Debian Security Advisory
DSA-2126-1 linux-2.6 -- privilege escalation/denial of service/information leak
- Date Reported:
- 26 Nov 2010
- Affected Packages:
- linux-2.6
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2010-2963, CVE-2010-3067, CVE-2010-3296, CVE-2010-3297, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3448, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4164.
- More information:
-
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:
- CVE-2010-2963
Kees Cook discovered an issue in the v4l 32-bit compatibility layer for 64-bit systems that allows local users with /dev/video write permission to overwrite arbitrary kernel memory, potentially leading to a privilege escalation. On Debian systems, access to /dev/video devices is restricted to members of the 'video' group by default.
- CVE-2010-3067
Tavis Ormandy discovered an issue in the io_submit system call. Local users can cause an integer overflow resulting in a denial of service.
- CVE-2010-3296
Dan Rosenberg discovered an issue in the cxgb network driver that allows unprivileged users to obtain the contents of sensitive kernel memory.
- CVE-2010-3297
Dan Rosenberg discovered an issue in the eql network driver that allows local users to obtain the contents of sensitive kernel memory.
- CVE-2010-3310
Dan Rosenberg discovered an issue in the ROSE socket implementation. On systems with a rose device, local users can cause a denial of service (kernel memory corruption).
- CVE-2010-3432
Thomas Dreibholz discovered an issue in the SCTP protocol that permits a remote user to cause a denial of service (kernel panic).
- CVE-2010-3437
Dan Rosenberg discovered an issue in the pktcdvd driver. Local users with permission to open /dev/pktcdvd/control can obtain the contents of sensitive kernel memory or cause a denial of service. By default on Debian systems, this access is restricted to members of the group 'cdrom'.
- CVE-2010-3442
Dan Rosenberg discovered an issue in the ALSA sound system. Local users with permission to open /dev/snd/controlC0 can create an integer overflow condition that causes a denial of service. By default on Debian systems, this access is restricted to members of the group 'audio'.
- CVE-2010-3448
Dan Jacobson reported an issue in the thinkpad-acpi driver. On certain Thinkpad systems, local users can cause a denial of service (X.org crash) by reading /proc/acpi/ibm/video.
- CVE-2010-3477
Jeff Mahoney discovered an issue in the Traffic Policing (act_police) module that allows local users to obtain the contents of sensitive kernel memory.
- CVE-2010-3705
Dan Rosenberg reported an issue in the HMAC processing code in the SCTP protocol that allows remote users to create a denial of service (memory corruption).
- CVE-2010-3848
Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a stack overflow condition with large msg->msgiovlen values that can result in a denial of service or privilege escalation.
- CVE-2010-3849
Nelson Elhage discovered an issue in the Econet protocol. Local users can cause a denial of service (oops) if a NULL remote addr value is passed as a parameter to sendmsg().
- CVE-2010-3850
Nelson Elhage discovered an issue in the Econet protocol. Local users can assign econet addresses to arbitrary interfaces due to a missing capabilities check.
- CVE-2010-3858
Brad Spengler reported an issue in the setup_arg_pages() function. Due to a bounds-checking failure, local users can create a denial of service (kernel oops).
- CVE-2010-3859
Dan Rosenberg reported an issue in the TIPC protocol. When the tipc module is loaded, local users can gain elevated privileges via the sendmsg() system call.
- CVE-2010-3873
Dan Rosenberg reported an issue in the X.25 network protocol. Local users can cause heap corruption, resulting in a denial of service (kernel panic).
- CVE-2010-3874
Dan Rosenberg discovered an issue in the Control Area Network (CAN) subsystem on 64-bit systems. Local users may be able to cause a denial of service (heap corruption).
- CVE-2010-3875
Vasiliy Kulikov discovered an issue in the AX.25 protocol. Local users can obtain the contents of sensitive kernel memory.
- CVE-2010-3876
Vasiliy Kulikov discovered an issue in the Packet protocol. Local users can obtain the contents of sensitive kernel memory.
- CVE-2010-3877
Vasiliy Kulikov discovered an issue in the TIPC protocol. Local users can obtain the contents of sensitive kernel memory.
- CVE-2010-3880
Nelson Elhage discovered an issue in the INET_DIAG subsystem. Local users can cause the kernel to execute unaudited INET_DIAG bytecode, resulting in a denial of service.
- CVE-2010-4072
Kees Cook discovered an issue in the System V shared memory subsystem. Local users can obtain the contents of sensitive kernel memory.
- CVE-2010-4073
Dan Rosenberg discovered an issue in the System V shared memory subsystem. Local users on 64-bit system can obtain the contents of sensitive kernel memory via the 32-bit compatible semctl() system call.
- CVE-2010-4074
Dan Rosenberg reported issues in the mos7720 and mos7840 drivers for USB serial converter devices. Local users with access to these devices can obtain the contents of sensitive kernel memory.
- CVE-2010-4078
Dan Rosenberg reported an issue in the framebuffer driver for SiS graphics chipsets (sisfb). Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.
- CVE-2010-4079
Dan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge PVR-350 card. Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.
- CVE-2010-4080
Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.
- CVE-2010-4081
Dan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP MADI audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.
- CVE-2010-4083
Dan Rosenberg discovered an issue in the semctl system call. Local users can obtain the contents of sensitive kernel memory through usage of the semid_ds structure.
- CVE-2010-4164
Dan Rosenberg discovered an issue in the X.25 network protocol. Remote users can achieve a denial of service (infinite loop) by taking advantage of an integer underflow in the facility parsing code.
For the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny1.
We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 5.0 (lenny) user-mode-linux 2.6.26-1um-2+26lenny1 - CVE-2010-2963
- Fixed in:
-
Debian GNU/Linux 5.0 (lenny)
- Source:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.dsc
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-26lenny1.diff.gz
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
- Architecture-independent component:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-26lenny1_all.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-26lenny1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-26lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-26lenny1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-26lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-26lenny1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-26lenny1_arm.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_arm.deb
- ARM EABI:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-26lenny1_armel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-26lenny1_armel.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-26lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-26lenny1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-26lenny1_i386.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-26lenny1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-26lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-26lenny1_ia64.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-26lenny1_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-26lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-26lenny1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-26lenny1_s390.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-26lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-26lenny1_sparc.deb
MD5 checksums of the listed files are available in the original advisory.