Debians sikkerhedsbulletin

DSA-2110-1 linux-2.6 -- rettighedsforøgelse/lammelsesangreb/informationslækage

Rapporteret den:
17. sep 2010
Berørte pakker:
linux-2.6
Sårbar:
Ja
Referencer i sikkerhedsdatabaser:
I Mitres CVE-ordbog: CVE-2010-2492, CVE-2010-2954, CVE-2010-3078, CVE-2010-3080, CVE-2010-3081.
Yderligere oplysninger:

Flere sårbarheder er opdaget i Linux-kerne, hvilke kunne føre til en rettighedsforøgelse, lammelsesangreb (denial of service) eller informationslækage. Projektet Common Vulnerabilities and Exposures har registreret følgende problemer:

  • CVE-2010-2492

    Andre Osterhues rapporterede om et problem i eCryptfs-undersystemet. En bufferoverløbstilstand kunne gøre det muligt for lokale brugere at forårsage et lammelsesangreb eller opnå fornøgede rettigheder.

  • CVE-2010-2954

    Tavis Ormandy rapporterede om et problem i irda-undersystemet, hvilket måske kunne gøre det muligt for lokale brugere at forårsage et lammelsesangreb via en NULL-pointer-dereference.

  • CVE-2010-3078

    Dan Rosenberg opdagede et problem i XFS-filsystemet, der gjorde det muligt for lokale brugere at læse potentiel følsom kernehukommelse.

  • CVE-2010-3080

    Tavis Ormandy rapporterede om et problem i ALSA-sequencer'ens OSS-emuleringslag. Lokale brugere med tilstrækkelige rettigheder til at åbne /dev/sequencer (som standard i Debian er det medlemmer af gruppen 'audio'), kunne forårsage et lammelsesangreb via en NULL-pointer-dereference.

  • CVE-2010-3081

    Ben Hawkes opdagede et problem i 32 bit-kompatibilitetskoden på 64 bit-systemer. Lokale brugere kunne opnå forøgede rettigheder på grund af utilstrækkelige kontroller i compat_alloc_user_space-allokeringer.

I den stabile distribution (lenny), er dette problem rettet i version 2.6.26-25lenny1.

Vi anbefaler at du opgraderer dine linux-2.6- og user-mode-linux-pakker.

Følgende matriks opremser yderligere kildekodepakker, der blev genopbygget af hensyn til kompabilitet eller for at kunne drage fordel af opdateringen:

  Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+25lenny1
Rettet i:

Debian GNU/Linux 5.0 (lenny)

Kildekode:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-25lenny1.diff.gz
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-25lenny1.dsc
Arkitekturuafhængig komponent:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-25lenny1_all.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-25lenny1_all.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-25lenny1_all.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-25lenny1_all.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-25lenny1_all.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-25lenny1_all.deb
Alpha:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_alpha.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-25lenny1_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-25lenny1_amd64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-25lenny1_amd64.deb
ARM EABI:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-25lenny1_armel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-25lenny1_armel.deb
HP Precision:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_hppa.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-25lenny1_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-25lenny1_i386.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-25lenny1_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-25lenny1_ia64.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-25lenny1_ia64.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-25lenny1_mipsel.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-25lenny1_powerpc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-25lenny1_powerpc.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-25lenny1_sparc.deb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-25lenny1_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.