USN-47-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-47-1

23rd December, 2004

linux-source-2.6.8.1 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 4.10

Details

Georgi Guninski discovered two Denial of Service vulnerabilities in
the Linux kernel.

An integer overflow in the vc_resize() function caused the memory
allocation for the new screen being too short, thus causing a buffer
overflow and a kernel crash.

There was also a memory leak in the ip_options_get() function. Calling
ip_cmsg_send() very often would gradually exhaust memory.

Note: The original advisory (see URL above) also mentions a
"ip_options_get integer overflow". This was already fixed in USN-38-1
(known as CAN-2004-1016).

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 4.10:: linux-image-2.6.8.1-4-amd64-k8; linux-image-2.6.8.1-4-amd64-generic; linux-image-2.6.8.1-4-386; linux-image-2.6.8.1-4-powerpc; linux-image-2.6.8.1-4-k7-smp; linux-image-2.6.8.1-4-amd64-xeon; linux-image-2.6.8.1-4-k7; linux-image-2.6.8.1-4-686; linux-image-2.6.8.1-4-power4; linux-image-2.6.8.1-4-power4-smp; linux-image-2.6.8.1-4-686-smp; linux-image-2.6.8.1-4-power3-smp; linux-image-2.6.8.1-4-powerpc-smp; linux-image-2.6.8.1-4-power3; linux-image-2.6.8.1-4-amd64-k8-smp

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

None

References

http://lists.netsys.com/pipermail/full-disclosure/2004-December/030011.html