CVE-2006-0554
CVSS1.7
发布时间 :2006-03-06 21:02:00
修订时间 :2011-03-07 21:30:17
NMCOPS    

[原文]Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data.


[CNNVD]Linux 核心 XFS文件系统本地信息泄露漏洞(CNNVD-200603-050)

        Linux Kernel是开放源码操作系统Linux所使用的内核。
        Linux Kernel的XFS "ftruncate()"函数中存在信息泄露漏洞。本地攻击者可以通过特制的XFS ftruncate调用将磁盘上的敏感信息返回给用户。

- CVSS (基础分值)

CVSS分值: 1.7 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12.2Linux Kernel 2.6.12.2
cpe:/o:linux:linux_kernel:2.6.0:test2Linux Kernel 2.6 test2
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4
cpe:/o:linux:linux_kernel:2.6.15:rc4Linux Kernel 2.6.15 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc4Linux Kernel 2.6.14 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8
cpe:/o:linux:linux_kernel:2.6.11.6Linux Kernel 2.6.11.6
cpe:/o:linux:linux_kernel:2.6.8.1.5::686
cpe:/o:linux:linux_kernel:2.6.0:test1Linux Kernel 2.6 test1
cpe:/o:linux:linux_kernel:2.6.14.2Linux Kernel 2.6.14.2
cpe:/o:linux:linux_kernel:2.6.11Linux Kernel 2.6.11
cpe:/o:linux:linux_kernel:2.6.0:test11Linux Kernel 2.6 test11
cpe:/o:linux:linux_kernel:2.6.13:rc1Linux Kernel 2.6.13 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.9:2.6.20
cpe:/o:linux:linux_kernel:2.6.0:test6Linux Kernel 2.6 test6
cpe:/o:linux:linux_kernel:2.6.13:rc7Linux Kernel 2.6.13 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.6.11.3Linux Kernel 2.6.11.3
cpe:/o:linux:linux_kernel:2.6.13:rc4Linux Kernel 2.6.13 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.15:rc1Linux Kernel 2.6.15 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12:rc4Linux Kernel 2.6.12 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64
cpe:/o:linux:linux_kernel:2.6.11.9Linux Kernel 2.6.11.9
cpe:/o:linux:linux_kernel:2.6.12.1Linux Kernel 2.6.12.1
cpe:/o:linux:linux_kernel:2.6.0::64-bit_x86
cpe:/o:linux:linux_kernel:2.6.8:rc3Linux Kernel 2.6.8 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3_smp
cpe:/o:linux:linux_kernel:2.6.12:rc1Linux Kernel 2.6.12 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.14.4Linux Kernel 2.6.14.4
cpe:/o:linux:linux_kernel:2.6.1:rc1Linux Kernel 2.6.1 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.1:rc2Linux Kernel 2.6.1 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11.2Linux Kernel 2.6.11.2
cpe:/o:linux:linux_kernel:2.6.0:test4Linux Kernel 2.6 test4
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.6.12.3Linux Kernel 2.6.12.3
cpe:/o:linux:linux_kernel:2.6.11.4Linux Kernel 2.6.11.4
cpe:/o:linux:linux_kernel:2.6.6:rc1Linux Kernel 2.6.6 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.11.12Linux Kernel 2.6.11.12
cpe:/o:linux:linux_kernel:2.6.3Linux Kernel 2.6.3
cpe:/o:linux:linux_kernel:2.6.0:test8Linux Kernel 2.6 test8
cpe:/o:linux:linux_kernel:2.6.0:test10Linux Kernel 2.6 test10
cpe:/o:linux:linux_kernel:2.6.11:rc2Linux Kernel 2.6.11 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.15:rc5Linux Kernel 2.6.15 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.15:rc7Linux Kernel 2.6.15 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.13.3Linux Kernel 2.6.13.3
cpe:/o:linux:linux_kernel:2.6.7:rc1Linux Kernel 2.6.7 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.15:rc3Linux Kernel 2.6.15 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.0:test9Linux Kernel 2.6 test9
cpe:/o:linux:linux_kernel:2.6.0:test5Linux Kernel 2.6 test5
cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6
cpe:/o:linux:linux_kernel:2.6.13.2Linux Kernel 2.6.13.2
cpe:/o:linux:linux_kernel:2.6.14:rc3Linux Kernel 2.6.14 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.12Linux Kernel 2.6.12
cpe:/o:linux:linux_kernel:2.6.11:rc3Linux Kernel 2.6.11 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1Linux Kernel 2.6.8.1
cpe:/o:linux:linux_kernel:2.6.11:rc4Linux Kernel 2.6.11 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc1Linux Kernel 2.6.14 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.0:test7Linux Kernel 2.6 test7
cpe:/o:linux:linux_kernel:2.6.13.1Linux Kernel 2.6.13.1
cpe:/o:linux:linux_kernel:2.6.12:rc5Linux Kernel 2.6.12 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8_smp
cpe:/o:linux:linux_kernel:2.6.8.1.5::686_smp
cpe:/o:linux:linux_kernel:2.6.12.5Linux Kernel 2.6.12.5
cpe:/o:linux:linux_kernel:2.6.15:rc6Linux Kernel 2.6.15 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.13.4Linux Kernel 2.6.13.4
cpe:/o:linux:linux_kernel:2.6.5Linux Kernel 2.6.5
cpe:/o:linux:linux_kernel:2.6.7Linux Kernel 2.6.7
cpe:/o:linux:linux_kernel:2.6.12.6Linux Kernel 2.6.12.6
cpe:/o:linux:linux_kernel:2.6.11:rc1Linux Kernel 2.6.11 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12.4Linux Kernel 2.6.12.4
cpe:/o:linux:linux_kernel:2.6.14:rc2Linux Kernel 2.6.14 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_xeon
cpe:/o:linux:linux_kernel:2.6.11.8Linux Kernel 2.6.11.8
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7_smp
cpe:/o:linux:linux_kernel:2.6.4Linux Kernel 2.6.4
cpe:/o:linux:linux_kernel:2.6.8.1.5::386
cpe:/o:linux:linux_kernel:2.6.13Linux Kernel 2.6.13
cpe:/o:linux:linux_kernel:2.6.8:rc2Linux Kernel 2.6.8 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11.5Linux Kernel 2.6.11.5
cpe:/o:linux:linux_kernel:2.6.10:rc2Linux Kernel 2.6.10 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc_smp
cpe:/o:linux:linux_kernel:2.6.0::itanium_ia64_montecito
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4_smp
cpe:/o:linux:linux_kernel:2.6.8.1.5
cpe:/o:linux:linux_kernel:2.6.8:rc1Linux Kernel 2.6.8 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.11.11Linux Kernel 2.6.11.11
cpe:/o:linux:linux_kernel:2.6.11.7Linux Kernel 2.6.11.7
cpe:/o:linux:linux_kernel:2.6.10Linux Kernel 2.6.10
cpe:/o:linux:linux_kernel:2.6.14Linux Kernel 2.6.14
cpe:/o:linux:linux_kernel:2.6.0:test3Linux Kernel 2.6 test3
cpe:/o:linux:linux_kernel:2.6.8Linux Kernel 2.6.8
cpe:/o:linux:linux_kernel:2.6.11.1Linux Kernel 2.6.11.1
cpe:/o:linux:linux_kernel:2.6.14.1Linux Kernel 2.6.14.1
cpe:/o:linux:linux_kernel:2.6.13:rc6Linux Kernel 2.6.13 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.14.3Linux Kernel 2.6.14.3
cpe:/o:linux:linux_kernel:2.6.6Linux Kernel 2.6.6
cpe:/o:linux:linux_kernel:2.6.11.10Linux Kernel 2.6.11.10
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0554
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0554
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200603-050
(官方数据源) CNNVD

- 其它链接及资源

http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.5
(PATCH)  CONFIRM  http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.5
http://www.vupen.com/english/advisories/2006/2554
(UNKNOWN)  VUPEN  ADV-2006-2554
http://www.vupen.com/english/advisories/2006/0804
(UNKNOWN)  VUPEN  ADV-2006-0804
http://xforce.iss.net/xforce/xfdb/24999
(UNKNOWN)  XF  kernel-ftruncate-information-disclosure(24999)
http://www.ubuntulinux.org/support/documentation/usn/usn-263-1
(UNKNOWN)  UBUNTU  USN-263-1
http://www.securityfocus.com/bid/16921
(UNKNOWN)  BID  16921
http://www.novell.com/linux/security/advisories/2006-05-31.html
(UNKNOWN)  SUSE  SUSE-SA:2006:028
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
(UNKNOWN)  MANDRIVA  MDKSA-2006:150
http://www.mandriva.com/security/advisories?name=MDKSA-2006:059
(UNKNOWN)  MANDRIVA  MDKSA-2006:059
http://www.debian.org/security/2006/dsa-1103
(UNKNOWN)  DEBIAN  DSA-1103
http://secunia.com/advisories/20914
(UNKNOWN)  SECUNIA  20914
http://secunia.com/advisories/20398
(UNKNOWN)  SECUNIA  20398
http://secunia.com/advisories/19220
(UNKNOWN)  SECUNIA  19220
http://secunia.com/advisories/19083
(UNKNOWN)  SECUNIA  19083

- 漏洞信息

Linux 核心 XFS文件系统本地信息泄露漏洞
低危 设计错误
2006-03-06 00:00:00 2006-03-07 00:00:00
本地  
        Linux Kernel是开放源码操作系统Linux所使用的内核。
        Linux Kernel的XFS "ftruncate()"函数中存在信息泄露漏洞。本地攻击者可以通过特制的XFS ftruncate调用将磁盘上的敏感信息返回给用户。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        Linux patch-2.6.15.5.bz2
        http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

- 漏洞信息 (F49474)

Mandriva Linux Security Advisory 2006.150 (PacketStormID:F49474)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,kernel,vulnerability
linux,mandriva
CVE-2006-0554,CVE-2006-0744,CVE-2006-1343,CVE-2006-1857,CVE-2006-1858,CVE-2006-1863,CVE-2006-1864,CVE-2006-2274,CVE-2006-2935,CVE-2006-2936,CVE-2006-3468,CVE-2006-3745
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-150 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:150
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : August 25, 2006
 Affected: Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 Prior to 2.6.15.5, the kerenl allowed local users to obtain sensitive
 information via a crafted XFS ftruncate call (CVE-2006-0554).
 
 Prior to 2.6.15.5, the kernel did not properly handle uncanonical
 return addresses on Intel EM64T CPUs causing the kernel exception
 handler to run on the user stack with the wrong GS (CVE-2006-0744).
 
 ip_conntrack_core.c in the 2.6 kernel, and possibly
 nf_conntrack_l3proto_ipv4.c did not clear sockaddr_in.sin_zero before
 returning IPv4 socket names from the getsockopt function with
 SO_ORIGINAL_DST, which could allow local users to obtain portions of
 potentially sensitive memory (CVE-2006-1343).
 
 Prior to 2.6.16.17, the a buffer overflow in SCTP in the kernel allowed
 remote attackers to cause a Denial of Service (crash) and possibly
 execute arbitrary code via a malformed HB-ACK chunk (CVE-2006-1857).
 
 Prior to 2.6.16.17, SCTP in the kernel allowed remote attackers to
 cause a DoS (crash) and possibly execute arbitrary code via a chunk
 length that is inconsistent with the actual length of provided
 parameters (CVE-2006-1858).
 
 Prior to 2.6.16, a directory traversal vulnerability in CIFS could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1863).
 
 Prior to 2.6.16, a directory traversal vulnerability in smbfs could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1864).
 
 Prior to 2.6.17, Linux SCTP allowed a remote attacker to cause a DoS
 (infinite recursion and crash) via a packet that contains two or more
 DATA fragments, which caused an skb pointer to refer back to itself
 when the full message is reassembled, leading to an infinite recursion
 in the sctp_skb_pull function (CVE-2006-2274).
 
 The dvd_read_bca function in the DVD handling code assigns the wrong
 value to a length variable, which could allow local users to execute
 arbitrary code via a crafted USB storage device that triggers a buffer
 overflow (CVE-2006-2935).
 
 Prior to 2.6.17, the ftdi_sio driver could allow local users to cause
 a DoS (memory consumption) by writing more data to the serial port than
 the hardware can handle, causing the data to be queued (CVE-2006-2936).
 
 The 2.6 kernel, when using both NFS and EXT3, allowed remote attackers
 to cause a DoS (file system panic) via a crafted UDP packet with a V2
 lookup procedure that specifies a bad file handle (inode number),
 triggering an error and causing an exported directory to be remounted
 read-only (CVE-2006-3468).
 
 The 2.6 kernel's SCTP was found to cause system crashes and allow for
 the possibility of local privilege escalation due to a bug in the
 get_user_iov_size() function that doesn't properly handle overflow when
 calculating the length of iovec (CVE-2006-3745).
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0554
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1857
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1858
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 9d14c43145beafb4e63fe8cae758d0f6  corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 e7331f51ed5cf4edee33efcb01f49243  corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.i586.rpm
 dcb027450192d7d73f407f30d3e3e852  corporate/3.0/RPMS/kernel-enterprise-2.6.3.35mdk-1-1mdk.i586.rpm
 59f29ace5cc862c84cace5d046d6302e  corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 6b062c5059587a927f31fea04fb91a3a  corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 744287198a20913bd38b1c1d37a68bd2  corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 17780ad90f4989615baab5f115074f8a  corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 4555bac09b7ce50d83b97c47af0b2724  corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.i586.rpm
 7165754462cdfcd92c894f56623bc8b0  corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.i586.rpm
 e59db387f0642f5293dc60283832557b  corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Corporate 3.0/X86_64:
 918a70fe836d900b217f442b5208c779  x86_64/corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.x86_64.rpm
 dd1ea77b15bd07c75f5ab7caf00dbde0  x86_64/corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.x86_64.rpm
 c8964849f4142c2c51c3ddd298513753  x86_64/corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.x86_64.rpm
 7a98664c4ba5f0d50a500c1158a8fb08  x86_64/corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.x86_64.rpm
 3c4d5ca4f7a1a91d99fc182e499c9e76  x86_64/corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.x86_64.rpm
 a25c6705ba2b70c85c1c86e68cb0d3cd  x86_64/corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.x86_64.rpm
 e59db387f0642f5293dc60283832557b  x86_64/corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Multi Network Firewall 2.0:
 5cab4be7c19a67689f33f01de208879e  mnf/2.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 ee1db88c9010b3a1af0f5ea93ce86505  mnf/2.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 0e3618eec1dcb5bca817ecec7e912836  mnf/2.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 ded09245567203340c86b3ddacf21b3a  mnf/2.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 7efdc84f2748f1c2237a72ef94d90b31  mnf/2.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 d12744fdab6bf6606ed13fae69b51f50  mnf/2.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7xa9mqjQ0CJFipgRAsAAAKC/kOcYUfcUldfx8MGy87CHigyjSgCeJ/43
JsyWup/H/+NRqjHU1SGHaGc=
=8KyZ
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F47794)

Debian Linux Security Advisory 1103-1 (PacketStormID:F47794)
2006-06-27 00:00:00
Debian  debian.org
advisory,remote,denial of service,arbitrary,kernel,local,vulnerability
linux,debian
CVE-2005-3359,CVE-2006-0038,CVE-2006-0039,CVE-2006-0456,CVE-2006-0554,CVE-2006-0555,CVE-2006-0557,CVE-2006-0558,CVE-2006-0741,CVE-2006-0742,CVE-2006-0744,CVE-2006-1056,CVE-2006-1242,CVE-2006-1368,CVE-2006-1523,CVE-2006-1524,CVE-2006-1525,CVE-2006-1857
[点击下载]

Debian Security Advisory 1103-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1103-1                    security@debian.org
http://www.debian.org/security/                   Dann Frazier, Troy Heber
June 27th, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : kernel-source-2.6.8
Vulnerability  : several
Problem-Type   : local/remote
Debian-specific: no
CVE ID         : CVE-2005-3359 CVE-2006-0038 CVE-2006-0039 CVE-2006-0456
                 CVE-2006-0554 CVE-2006-0555 CVE-2006-0557 CVE-2006-0558
                 CVE-2006-0741 CVE-2006-0742 CVE-2006-0744 CVE-2006-1056
                 CVE-2006-1242 CVE-2006-1368 CVE-2006-1523 CVE-2006-1524
                 CVE-2006-1525 CVE-2006-1857 CVE-2006-1858 CVE-2006-1863
                 CVE-2006-1864 CVE-2006-2271 CVE-2006-2272 CVE-2006-2274

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2005-3359

    Franz Filz discovered that some socket calls permit causing inconsistent
    reference counts on loadable modules, which allows local users to cause
    a denial of service.
    
CVE-2006-0038

    "Solar Designer" discovered that arithmetic computations in netfilter's
    do_replace() function can lead to a buffer overflow and the execution of
    arbitrary code. However, the operation requires CAP_NET_ADMIN privileges,
    which is only an issue in virtualization systems or fine grained access
    control systems.

CVE-2006-0039

    "Solar Designer" discovered a race condition in netfilter's
    do_add_counters() function, which allows information disclosure of kernel
    memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
    privileges. 

CVE-2006-0456

    David Howells discovered that the s390 assembly version of the
    strnlen_user() function incorrectly returns some string size values.

CVE-2006-0554

    It was discovered that the ftruncate() function of XFS can expose
    unallocated, which allows information disclosure of previously deleted
    files.

CVE-2006-0555

    It was discovered that some NFS file operations on handles mounted with
    O_DIRECT can force the kernel into a crash.

CVE-2006-0557

    It was discovered that the code to configure memory policies allows
    tricking the kernel into a crash, thus allowing denial of service.

CVE-2006-0558

    It was discovered by Cliff Wickman that perfmon for the IA64
    architecture allows users to trigger a BUG() assert, which allows
    denial of service.

CVE-2006-0741

    Intel EM64T systems were discovered to be susceptible to a local
    DoS due to an endless recursive fault related to a bad elf entry
    address.

CVE-2006-0742

    Alan and Gareth discovered that the ia64 platform had an
    incorrectly declared die_if_kernel() function as "does never
    return" which could be exploited by a local attacker resulting in
    a kernel crash.

CVE-2006-0744

    The Linux kernel did not properly handle uncanonical return
    addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET
    instead of the next instruction, causing the kernel exception
    handler to run on the user stack with the wrong GS. This may result
    in a DoS due to a local user changing the frames.

CVE-2006-1056

    AMD64 machines (and other 7th and 8th generation AuthenticAMD
    processors) were found to be vulnerable to sensitive information
    leakage, due to how they handle saving and restoring the FOP, FIP,
    and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
    pending. This allows a process to determine portions of the state
    of floating point instructions of other processes.

CVE-2006-1242

    Marco Ivaldi discovered that there was an unintended information
    disclosure allowing remote attackers to bypass protections against
    Idle Scans (nmap -sI) by abusing the ID field of IP packets and
    bypassing the zero IP ID in DF packet countermeasure. This was a
    result of the ip_push_pending_frames function improperly
    incremented the IP ID field when sending a RST after receiving
    unsolicited TCP SYN-ACK packets.

CVE-2006-1368

    Shaun Tancheff discovered a buffer overflow (boundry condition
    error) in the USB Gadget RNDIS implementation allowing remote
    attackers to cause a DoS. While creating a reply message, the
    driver allocated memory for the reply data, but not for the reply
    structure. The kernel fails to properly bounds-check user-supplied
    data before copying it to an insufficiently sized memory
    buffer. Attackers could crash the system, or possibly execute
    arbitrary machine code.

CVE-2006-1523

    Oleg Nesterov reported an unsafe BUG_ON call in signal.c which was
    introduced by RCU signal handling. The BUG_ON code is protected by
    siglock while the code in switch_exit_pids() uses tasklist_lock. It
    may be possible for local users to exploit this to initiate a denial
    of service attack (DoS).

CVE-2006-1524

    Hugh Dickins discovered an issue in the madvise_remove function wherein
    file and mmap restrictions are not followed, allowing local users to
    bypass IPC permissions and replace portions of readonly tmpfs files with
    zeroes.

CVE-2006-1525

    Alexandra Kossovsky reported a NULL pointer dereference condition in
    ip_route_input() that can be triggered by a local user by requesting
    a route for a multicast IP address, resulting in a denial of service
    (panic).

CVE-2006-1857

    Vlad Yasevich reported a data validation issue in the SCTP subsystem
    that may allow a remote user to overflow a buffer using a badly formatted
    HB-ACK chunk, resulting in a denial of service.

CVE-2006-1858

    Vlad Yasevich reported a bug in the bounds checking code in the SCTP
    subsystem that may allow a remote attacker to trigger a denial of service
    attack when rounded parameter lengths are used to calculate parameter
    lengths instead of the actual values.

CVE-2006-1863

    Mark Mosely discovered that chroots residing on an CIFS share can be
    escaped with specially crafted "cd" sequences.

CVE-2006-1864

    Mark Mosely discovered that chroots residing on an SMB share can be
    escaped with specially crafted "cd" sequences.

CVE-2006-2271

    The "Mu security team" discovered that carefully crafted ECNE chunks can
    cause a kernel crash by accessing incorrect state stable entries in the
    SCTP networking subsystem, which allows denial of service.

CVE-2006-2272

    The "Mu security team" discovered that fragmented SCTP control
    chunks can trigger kernel panics, which allows for denial of
    service attacks.

CVE-2006-2274

    It was discovered that SCTP packets with two initial bundled data
    packets can lead to infinite recursion, which allows for denial of
    service attacks.


The following matrix explains which kernel version for which architecture
fix the problems mentioned above:

                                 Debian 3.1 (sarge)
     Source                      2.6.8-16sarge3
     Alpha architecture          2.6.8-16sarge3
     HP Precision architecture   2.6.8-6sarge3
     Intel IA-32 architecture    2.6.8-16sarge3
     Intel IA-64 architecture    2.6.8-14sarge3
     Motorola 680x0 architecture 2.6.8-4sarge3
     PowerPC architecture        2.6.8-12sarge3
     IBM S/390 architecture      2.6.8-5sarge3
     Sun Sparc architecture      2.6.8-15sarge3

Due to technical problems the built amd64 packages couldn't be processed
by the archive script. Once this problem is resolved, an updated DSA 1103-2
will be sent out with the checksums for amd64.

The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:

                                 Debian 3.1 (sarge)
     fai-kernels                 1.9.1sarge2

We recommend that you upgrade your kernel package immediately and reboot
the machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge3.dsc
      Size/MD5 checksum:     1002 c13d8ebcabab9477e9dbf7a5d66fa4d4
    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge3.diff.gz
      Size/MD5 checksum:  1043822 9dc3ae088c90a7be470b9436ca317fcc
    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
      Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge3.dsc
      Size/MD5 checksum:      812 822e18074a76927a0a91c83916c991bb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge3.tar.gz
      Size/MD5 checksum:    39108 45f3b6b40470a81768f113160754fdbd
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge3.dsc
      Size/MD5 checksum:     1008 6fa522a94872155497a0e057a05f8b61
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge3.tar.gz
      Size/MD5 checksum:    67361 863b56c6386182f58fda2054099e9e52
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge3.dsc
      Size/MD5 checksum:     1047 294c981159570b5253bc877ce0543b12
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge3.tar.gz
      Size/MD5 checksum:    90731 3215b0f2a0dc926db6e05b04ff5760ed
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge3.dsc
      Size/MD5 checksum:     1191 e26e2149236092d9227773a904eaed04
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge3.tar.gz
      Size/MD5 checksum:    64130 03de4cad1ccfa5ce38f5b4b97b71f5ad
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge3.dsc
      Size/MD5 checksum:      874 2e925606f9143b774ab2e86a12d62c44
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge3.tar.gz
      Size/MD5 checksum:    15464 7dfeb923284a92f3bca5e8ef62a52498
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge3.dsc
      Size/MD5 checksum:     1071 9e2657e0a79bd6b3cde0df2e5c9aa77e
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge3.tar.gz
      Size/MD5 checksum:    26926 5f6c84921c0f6041fdd269a6c66a0568
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge3.dsc
      Size/MD5 checksum:      846 89d3a1f59fb514c8c5a195e91eaa1997
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge3.tar.gz
      Size/MD5 checksum:    12972 e3c65e0b2998dad3c440a0c1af5cd99f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge3.dsc
      Size/MD5 checksum:     1036 31e7168c06b98e03789c100b6a6fcf67
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge3.tar.gz
      Size/MD5 checksum:    24369 6c9e2b0e3a3f625cc4103b385f0c093c


  Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-16sarge3_all.deb
      Size/MD5 checksum:  6184022 54432fcfa3a56c502b0feabe6723c467
    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge3_all.deb
      Size/MD5 checksum:  1079878 a2ca885ba3b9b30d211c26647524cbc9
    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge3_all.deb
      Size/MD5 checksum: 34941458 74c1b17e994280ac14d7116a52b771bf
    http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge3_all.deb
      Size/MD5 checksum:    35082 7b08d82ec9046359cd85ea87aad96995
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge3_all.deb
      Size/MD5 checksum:    10934 0d1c81689deeaa145be9e4d3ae140a81


  Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2_2.6.8-16sarge1_alpha.deb
      Size/MD5 checksum:  2757876 e94cdb8d12552d293018c7ca24199f47
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
      Size/MD5 checksum:   230608 fdf2cc6f010f2b618672422c3293f3b9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
      Size/MD5 checksum:   225502 2a21bf8197792a789420b1838526186f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3_2.6.8-16sarge3_alpha.deb
      Size/MD5 checksum:  2759828 544e1f44b4cebfaf97f4ae1870b56ab1
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge3_alpha.deb
      Size/MD5 checksum:   232152 9ba670970518572ad7db755e7888ee8a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge3_alpha.deb
      Size/MD5 checksum:   227100 a836d721852b11fa6422f33dc81a5415
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-generic_2.6.8-16sarge1_alpha.deb
      Size/MD5 checksum: 20226800 f627945f7f8216fbe6961a9559766f29
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-2-smp_2.6.8-16sarge1_alpha.deb
      Size/MD5 checksum: 20068720 7aa6c0137c94e2e7ee45e5ae702cfe27
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge3_alpha.deb
      Size/MD5 checksum: 20220874 d9c1642300f72cc5f3fc3b04865b3b3d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge3_alpha.deb
      Size/MD5 checksum: 20073352 1faa9472c15dd6142221fec2261b5628


  HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum:  2798740 3bd227d7f6ce63d13f4eb4cef3cc7efa
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum:   209500 8b284495343adf74bca8219421f4b48d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum:   208722 941a680674931ec594e3512c5736c9bf
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum:   208356 7ab2df2b04391d75500083585a96701b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum:   207502 0a840281a00f4762978af411d7a3e7fb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum:  2802244 f82eaa9411813bbdee2e0c268a067c81
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-32_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum:   211350 c221830c715cfebb1acb383d8f7c6a8a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum:   210570 96c096a16a6291f4b40716ac939bd063
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-64_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum:   210220 fc6c20856e898e4bd881711e6392d4e9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum:   209468 6a00248dcf25809f02f7ab585429f27b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum: 16020358 6423b4288f949286ce1c70a743d03373
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-32-smp_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum: 16926452 be46b30fdb54c08c6cef2fcf7c9a2450
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum: 17472682 d8ecab478805553c2f978dd405dca57d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-2-64-smp_2.6.8-6sarge1_hppa.deb
      Size/MD5 checksum: 18305956 42ae9163eaba822e863ea8dd2cdedcaa
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-32_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum: 16029232 665d462c1fae45714ff948289c8a3457
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-32-smp_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum: 16927312 a69c9e976ab6810bf7043a15daa1dd29
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-64_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum: 17480298 66e35e40e7e2d82370f7ccba7544a59a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-3-64-smp_2.6.8-6sarge3_hppa.deb
      Size/MD5 checksum: 18306822 88ade3c07fc414c82bf589def0bda600


  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:  2777236 af649947c652a9486461b92bbc33be8a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-386_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:   256920 88db1b684f215fdd35de0989f148b57f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:   254646 553205bb17cfc57f4c4a7aadff46650a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:   251590 51ebd6202b7f347f66df0e189b2a3946
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:   254818 746967059979238eb49cfdcba572c07b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum:   251708 33a61355c7a48d87b7570b772e454760
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:  2779348 210a335431d029842eb82036d5326edf
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:   258446 1d48b727a22487e4b34f4894b2a9a7f2
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:   256322 8f73439c2a920c66ae05d3ceba45229a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:   253564 4ce8f253c15562e9d11a985e135d94b4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:   256504 5a5c2acd3ef2fb3764489ed77865739e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum:   253486 48f046411662bdde50195f8bdb421efa
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-386_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum: 14058198 fd607b13caf99093ef31071ff7395d6d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum: 15531820 5871afdf04de65bda6f5eb3266b0621d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-686-smp_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum: 15339250 f3ab94a1304a28732cea6be8dd871ac7
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum: 15258514 cc888a3d69727d61b86a7f0945a51eff
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-2-k7-smp_2.6.8-16sarge1_i386.deb
      Size/MD5 checksum: 15118194 fb0e7f6b830b7a012f06bf7c25ff15cc
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-386_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum: 14063774 13d8810b179bb8408645e7fab57d114a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum: 15536484 0a47b2f9fc33d4b7a52eb68b54419c82
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum: 15346402 fffd9fb96343167ccc32356fa307152a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum: 15261026 cbdee84292a612fddca022377e38eebb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge3_i386.deb
      Size/MD5 checksum: 15124168 248b85e7c59930aeb63fda6a0366b9a2


  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6606 27049d0c329dc1cad092b2d53c3322ec
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6678 f3967dddbec5691733d49246d09f8cb3
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6638 acc1b57c5a246304f9cee279574811e9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6706 5c28f912ecc42291a9ec3ef0f13c6041
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum:  3097054 691f7cd4d1b2f184e50ab566f20a13e4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum:   198662 72e0e4b4331b8a600de3a98d6ac59a82
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum:   197920 6e19efeac81a2a9416328af58316c4cb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum:   198394 6d946fcc7b1fcf88c9ee9a47f7015384
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum:   197828 8be7e8290bd8e7cf1b9c162c9e369b36
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:  3098862 aee4e1b99a34047fbf47941e2dced300
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:   199934 484af4636ad4d64ecbf89dd7b47cda03
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:   199302 8b6e3253f9c04054e1e9d2066e4323c0
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:   199582 8b97de7837305ad8728bc0ab4bfeccb1
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:   199190 508601b56facbca5211e2e3f1a819d4e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6602 dea61776e4279d8906f3d552af3ed55c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6670 d8ab34493a8cfc857dccd8a84743017a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6630 04e4d5b971ec3523b80a3f2373afbf73
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum:     6700 f5cc48a00ca305eaea622738ce0d6570
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum: 22041474 4419d9b68b593646ed49ff194fcbcc9e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-itanium-smp_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum: 22666884 7aab34e05eed41eee4b56ca45e1c4c2c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum: 21959066 27fe9dc58a04851cfbbac5b4a53f21ae
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-2-mckinley-smp_2.6.8-14sarge1_ia64.deb
      Size/MD5 checksum: 22689900 4011393c3e3a94354d81c909a1aaef91
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum: 21476428 ec3548487a558e67913419b84c84999c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum: 22133136 0d6292568fadcc40f65e87314315165c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum: 21408908 539197e6af86ff9583cf43d12ad109b1
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge3_ia64.deb
      Size/MD5 checksum: 22154322 a4ae9740b9459b0a43c47b5b6e546515


  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3305628 8029426256d755ea724ed7b46243c1ba
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3101728 677b103a57ce6de26b072245dfd585f7
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3014324 f7a8e8b9c7d4eacecd1f1d69f1ee2c34
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  2986734 fd1f14cc2856a55bb6948bdf956ea0d5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3173334 e32fa0fd9460b9e19bd24c8cc413684f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  2978518 6e682497437fa9d1912ea5fd3374c82f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3047534 f9daecf9203da30c95cd9ab9647d8c54
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  3108200 9a81b37d60bdcf95d6cbc3ca5eb83d1a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge3_m68k.deb
      Size/MD5 checksum:  2992046 cfae06d516a2695eb961e574570661a4


  PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   407330 3025ba5c61db0cd42b9d0ab1a3e01b1c
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   406624 21742d40c3c0bac0d64e970c0944c59f
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   406548 b9ce59161b3faf818f77239a468828e4
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   406518 e40256427db90a027ed2be8a7b50997c
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   406882 c899bf1d81895ee43306a8b19e3c8ee8
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:   407320 45108a12629a9eddd40b071db4b92e4e
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405670 bd347754ea8c4cee14686b207e6cf46d
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405666 1dec752373178a4aef51f74c6d917073
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405598 c39f371744ca92eec853ad8746f0f009
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405568 b346b94897fca3c678daadc99b515428
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405912 14475ec4cdc9b337ad2dc0ab3a772bdb
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:   405698 4c3c94aa9afb4e6d73986bbfa26484bb
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum:  5143830 3a6cd285eba77baae74a2a16f8029be2
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-3_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum:  5147620 32c5daf3656ab15416c3a42a5be21afc
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13577038 981f85ad155781610e2069f28b1eb4e7
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13929444 b11a91f117e0d25b6df7a56cd2c0f0d6
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13560822 44f1276a6cd811646ebf3ccb2da06067
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13920572 fd32c8d3f0dbb55430075b57546f9390
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13594454 93d70ceed88a16e7af0fe3db1a2c5baa
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge3_powerpc.deb
      Size/MD5 checksum: 13847204 5f22d24e351ce6040f9fa995e5a7906a
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13494684 2ab633af498a4486190d3754c530e7f4
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power3-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13855580 1245c9d474405a277864484b0237252f
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13486150 80b9f2ed16acb2c9fdb7c9cb133a4c03
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-power4-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13842602 e4013da64e44e6e0401aa87b1e68c1ce
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13514634 a3fbbf23d7b805431a5f9f28aadd25ab
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-powerpc-smp_2.6.8-12sarge1_powerpc.deb
      Size/MD5 checksum: 13769858 20783767bb65e7ea6ca76662438bf7ca


  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-2_2.6.8-5sarge1_s390.deb
      Size/MD5 checksum:  5083010 42c4dd8c6c67ce7940f0d24bb745385c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-3_2.6.8-5sarge3_s390.deb
      Size/MD5 checksum:  5087230 aa48eb8b2a3a5f215bba97329947a2eb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390_2.6.8-5sarge1_s390.deb
      Size/MD5 checksum:  2973758 c8d12dd2fbddca3ab1b7bd905de4a90c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390-tape_2.6.8-5sarge1_s390.deb
      Size/MD5 checksum:  1140118 328edfc2944127e2f1d6dca1842ce51d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-2-s390x_2.6.8-5sarge1_s390.deb
      Size/MD5 checksum:  3179326 487c36323990a6ae1119f4c30f16cdd9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390_2.6.8-5sarge3_s390.deb
      Size/MD5 checksum:  2977844 c491248ed7d4c71415be782f7fbe77e9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge3_s390.deb
      Size/MD5 checksum:  1142366 fddcd4821b89cbf30f47d5df380f2961
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-3-s390x_2.6.8-5sarge3_s390.deb
      Size/MD5 checksum:  3186726 3eaf46617bf0ee1de50cad55f351aa54


  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-2_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:     3462 c68f0624f124db25f3a41f78432ca11c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-3_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:     5194 b90da0337cb607278aa01d4ec0c19a3a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:  2888690 29723527245a48a00e724c7366868ec9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:   107974 788d40ca3a1a3f53b8b2cf4c1fc4badc
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:   142726 8719b1bf0d3aff36f7711d8979f87a7d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:   143332 87bc055c575e3ec3ea44136ed44dff6a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:  2890616 a3717a911c04df4af4917c5a0366a8de
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:   109996 d42960c6242e6a62d5a2cb9809645bea
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:   144710 f1c0a8b3bf641019d7831cc1277ba524
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:   145366 505e40a256abd9fa04a49321fba69115
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc32_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:  4545570 00d7c7e1caef41efcbc198a282f2b9f2
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:  7428184 1f146c58f98331bf5826520379bacd33
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-2-sparc64-smp_2.6.8-15sarge1_sparc.deb
      Size/MD5 checksum:  7622116 4de4c114879d82d79fc34cb93c070d43
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:  4550972 ea3ec35673aed896ec9416a8f470bf77
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:  7431000 fab9d693f9c9642b67e0d386f3df01ee
    http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge3_sparc.deb
      Size/MD5 checksum:  7628010 8c922a4190017515210c6738213b0782


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEoLqvXm3vHE4uyloRAmpRAKCEL2aSzNg4NCC7a4MgkE3gUS3dkQCfc3Dy
h9XpOeylbvWZtXWsn03PS0o=
=twOb
-----END PGP SIGNATURE-----






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

23606
Linux Kernel XFS ftruncate() Function Local Information Disclosure
Information Disclosure
Loss of Confidentiality
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-02-15 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.6.15.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel XFS File System Local Information Disclosure Vulnerability
Design Error 16921
No Yes
2006-03-02 12:00:00 2007-01-18 02:40:00
This issue was disclosed by the vendor.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
S.u.S.E. UnitedLinux 1.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
+ Red Hat Fedora Core4
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Linux kernel 2.6.15.5

- 不受影响的程序版本

Linux kernel 2.6.15.5

- 漏洞讨论

The Linux kernel's XFS filesystem is susceptible to a local information-disclosure vulnerablity. This issue is due to a flaw in the filesystem that may result in previously written data being returned to local users.

This issue allows local malicious users to gain access to potentially sensitive data, aiding them in further attacks.

Linux kernel versions prior to 2.6.15.5 are affected by this issue.

- 漏洞利用

An exploit is not required.

- 解决方案

The vendor has released version 2.6.15.5 to address this and other issues.

Please see the referenced advisories for more information.


Linux kernel 2.6 -test6

Linux kernel 2.6 -test4

Linux kernel 2.6 -test2

Linux kernel 2.6 -test9-CVS

Linux kernel 2.6 -test7

Linux kernel 2.6 -test9

Linux kernel 2.6 -test10

Linux kernel 2.6 -test11

Linux kernel 2.6

Linux kernel 2.6 -test3

Linux kernel 2.6.1 -rc2

Linux kernel 2.6.1

Linux kernel 2.6.10 rc2

Linux kernel 2.6.10

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站