Debian Security Advisory

DSA-1018-2 kernel-source-2.4.27 -- several vulnerabilities

Date Reported:
24 Mar 2006
Affected Packages:
kernel-source-2.4.27
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2004-0887, CVE-2004-1058, CVE-2004-2607, CVE-2005-0449, CVE-2005-1761, CVE-2005-2457, CVE-2005-2555, CVE-2005-2709, CVE-2005-2973, CVE-2005-3257, CVE-2005-3783, CVE-2005-3806, CVE-2005-3848, CVE-2005-3857, CVE-2005-3858, CVE-2005-4618.
More information:

The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description:

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2004-0887

    Martin Schwidefsky discovered that the privileged instruction SACF (Set Address Space Control Fast) on the S/390 platform is not handled properly, allowing for a local user to gain root privileges.

  • CVE-2004-1058

    A race condition allows for a local user to read the environment variables of another process that is still spawning through /proc/.../cmdline.

  • CVE-2004-2607

    A numeric casting discrepancy in sdla_xfer allows local users to read portions of kernel memory via a large len argument which is received as an int but cast to a short, preventing read loop from filling a buffer.

  • CVE-2005-0449

    An error in the skb_checksum_help() function from the netfilter framework has been discovered that allows the bypass of packet filter rules or a denial of service attack.

  • CVE-2005-1761

    A vulnerability in the ptrace subsystem of the IA-64 architecture can allow local attackers to overwrite kernel memory and crash the kernel.

  • CVE-2005-2457

    Tim Yamin discovered that insufficient input validation in the compressed ISO file system (zisofs) allows a denial of service attack through maliciously crafted ISO images.

  • CVE-2005-2555

    Herbert Xu discovered that the setsockopt() function was not restricted to users/processes with the CAP_NET_ADMIN capability. This allows attackers to manipulate IPSEC policies or initiate a denial of service attack.

  • CVE-2005-2709

    Al Viro discovered a race condition in the /proc handling of network devices. A (local) attacker could exploit the stale reference after interface shutdown to cause a denial of service or possibly execute code in kernel mode.

  • CVE-2005-2973

    Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code can be forced into an endless loop, which allows a denial of service attack.

  • CVE-2005-3257

    Rudolf Polzer discovered that the kernel improperly restricts access to the KDSKBSENT ioctl, which can possibly lead to privilege escalation.

  • CVE-2005-3783

    The ptrace code using CLONE_THREAD didn't use the thread group ID to determine whether the caller is attaching to itself, which allows a denial of service attack.

  • CVE-2005-3806

    Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable, which could lead to memory corruption and denial of service.

  • CVE-2005-3848

    Ollie Wild discovered a memory leak in the icmp_push_reply() function, which allows denial of service through memory consumption.

  • CVE-2005-3857

    Chris Wright discovered that excessive allocation of broken file lock leases in the VFS layer can exhaust memory and fill up the system logging, which allows denial of service.

  • CVE-2005-3858

    Patrick McHardy discovered a memory leak in the ip6_input_finish() function from the IPv6 code, which allows denial of service.

  • CVE-2005-4618

    Yi Ying discovered that sysctl does not properly enforce the size of a buffer, which allows a denial of service attack.

The following matrix explains which kernel version for which architecture fix the problems mentioned above:

Debian 3.1 (sarge)
Source 2.4.27-10sarge2
Alpha architecture 2.4.27-10sarge2
ARM architecture 2.4.27-2sarge2
Intel IA-32 architecture 2.4.27-10sarge2
Intel IA-64 architecture 2.4.27-10sarge2
Motorola 680x0 architecture 2.4.27-3sarge2
Big endian MIPS architecture 2.4.27-10.sarge1.040815-2
Little endian MIPS architecture2.4.27-10.sarge1.040815-2
PowerPC architecture 2.4.27-10sarge2
IBM S/390 architecture 2.4.27-2sarge2
Sun Sparc architecture 2.4.27-9sarge2

The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update:

Debian 3.1 (sarge)
kernel-latest-2.4-alpha 101sarge1
kernel-latest-2.4-i386 101sarge1
kernel-latest-2.4-s390 2.4.27-1sarge1
kernel-latest-2.4-sparc 42sarge1
kernel-latest-powerpc 102sarge1
fai-kernels 1.9.1sarge1
i2c 1:2.9.1-1sarge1
kernel-image-speakup-i386 2.4.27-1.1sasrge1
lm-sensors 1:2.9.1-1sarge3
mindi-kernel 2.4.27-2sarge1
pcmcia-modules-2.4.27-i3863.2.5+2sarge1
systemimager 3.2.3-6sarge1

We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

This update introduces a change in the kernel's binary interface, the affected kernel packages inside Debian have been rebuilt, if you're running local addons you'll need to rebuild these as well.

Fixed in:

Debian GNU/Linux 3.1 (sarge)

Source:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2.diff.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge1.dsc
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3.dsc
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge2.dsc
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3.diff.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge2.tar.gz
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge2.dsc
http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge2.dsc
http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge1.tar.gz
http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1.diff.gz
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge2.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge2.dsc
http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge2.tar.gz
http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1.dsc
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1.orig.tar.gz
http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge2.dsc
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge2.dsc
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.dsc
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge2.040815-1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge1.dsc
http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1.orig.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge1.tar.gz
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge2.040815-1.dsc
http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge1.diff.gz
Architecture-independent component:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge2_all.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-source_2.9.1-1sarge3_all.deb
http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge1_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-source_2.9.1-1sarge1_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge2_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge2_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/i/i2c/kernel-patch-2.4-i2c_2.9.1-1sarge1_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge2_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge1_all.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/kernel-patch-2.4-lm-sensors_2.9.1-1sarge3_all.deb
Alpha:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-smp_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-generic_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-generic_101sarge1_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-3_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge2_alpha.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-smp_101sarge1_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge2_arm.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge2_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k6_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k6_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-386_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-586tsc_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686-smp_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-586tsc_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686-smp_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-386_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-586tsc_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-386_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge1_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-386_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-386_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k6_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-586tsc_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-586tsc_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-386_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686-smp_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7-smp_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k6_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-586tsc_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k6_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k6_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686-smp_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-3_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7-smp_2.9.1-1sarge3_i386.deb
http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7_2.9.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7_101sarge1_i386.deb
http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7-smp_3.2.5+2sarge1_i386.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge2_i386.deb
http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge3_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-3_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge2_ia64.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge2_ia64.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge2_m68k.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge2_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge2.040815-1_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge2.040815-1_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge2.040815-1_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge2.040815-1_mips.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge2.040815-1_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge2.040815-1_mipsel.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge2.040815-1_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge2_powerpc.deb
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge2_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390x_2.4.27-1sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390_2.4.27-1sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-3_2.4.27-2sarge2_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-headers-2.4-s390_2.4.27-1sarge1_s390.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge2_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64-smp_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-3_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32-smp_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32-smp_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge2_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64-smp_42sarge1_sparc.deb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge2_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

MD5 checksums of the listed files are available in the revised advisory.