2.1 - USN-47-1

Executive Summary

Summary
Title	Linux kernel vulnerabilities

Informations
Name	USN-47-1	First vendor Publication	2004-12-23
Vendor	Ubuntu	Last vendor Modification	2004-12-23
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	2.1	Attack Range	Local
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

linux-image-2.6.8.1-4-386 linux-image-2.6.8.1-4-686 linux-image-2.6.8.1-4-686-smp linux-image-2.6.8.1-4-amd64-generic linux-image-2.6.8.1-4-amd64-k8 linux-image-2.6.8.1-4-amd64-k8-smp linux-image-2.6.8.1-4-amd64-xeon linux-image-2.6.8.1-4-k7 linux-image-2.6.8.1-4-k7-smp linux-image-2.6.8.1-4-power3 linux-image-2.6.8.1-4-power3-smp linux-image-2.6.8.1-4-power4 linux-image-2.6.8.1-4-power4-smp linux-image-2.6.8.1-4-powerpc linux-image-2.6.8.1-4-powerpc-smp

The problem can be corrected by upgrading the affected package to version 2.6.8.1-16.5. You need to reboot the computer after doing a standard system upgrade to effect the necessary changes.

Details follow:

Georgi Guninski discovered two Denial of Service vulnerabilities in the Linux kernel.

An integer overflow in the vc_resize() function caused the memory allocation for the new screen being too short, thus causing a buffer overflow and a kernel crash.

There was also a memory leak in the ip_options_get() function. Calling ip_cmsg_send() very often would gradually exhaust memory.

Note: The original advisory (see URL above) also mentions a "ip_options_get integer overflow". This was already fixed in USN-38-1 (known as CAN-2004-1016).

Original Source

Url : http://www.ubuntu.com/usn/USN-47-1

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11085

Oval ID:	oval:org.mitre.oval:def:11085
Title:	Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Description:	Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-1335	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-27.0.1.EL AND kernel-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem is earlier than 0:2.4.21-27.0.1.EL AND kernel is earlier than 0:2.4.21-27.0.1.EL AND kernel-source is earlier than 0:2.4.21-27.0.1.EL AND kernel-doc is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp is earlier than 0:2.4.21-27.0.1.EL

Definition Id: oval:org.mitre.oval:def:11816

Oval ID:	oval:org.mitre.oval:def:11816
Title:	The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
Description:	The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-1016	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3	Product(s):
Definition Synopsis:
RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section kernel-BOOT is earlier than 0:2.4.21-27.0.1.EL AND kernel-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.1.EL AND kernel-hugemem is earlier than 0:2.4.21-27.0.1.EL AND kernel is earlier than 0:2.4.21-27.0.1.EL AND kernel-source is earlier than 0:2.4.21-27.0.1.EL AND kernel-doc is earlier than 0:2.4.21-27.0.1.EL AND kernel-smp is earlier than 0:2.4.21-27.0.1.EL

CPE : Common Platform Enumeration

Type	Description	Count
Os	Linux Linux Kernel cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:::::: cpe:2.3:o:linux:linux_kernel:2.6.8:::::::* cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.7:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.6:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.5:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.4:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.3:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.2:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:::::: cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:-:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test2:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test1:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test11:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test6:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test4:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test8:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test10:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test9:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test5:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test7:::::: cpe:2.3:o:linux:linux_kernel:2.6.0:test3:::::: cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:::::::* cpe:2.3:o:linux:linux_kernel:2.4.9:::::::* cpe:2.3:o:linux:linux_kernel:2.4.8:::::::* cpe:2.3:o:linux:linux_kernel:2.4.7:::::::* cpe:2.3:o:linux:linux_kernel:2.4.6:::::::* cpe:2.3:o:linux:linux_kernel:2.4.5:::::::* cpe:2.3:o:linux:linux_kernel:2.4.4:::::::* cpe:2.3:o:linux:linux_kernel:2.4.3:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.28:::::::* cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.26:::::::* cpe:2.3:o:linux:linux_kernel:2.4.25:::::::* cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:::::::* cpe:2.3:o:linux:linux_kernel:2.4.24:::::::* cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:::::::* cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:::::: cpe:2.3:o:linux:linux_kernel:2.4.23:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.22:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:::::: cpe:2.3:o:linux:linux_kernel:2.4.21:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.20:::::::* cpe:2.3:o:linux:linux_kernel:2.4.2:::::::* cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:::::: cpe:2.3:o:linux:linux_kernel:2.4.18::x86::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:::::: cpe:2.3:o:linux:linux_kernel:2.4.17:::::::* cpe:2.3:o:linux:linux_kernel:2.4.16:::::::* cpe:2.3:o:linux:linux_kernel:2.4.15:::::::* cpe:2.3:o:linux:linux_kernel:2.4.14:::::::* cpe:2.3:o:linux:linux_kernel:2.4.13:::::::* cpe:2.3:o:linux:linux_kernel:2.4.12:::::::* cpe:2.3:o:linux:linux_kernel:2.4.11:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.10:::::::* cpe:2.3:o:linux:linux_kernel:2.4.1:::::::* cpe:2.3:o:linux:linux_kernel:2.4.0:-:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test3:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test8:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test10:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test1:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test12:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test2:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test4:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test6:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test7:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test9:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test11:::::: cpe:2.3:o:linux:linux_kernel:2.4.0:test5::::::	97
Os	Redhat Fedora Core cpe:2.3:o:redhat:fedora_core:core_3.0:::::::* cpe:2.3:o:redhat:fedora_core:core_2.0:::::::* cpe:2.3:o:redhat:fedora_core:core_1.0:::::::*	3
Os	Redhat Linux cpe:2.3:o:redhat:linux:9.0::i386::::: cpe:2.3:o:redhat:linux:7.3:::::::* cpe:2.3:o:redhat:linux:7.3::i386::::: cpe:2.3:o:redhat:linux:7.3::i686:::::	4
Os	Ubuntu Ubuntu Linux cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ia64::::: cpe:2.3:o:ubuntu:ubuntu_linux:4.1::ppc:::::	2

OpenVAS Exploits

Date	Description
2009-10-10	Name : SLES9: Security update for Linux kernel File : nvt/sles9p5019053.nasl
2008-01-17	Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
13535	Linux Kernel ip_options_get Memory Leak DoS
12527	Linux Kernel scm_send() Function Local DoS
12480	Linux Kernel ip_options_get() Function Local Overflow
12479	Linux Kernel vc_resize() Function Local Overflow

Nessus® Vulnerability Scanner

Date	Description
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO
2006-10-14	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-219.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-38-1.nasl - Type : ACT_GATHER_INFO
2006-01-15	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-47-1.nasl - Type : ACT_GATHER_INFO
2005-03-25	Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2005_018.nasl - Type : ACT_GATHER_INFO
2005-02-03	Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_044.nasl - Type : ACT_GATHER_INFO
2005-01-26	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO
2005-01-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO
2005-01-19	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-043.nasl - Type : ACT_GATHER_INFO
2005-01-04	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-581.nasl - Type : ACT_GATHER_INFO
2005-01-04	Name : The remote Fedora Core host is missing a security update. File : fedora_2004-582.nasl - Type : ACT_GATHER_INFO
2004-12-27	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 12:04:24	Multiple Updates
2013-05-11 12:25:54	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	2
CPE ID(s)	106
osvdb(s)	4
Openvas Exploit(s)	4
Nessus® Exploit(s)	15

	Related
10	USN-38-1
2.1	CVE-2004-1335
2.1	CVE-2004-1334
2.1	CVE-2004-1333
2.1	CVE-2004-1016
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 5 more Alert(s)

2.1 - USN-47-1

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU