_kernel_centos3_x86_64.nasl |
2009-02-10 | Name : CentOS Security Advisory CESA-2009:0001-01 (kernel) File : nvt/ovcesa2009_0001_01.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:052 File : nvt/gb_suse_2008_052.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:053 File : nvt/gb_suse_2008_053.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:048 File : nvt/gb_suse_2008_048.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:047 File : nvt/gb_suse_2008_047.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:044 File : nvt/gb_suse_2008_044.nasl |
2009-01-20 | Name : CentOS Security Advisory CESA-2009:0014 (kernel) File : nvt/ovcesa2009_0014.nasl |
2009-01-20 | Name : RedHat Security Advisory RHSA-2009:0014 File : nvt/RHSA_2009_0014.nasl |
2009-01-13 | Name : RedHat Security Advisory RHSA-2009:0001 File : nvt/RHSA_2009_0001.nasl |
2009-01-07 | Name : RedHat Security Advisory RHSA-2008:0787 File : nvt/RHSA_2008_0787.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1653-1 (linux-2.6) File : nvt/deb_1653_1.nasl |
2008-09-17 | Name : Debian Security Advisory DSA 1636-1 (linux-2.6.24) File : nvt/deb_1636_1.nasl |
2008-09-04 | Name : Debian Security Advisory DSA 1630-1 (linux-2.6) File : nvt/deb_1630_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
48571 | Linux Kernel mm/filemap.c iov_iter_advance Function Off-By-One Local DoS |
48570 | Linux Kernel tmpfs Implementation mm/shmem.c shmem_delete_inode Function Loca... |
48470 | Linux Kernel nfsd NFSv4 ACL Decoding Remote Overflow |
48433 | Linux Kernel sctp Implementation net/sctp/socket.c Multiple Function Remote DoS |
47960 | Linux Kernel net/sctp/socket.c sctp_setsockopt_auth_key Function SCTP Remote ... |
47788 | Linux Kernel VFS fs/namei.c Multiple Function Local DoS |
47539 | Linux Kernel net/dccp/proto.c dccp_setsockopt_change Function Overflow DoS |
47362 | Linux Kernel snd_seq_oss_synth_make_info() Function Local Information Disclosure |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-10-22 | IAVM : 2009-A-0105 - Multiple Vulnerabilities in VMware Products Severity : Category I - VMSKEY : V0021867 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Linux Kernel NFSD Subsystem overflow attempt RuleID : 16352 - Revision : 7 - Type : OS-LINUX |
2014-01-10 | Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow at... RuleID : 15907 - Revision : 5 - Type : OS-LINUX |
2014-01-10 | Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow at... RuleID : 15906 - Revision : 8 - Type : OS-LINUX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0014_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2006.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090114_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_kernel_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081119_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081104_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080924_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5608.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12636.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-080822.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_kernel-081022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-223.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-659-1.nasl - Type : ACT_GATHER_INFO |
2009-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0014.nasl - Type : ACT_GATHER_INFO |
2009-01-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0001.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-12-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0973.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0972.nasl - Type : ACT_GATHER_INFO |
2008-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5751.nasl - Type : ACT_GATHER_INFO |
2008-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0957.nasl - Type : ACT_GATHER_INFO |
2008-10-21 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5700.nasl - Type : ACT_GATHER_INFO |
2008-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1653.nasl - Type : ACT_GATHER_INFO |
2008-10-02 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-5566.nasl - Type : ACT_GATHER_INFO |
2008-09-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0885.nasl - Type : ACT_GATHER_INFO |
2008-09-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1636.nasl - Type : ACT_GATHER_INFO |
2008-08-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-637-1.nasl - Type : ACT_GATHER_INFO |
2008-08-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1630.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:52 |
|