USN-347-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-347-1

18th September, 2006

linux-source-2.6.10/-2.6.12/-2.6.15 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 6.06 LTS
  • Ubuntu 5.10
  • Ubuntu 5.04

Details

Sridhar Samudrala discovered a local Denial of Service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)

Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 6.06 LTS:
linux-image-2.6.15-27-itanium-smp 2.6.15-27.48
linux-image-2.6.15-27-hppa64-smp 2.6.15-27.48
linux-image-2.6.15-27-mckinley-smp 2.6.15-27.48
linux-image-2.6.15-27-386 2.6.15-27.48
linux-image-2.6.15-27-powerpc 2.6.15-27.48
linux-image-2.6.15-27-amd64-server 2.6.15-27.48
linux-image-2.6.15-27-amd64-xeon 2.6.15-27.48
linux-source-2.6.15 2.6.15-27.48
linux-image-2.6.15-27-k7 2.6.15-27.48
linux-image-2.6.15-27-mckinley 2.6.15-27.48
linux-image-2.6.15-27-686 2.6.15-27.48
linux-image-2.6.15-27-itanium 2.6.15-27.48
linux-image-2.6.15-27-hppa32 2.6.15-27.48
linux-image-2.6.15-27-hppa32-smp 2.6.15-27.48
linux-image-2.6.15-27-powerpc-smp 2.6.15-27.48
linux-image-2.6.15-27-amd64-generic 2.6.15-27.48
linux-image-2.6.15-27-sparc64 2.6.15-27.48
linux-image-2.6.15-27-hppa64 2.6.15-27.48
linux-image-2.6.15-27-server-bigiron 2.6.15-27.48
linux-image-2.6.15-27-powerpc64-smp 2.6.15-27.48
linux-image-2.6.15-27-server 2.6.15-27.48
linux-image-2.6.15-27-amd64-k8 2.6.15-27.48
linux-image-2.6.15-27-sparc64-smp 2.6.15-27.48
Ubuntu 5.10:
linux-image-2.6.12-10-powerpc-smp 2.6.12-10.40
linux-patch-ubuntu-2.6.12 2.6.12-10.40
linux-image-2.6.12-10-hppa32 2.6.12-10.40
linux-image-2.6.12-10-itanium-smp 2.6.12-10.40
linux-image-2.6.12-10-sparc64 2.6.12-10.40
linux-image-2.6.12-10-powerpc64-smp 2.6.12-10.40
linux-image-2.6.12-10-hppa64-smp 2.6.12-10.40
linux-image-2.6.12-10-amd64-generic 2.6.12-10.40
linux-image-2.6.12-10-iseries-smp 2.6.12-10.40
linux-image-2.6.12-10-k7-smp 2.6.12-10.40
linux-image-2.6.12-10-amd64-xeon 2.6.12-10.40
linux-image-2.6.12-10-itanium 2.6.12-10.40
linux-image-2.6.12-10-hppa32-smp 2.6.12-10.40
linux-image-2.6.12-10-powerpc 2.6.12-10.40
linux-image-2.6.12-10-mckinley 2.6.12-10.40
linux-image-2.6.12-10-sparc64-smp 2.6.12-10.40
linux-image-2.6.12-10-hppa64 2.6.12-10.40
linux-image-2.6.12-10-amd64-k8-smp 2.6.12-10.40
linux-image-2.6.12-10-686 2.6.12-10.40
linux-image-2.6.12-10-686-smp 2.6.12-10.40
linux-image-2.6.12-10-k7 2.6.12-10.40
linux-image-2.6.12-10-mckinley-smp 2.6.12-10.40
linux-image-2.6.12-10-386 2.6.12-10.40
linux-image-2.6.12-10-amd64-k8 2.6.12-10.40
Ubuntu 5.04:
linux-patch-ubuntu-2.6.10 2.6.10-34.24
linux-image-2.6.10-6-686 2.6.10-34.24
linux-image-2.6.10-6-powerpc 2.6.10-34.24
linux-image-2.6.10-6-itanium 2.6.10-34.24
linux-image-2.6.10-6-power4-smp 2.6.10-34.24
linux-image-2.6.10-6-sparc64-smp 2.6.10-34.24
linux-image-2.6.10-6-hppa64-smp 2.6.10-34.24
linux-image-2.6.10-6-power3-smp 2.6.10-34.24
linux-image-2.6.10-6-hppa32-smp 2.6.10-34.24
linux-image-2.6.10-6-386 2.6.10-34.24
linux-image-2.6.10-6-hppa32 2.6.10-34.24
linux-image-2.6.10-6-sparc64 2.6.10-34.24
linux-image-2.6.10-6-hppa64 2.6.10-34.24
linux-image-2.6.10-6-amd64-xeon 2.6.10-34.24
linux-image-2.6.10-6-itanium-smp 2.6.10-34.24
linux-image-2.6.10-6-powerpc-smp 2.6.10-34.24
linux-image-2.6.10-6-k7-smp 2.6.10-34.24
linux-image-2.6.10-6-power3 2.6.10-34.24
linux-image-2.6.10-6-k7 2.6.10-34.24
linux-image-2.6.10-6-power4 2.6.10-34.24
linux-image-2.6.10-6-mckinley 2.6.10-34.24
linux-image-2.6.10-6-686-smp 2.6.10-34.24
linux-image-2.6.10-6-amd64-k8-smp 2.6.10-34.24
linux-image-2.6.10-6-amd64-generic 2.6.10-34.24
linux-image-2.6.10-6-amd64-k8 2.6.10-34.24
linux-image-2.6.10-6-mckinley-smp 2.6.10-34.24

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

ATTENTION: Due to an unavoidable ABI change the Ubuntu 6.06 kernel
update has been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might have
installed. If you use linux-restricted-modules, you have to update
that package as well to get modules which work with the new kernel
version. Unless you manually uninstalled the standard kernel
metapackages (linux-386, linux-powerpc, linux-amd64-generic), a
standard system upgrade will automatically perform this as well.

References

CVE-2006-4535, CVE-2006-4538