USN-819-1: Linux kernel vulnerability

Ubuntu Security Notice USN-819-1

18th August, 2009

linux, linux-source-2.6.15 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Software description

  • linux
  • linux-source-2.6.15

Details

Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly
initialize certain socket operation function pointers. A local attacker
could exploit this to gain root privileges. By default, Ubuntu 8.04
and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not
vulnerable.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 9.04:
linux-image-2.6.28-15-versatile 2.6.28-15.49
linux-image-2.6.28-15-generic 2.6.28-15.49
linux-image-2.6.28-15-lpia 2.6.28-15.49
linux-image-2.6.28-15-server 2.6.28-15.49
linux-image-2.6.28-15-ixp4xx 2.6.28-15.49
linux-image-2.6.28-15-virtual 2.6.28-15.49
linux-image-2.6.28-15-iop32x 2.6.28-15.49
linux-image-2.6.28-15-imx51 2.6.28-15.49
Ubuntu 8.10:
linux-image-2.6.27-14-generic 2.6.27-14.39
linux-image-2.6.27-14-server 2.6.27-14.39
linux-image-2.6.27-14-virtual 2.6.27-14.39
Ubuntu 8.04 LTS:
linux-image-2.6.24-24-sparc64 2.6.24-24.59
linux-image-2.6.24-24-server 2.6.24-24.59
linux-image-2.6.24-24-itanium 2.6.24-24.59
linux-image-2.6.24-24-lpiacompat 2.6.24-24.59
linux-image-2.6.24-24-hppa64 2.6.24-24.59
linux-image-2.6.24-24-virtual 2.6.24-24.59
linux-image-2.6.24-24-powerpc64-smp 2.6.24-24.59
linux-image-2.6.24-24-386 2.6.24-24.59
linux-image-2.6.24-24-generic 2.6.24-24.59
linux-image-2.6.24-24-xen 2.6.24-24.59
linux-image-2.6.24-24-powerpc-smp 2.6.24-24.59
linux-image-2.6.24-24-rt 2.6.24-24.59
linux-image-2.6.24-24-hppa32 2.6.24-24.59
linux-image-2.6.24-24-lpia 2.6.24-24.59
linux-image-2.6.24-24-mckinley 2.6.24-24.59
linux-image-2.6.24-24-sparc64-smp 2.6.24-24.59
linux-image-2.6.24-24-powerpc 2.6.24-24.59
linux-image-2.6.24-24-openvz 2.6.24-24.59
Ubuntu 6.06 LTS:
linux-image-2.6.15-54-hppa64 2.6.15-54.79
linux-image-2.6.15-54-hppa32-smp 2.6.15-54.79
linux-image-2.6.15-54-server-bigiron 2.6.15-54.79
linux-image-2.6.15-54-amd64-generic 2.6.15-54.79
linux-image-2.6.15-54-itanium 2.6.15-54.79
linux-image-2.6.15-54-k7 2.6.15-54.79
linux-image-2.6.15-54-powerpc-smp 2.6.15-54.79
linux-image-2.6.15-54-server 2.6.15-54.79
linux-image-2.6.15-54-amd64-server 2.6.15-54.79
linux-image-2.6.15-54-sparc64-smp 2.6.15-54.79
linux-image-2.6.15-54-sparc64 2.6.15-54.79
linux-image-2.6.15-54-mckinley-smp 2.6.15-54.79
linux-image-2.6.15-54-amd64-k8 2.6.15-54.79
linux-image-2.6.15-54-386 2.6.15-54.79
linux-image-2.6.15-54-mckinley 2.6.15-54.79
linux-image-2.6.15-54-hppa32 2.6.15-54.79
linux-image-2.6.15-54-amd64-xeon 2.6.15-54.79
linux-image-2.6.15-54-powerpc 2.6.15-54.79
linux-image-2.6.15-54-powerpc64-smp 2.6.15-54.79
linux-image-2.6.15-54-itanium-smp 2.6.15-54.79
linux-image-2.6.15-54-686 2.6.15-54.79
linux-image-2.6.15-54-hppa64-smp 2.6.15-54.79

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

References

CVE-2009-2692