Patch  oval:org.mitre.oval:def:8130
DSA-1504 kernel-source-2.6.8 -- several vulnerabilities  

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted cramfs filesystem. LMH reported a potential local DoS which could be exploited by a malicious user with the privileges to mount and read a corrupted ext2 filesystem. LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem. OpenVZ Linux kernel team reported an issue in the smbfs filesystem which can be exploited by local users to cause a DoS (oops) during mount. Ilja van Sprundel discovered that kernel memory could be leaked via the Bluetooth setsockopt call due to an uninitialised stack buffer. This could be used by local attackers to read the contents of sensitive kernel memory. Thomas Graf reported a typo in the DECnet protocol handler that could be used by a local attacker to overrun an array via crafted packets, potentially resulting in a Denial of Service (system crash). A similar issue exists in the IPV4 protocol handler and will be fixed in a subsequent update. Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused by releasing a socket before PPPIOCGCHAN is called upon it. This could be used by a local user to DoS a system by consuming all available memory. The PaX Team discovered a potential buffer overflow in the random number generator which may permit local users to cause a denial of service or gain additional privileges. This issue is not believed to effect default Debian installations where only root has sufficient privileges to exploit it. Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages. Steve French reported that CIFS filesystems with CAP_UNIX enabled were not honoring a process umask, which may lead to unintentionally relaxed permissions. Wojciech Purczynski discovered that pdeath_signal was not being reset properly under certain conditions, which may allow local users to gain privileges by sending arbitrary signals to suid binaries. Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs. A misconversion of hugetlb_vmtruncate_list to prio_tree may allow local users to trigger a BUG_ON() call in exit_mmap. Alan Cox reported an issue in the aacraid driver that allows unprivileged local users to make ioctl calls which should be restricted to admin privileges. Wojciech Purczynski discovered a vulnerability that can be exploited by a local user to obtain superuser privileges on x86_64 systems. This resulted from improper clearing of the high bits of registers during ia32 system call emulation. This vulnerability is relevant to the Debian amd64 port as well as users of the i386 port who run the amd64 linux-image flavour. Alex Smith discovered an issue with the pwc driver for certain webcam devices. If the device is removed while a userspace application has it open, the driver will wait for userspace to close the device, resulting in a blocked USB subsystem. This issue is of low security impact as it requires the attacker to either have physical access to the system or to convince a user with local access to remove the device on their behalf. Venustech AD-LAB discovered a buffer overflow in the isdn ioctl handling, exploitable by a local user. ADLAB discovered a possible memory overrun in the ISDN subsystem that may permit a local user to overwrite kernel memory by issuing ioctls with unterminated data. Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information. Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS). Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code. The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update: We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.
Create Date: 2009-12-15 Last Update Date: 2014-06-23

Affected Platforms/Products

Affected Products (CPE + CVE references)
Platforms: unix (from OVAL definitions) Products: unix
  • Debian GNU/Linux 3.1
  • kernel-source-2.6.8

References

Total : 21 Click here to view references

Criteria

The patch should be installed
IF : All of the following are true
Prerequisites (Extended Definitions)
Debian GNU/Linux 3.1 is installed oval:org.mitre.oval:def:7692
IF : Any one of the following are true Architecture section
IF : All of the following are true Supported platform section
IF : Installed architecture is hppa
Uname Test :  Installed architecture is hppa 
At least one of the objects listed below must exist on the system (Existence check)
Unix : uname Object The single uname object.
Output of "uname -a"
processor_type (equals) hppa
processor_type is hppa unix : uname_state 
IF : Any one of the following are true Packages section
IF : kernel-headers-2.6.8-4-64-smp is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4-64-smp is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4-64-smp package information
kernel-headers-2.6.8-4-64-smp
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-32 is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-32 is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-32 package information
kernel-image-2.6.8-4-32
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-4-32-smp is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4-32-smp is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4-32-smp package information
kernel-headers-2.6.8-4-32-smp
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-32-smp is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-32-smp is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-32-smp package information
kernel-image-2.6.8-4-32-smp
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-4-32 is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4-32 is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4-32 package information
kernel-headers-2.6.8-4-32
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-64-smp is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-64-smp is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-64-smp package information
kernel-image-2.6.8-4-64-smp
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-4-64 is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4-64 is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4-64 package information
kernel-headers-2.6.8-4-64
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-4 is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4 is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4 package information
kernel-headers-2.6.8-4
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-64 is earlier than 2.6.8-7sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-64 is earlier than 2.6.8-7sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-64 package information
kernel-image-2.6.8-4-64
RPM Version less than 0:2.6.8-7sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : All of the following are true Architecture dependent section
IF : Any one of the following are true Packages section
IF : kernel-headers-2.6.8-13 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13 package information
kernel-headers-2.6.8-13
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-13-em64t-p4 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-13-em64t-p4 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-13-em64t-p4 package information
kernel-image-2.6.8-13-em64t-p4
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-13-amd64-generic is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-13-amd64-generic is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-13-amd64-generic package information
kernel-image-2.6.8-13-amd64-generic
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-13-amd64-k8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-13-amd64-k8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-13-amd64-k8 package information
kernel-image-2.6.8-13-amd64-k8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-13-amd64-k8-smp is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-13-amd64-k8-smp is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-13-amd64-k8-smp package information
kernel-image-2.6.8-13-amd64-k8-smp
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-13-em64t-p4 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13-em64t-p4 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13-em64t-p4 package information
kernel-headers-2.6.8-13-em64t-p4
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-13-amd64-generic is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13-amd64-generic is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13-amd64-generic package information
kernel-headers-2.6.8-13-amd64-generic
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-13-em64t-p4-smp is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-13-em64t-p4-smp is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-13-em64t-p4-smp package information
kernel-image-2.6.8-13-em64t-p4-smp
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-13-em64t-p4-smp is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13-em64t-p4-smp is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13-em64t-p4-smp package information
kernel-headers-2.6.8-13-em64t-p4-smp
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-13-amd64-k8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13-amd64-k8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13-amd64-k8 package information
kernel-headers-2.6.8-13-amd64-k8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-13-amd64-k8-smp is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-13-amd64-k8-smp is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-13-amd64-k8-smp package information
kernel-headers-2.6.8-13-amd64-k8-smp
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : Any one of the following are true Supported architectures section
IF : Installed architecture is i386
Uname Test :  Installed architecture is i386 
At least one of the objects listed below must exist on the system (Existence check)
Unix : uname Object The single uname object.
Output of "uname -a"
processor_type (equals) i686
processor_type is i686 unix : uname_state 
IF : Installed architecture is amd64
Uname Test :  Installed architecture is amd64 
At least one of the objects listed below must exist on the system (Existence check)
Unix : uname Object The single uname object.
Output of "uname -a"
processor_type (equals) x86-64
processor_type is x86-64 unix : uname_state 
IF : All of the following are true Architecture dependent section
IF : Installed architecture is s390
Uname Test :  Installed architecture is s390 
At least one of the objects listed below must exist on the system (Existence check)
Unix : uname Object The single uname object.
Output of "uname -a"
processor_type (equals) s390x
processor_type is s390x unix : uname_state 
IF : Any one of the following are true Packages section
IF : kernel-image-2.6.8-4-s390-tape is earlier than 2.6.8-6sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-s390-tape is earlier than 2.6.8-6sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-s390-tape package information
kernel-image-2.6.8-4-s390-tape
RPM Version less than 0:2.6.8-6sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-s390 is earlier than 2.6.8-6sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-s390 is earlier than 2.6.8-6sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-s390 package information
kernel-image-2.6.8-4-s390
RPM Version less than 0:2.6.8-6sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-headers-2.6.8-4 is earlier than 2.6.8-6sarge1
Linux : Debian DPKG Test :  kernel-headers-2.6.8-4 is earlier than 2.6.8-6sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-headers-2.6.8-4 package information
kernel-headers-2.6.8-4
RPM Version less than 0:2.6.8-6sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-image-2.6.8-4-s390x is earlier than 2.6.8-6sarge1
Linux : Debian DPKG Test :  kernel-image-2.6.8-4-s390x is earlier than 2.6.8-6sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-image-2.6.8-4-s390x package information
kernel-image-2.6.8-4-s390x
RPM Version less than 0:2.6.8-6sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : All of the following are true Architecture independent section
IF : Installed architecture is all
Uname Test :  Installed architecture is all 
At least one of the objects listed below must exist on the system (Existence check)
Unix : uname Object The single uname object.
Output of "uname -a"
IF : Any one of the following are true Packages section
IF : kernel-patch-2.6.8-s390 is earlier than 2.6.8-6sarge1
Linux : Debian DPKG Test :  kernel-patch-2.6.8-s390 is earlier than 2.6.8-6sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-patch-2.6.8-s390 package information
kernel-patch-2.6.8-s390
RPM Version less than 0:2.6.8-6sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-tree-2.6.8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-tree-2.6.8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-tree-2.6.8 package information
kernel-tree-2.6.8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-doc-2.6.8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-doc-2.6.8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-doc-2.6.8 package information
kernel-doc-2.6.8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-patch-debian-2.6.8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-patch-debian-2.6.8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-patch-debian-2.6.8 package information
kernel-patch-debian-2.6.8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 
IF : kernel-source-2.6.8 is earlier than 2.6.8-17sarge1
Linux : Debian DPKG Test :  kernel-source-2.6.8 is earlier than 2.6.8-17sarge1 
At least one of the objects listed below must exist on the system (Existence check)
Linux : Debian DPKG Package kernel-source-2.6.8 package information
kernel-source-2.6.8
RPM Version less than 0:2.6.8-17sarge1 (datatype=evr_string)
linux : dpkginfo_state 

Quick Help

evr_string datatype
Represents epoch, version, and release number as a single version string
Other Help Topics
Data Types
What is an Object?
What is a State?
What is a Test?
Other Help Topics
Regular Expression Patterns
Some object or state definitions are defined as regular expression patterns, you should interpret the regexp pattern while evaluating them.

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html