CVE-2006-3468
CVSS7.8
发布时间 :2006-07-21 10:03:00
修订时间 :2010-08-21 00:49:56
NMCOPS    

[原文]Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.


[CNNVD]Linux Kernel NFS和EXT3组合远程拒绝服务漏洞 (CNNVD-200607-334)

        Linux kernel 2.6.x同时使用NFS和EXT3时,远程攻击者可以借助包含指定错误文件句柄(inode编号)的V2查找程序的特制UDP包,触发错误并造成导出的目录被重新安装为只读,从而引起拒绝服务(文件系统恐慌)。

- CVSS (基础分值)

CVSS分值: 7.8 [严重(HIGH)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12.2Linux Kernel 2.6.12.2
cpe:/o:linux:linux_kernel:2.6.11:rc5Linux Kernel 2.6.11 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.0:test2Linux Kernel 2.6 test2
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.6.10:rc3Linux Kernel 2.6.10 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.15:rc4Linux Kernel 2.6.15 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc4Linux Kernel 2.6.14 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.9:rc1Linux Kernel 2.6.9 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8
cpe:/o:linux:linux_kernel:2.6.16.13Linux Kernel 2.6.16.13
cpe:/o:linux:linux_kernel:2.6.11.6Linux Kernel 2.6.11.6
cpe:/o:linux:linux_kernel:2.6.8.1.5::686
cpe:/o:linux:linux_kernel:2.6.5:rc3Linux Kernel 2.6.5 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.16.24Linux Kernel 2.6.16.24
cpe:/o:linux:linux_kernel:2.6.16.14Linux Kernel 2.6.16.14
cpe:/o:linux:linux_kernel:2.6.16.15Linux Kernel 2.6.16.15
cpe:/o:linux:linux_kernel:2.6.0:test1Linux Kernel 2.6 test1
cpe:/o:linux:linux_kernel:2.6.4:rc3Linux Kernel 2.6.4 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.14.2Linux Kernel 2.6.14.2
cpe:/o:linux:linux_kernel:2.6.11Linux Kernel 2.6.11
cpe:/o:linux:linux_kernel:2.6.16:rc1Linux Kernel 2.6.16 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.3:rc1Linux Kernel 2.6.3 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.16.8Linux Kernel 2.6.16.8
cpe:/o:linux:linux_kernel:2.6.0:test11Linux Kernel 2.6 test11
cpe:/o:linux:linux_kernel:2.6.13:rc1Linux Kernel 2.6.13 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.9:2.6.20
cpe:/o:linux:linux_kernel:2.6.13:rc3Linux Kernel 2.6.13 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.7:rc3Linux Kernel 2.6.7 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.16Linux Kernel 2.6.16
cpe:/o:linux:linux_kernel:2.6.16.3Linux Kernel 2.6.16.3
cpe:/o:linux:linux_kernel:2.6.0:test6Linux Kernel 2.6 test6
cpe:/o:linux:linux_kernel:2.6.16:rc5Linux Kernel 2.6.16 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.16.11Linux Kernel 2.6.16.11
cpe:/o:linux:linux_kernel:2.6.13:rc7Linux Kernel 2.6.13 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.17:rc1Linux Kernel 2.6.17 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.6.17.4Linux Kernel 2.6.17.4
cpe:/o:linux:linux_kernel:2.6.17.1Linux Kernel 2.6.17.1
cpe:/o:linux:linux_kernel:2.6.15.3Linux Kernel 2.6.15.3
cpe:/o:linux:linux_kernel:2.6.11.3Linux Kernel 2.6.11.3
cpe:/o:linux:linux_kernel:2.6.13:rc4Linux Kernel 2.6.13 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.15:rc1Linux Kernel 2.6.15 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.5:rc2Linux Kernel 2.6.5 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.2:rc2Linux Kernel 2.6.2 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.12:rc4Linux Kernel 2.6.12 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.13:rc2Linux Kernel 2.6.13 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.17:rc5Linux Kernel 2.6.17 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.15.7Linux Kernel 2.6.15.7
cpe:/o:linux:linux_kernel:2.6.3:rc4Linux Kernel 2.6.3 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64
cpe:/o:linux:linux_kernel:2.6.11.9Linux Kernel 2.6.11.9
cpe:/o:linux:linux_kernel:2.6.10:rc1Linux Kernel 2.6.10 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12.1Linux Kernel 2.6.12.1
cpe:/o:linux:linux_kernel:2.6.0::64-bit_x86
cpe:/o:linux:linux_kernel:2.6.9:rc4Linux Kernel 2.6.9 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.16:rc3Linux Kernel 2.6.16 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8:rc3Linux Kernel 2.6.8 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3_smp
cpe:/o:linux:linux_kernel:2.6.2:rc3Linux Kernel 2.6.2 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.12:rc1Linux Kernel 2.6.12 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.17:rc2Linux Kernel 2.6.17 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.16:rc2Linux Kernel 2.6.16 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.16.7Linux Kernel 2.6.16.7
cpe:/o:linux:linux_kernel:2.6.14.4Linux Kernel 2.6.14.4
cpe:/o:linux:linux_kernel:2.6.14.6Linux Kernel 2.6.14.6
cpe:/o:linux:linux_kernel:2.6.8:rc4Linux Kernel 2.6.8 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.1:rc1Linux Kernel 2.6.1 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.1:rc2Linux Kernel 2.6.1 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11.2Linux Kernel 2.6.11.2
cpe:/o:linux:linux_kernel:2.6.16.22Linux Kernel 2.6.16.22
cpe:/o:linux:linux_kernel:2.6.0:test4Linux Kernel 2.6 test4
cpe:/o:linux:linux_kernel:2.6.2:rc1Linux Kernel 2.6.2 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.16.12Linux Kernel 2.6.16.12
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.6.1:rc3Linux Kernel 2.6.1 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.12:rc6Linux Kernel 2.6.12 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.6:rc1Linux Kernel 2.6.6 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.16:rc6Linux Kernel 2.6.16 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.12.3Linux Kernel 2.6.12.3
cpe:/o:linux:linux_kernel:2.6.11.4Linux Kernel 2.6.11.4
cpe:/o:linux:linux_kernel:2.6.3Linux Kernel 2.6.3
cpe:/o:linux:linux_kernel:2.6.11.12Linux Kernel 2.6.11.12
cpe:/o:linux:linux_kernel:2.6.17:rc6Linux Kernel 2.6.17 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.0:test8Linux Kernel 2.6 test8
cpe:/o:linux:linux_kernel:2.6.15.2Linux Kernel 2.6.15.2
cpe:/o:linux:linux_kernel:2.6.0:test10Linux Kernel 2.6 test10
cpe:/o:linux:linux_kernel:2.6.16.17Linux Kernel 2.6.16.17
cpe:/o:linux:linux_kernel:2.6.13:rc5Linux Kernel 2.6.13 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.16.1Linux Kernel 2.6.16.1
cpe:/o:linux:linux_kernel:2.6.7:rc2Linux Kernel 2.6.7 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.16.18Linux Kernel 2.6.16.18
cpe:/o:linux:linux_kernel:2.6.4:rc2Linux Kernel 2.6.4 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11:rc2Linux Kernel 2.6.11 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.15:rc5Linux Kernel 2.6.15 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.15:rc7Linux Kernel 2.6.15 Release Candidate 7
cpe:/o:linux:linux_kernel:2.6.7:rc1Linux Kernel 2.6.7 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.16.4Linux Kernel 2.6.16.4
cpe:/o:linux:linux_kernel:2.6.13.3Linux Kernel 2.6.13.3
cpe:/o:linux:linux_kernel:2.6.15.1Linux Kernel 2.6.15.1
cpe:/o:linux:linux_kernel:2.6.15:rc3Linux Kernel 2.6.15 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.16.19Linux Kernel 2.6.16.19
cpe:/o:linux:linux_kernel:2.6.6:rc2Linux Kernel 2.6.6 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.11::x86_64
cpe:/o:linux:linux_kernel:2.6.14.7Linux Kernel 2.6.14.7
cpe:/o:linux:linux_kernel:2.6.0:test9Linux Kernel 2.6 test9
cpe:/o:linux:linux_kernel:2.6.9:rc2Linux Kernel 2.6.9 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.0:test5Linux Kernel 2.6 test5
cpe:/o:linux:linux_kernel:2.6.6:rc3Linux Kernel 2.6.6 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.9:final
cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6
cpe:/o:linux:linux_kernel:2.6.13.2Linux Kernel 2.6.13.2
cpe:/o:linux:linux_kernel:2.6.16.2Linux Kernel 2.6.16.2
cpe:/o:linux:linux_kernel:2.6.14:rc3Linux Kernel 2.6.14 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.8.1Linux Kernel 2.6.8.1
cpe:/o:linux:linux_kernel:2.6.12Linux Kernel 2.6.12
cpe:/o:linux:linux_kernel:2.6.11:rc3Linux Kernel 2.6.11 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.15.6Linux Kernel 2.6.15.6
cpe:/o:linux:linux_kernel:2.6.11:rc4Linux Kernel 2.6.11 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc1Linux Kernel 2.6.14 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.5:rc1Linux Kernel 2.6.5 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.0:test7Linux Kernel 2.6 test7
cpe:/o:linux:linux_kernel:2.6.13.1Linux Kernel 2.6.13.1
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7
cpe:/o:linux:linux_kernel:2.6.12:rc5Linux Kernel 2.6.12 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8_smp
cpe:/o:linux:linux_kernel:2.6.8.1.5::686_smp
cpe:/o:linux:linux_kernel:2.6.16.20Linux Kernel 2.6.16.20
cpe:/o:linux:linux_kernel:2.6.12.5Linux Kernel 2.6.12.5
cpe:/o:linux:linux_kernel:2.6.15:rc6Linux Kernel 2.6.15 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.15.5Linux Kernel 2.6.15.5
cpe:/o:linux:linux_kernel:2.6.17.3Linux Kernel 2.6.17.3
cpe:/o:linux:linux_kernel:2.6.13.4Linux Kernel 2.6.13.4
cpe:/o:linux:linux_kernel:2.6.5Linux Kernel 2.6.5
cpe:/o:linux:linux_kernel:2.6.3:rc3Linux Kernel 2.6.3 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.7Linux Kernel 2.6.7
cpe:/o:linux:linux_kernel:2.6.16.16Linux Kernel 2.6.16.16
cpe:/o:linux:linux_kernel:2.6.9:rc3Linux Kernel 2.6.9 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.12:rc2Linux Kernel 2.6.12 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.14.5Linux Kernel 2.6.14.5
cpe:/o:linux:linux_kernel:2.6.11:rc1Linux Kernel 2.6.11 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.12.6Linux Kernel 2.6.12.6
cpe:/o:linux:linux_kernel:2.6.16.9Linux Kernel 2.6.16.9
cpe:/o:linux:linux_kernel:2.6.12.4Linux Kernel 2.6.12.4
cpe:/o:linux:linux_kernel:2.6_test9_cvs
cpe:/o:linux:linux_kernel:2.6.14:rc2Linux Kernel 2.6.14 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_xeon
cpe:/o:linux:linux_kernel:2.6.11.8Linux Kernel 2.6.11.8
cpe:/o:linux:linux_kernel:2.6.8.1.5::k7_smp
cpe:/o:linux:linux_kernel:2.6.3:rc2Linux Kernel 2.6.3 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.17:rc3Linux Kernel 2.6.17 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.16.5Linux Kernel 2.6.16.5
cpe:/o:linux:linux_kernel:2.6.4Linux Kernel 2.6.4
cpe:/o:linux:linux_kernel:2.6.8.1.5::386
cpe:/o:linux:linux_kernel:2.6.4:rc1Linux Kernel 2.6.4 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.13Linux Kernel 2.6.13
cpe:/o:linux:linux_kernel:2.6.8:rc2Linux Kernel 2.6.8 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.16.23Linux Kernel 2.6.16.23
cpe:/o:linux:linux_kernel:2.6.17:rc4Linux Kernel 2.6.17 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.14:rc5Linux Kernel 2.6.14 Release Candidate 5
cpe:/o:linux:linux_kernel:2.6.16.10Linux Kernel 2.6.16.10
cpe:/o:linux:linux_kernel:2.6.11.5Linux Kernel 2.6.11.5
cpe:/o:linux:linux_kernel:2.6.10:rc2Linux Kernel 2.6.10 Release Candidate 2
cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc_smp
cpe:/o:linux:linux_kernel:2.6.0::itanium_ia64_montecito
cpe:/o:linux:linux_kernel:2.6.17Linux Kernel 2.6.17
cpe:/o:linux:linux_kernel:2.6.8.1.5::power4_smp
cpe:/o:linux:linux_kernel:2.6.17.2Linux Kernel 2.6.17.2
cpe:/o:linux:linux_kernel:2.6.8.1.5
cpe:/o:linux:linux_kernel:2.6.2Linux Kernel 2.6.2
cpe:/o:linux:linux_kernel:2.6.12:rc3Linux Kernel 2.6.12 Release Candidate 3
cpe:/o:linux:linux_kernel:2.6.15.4Linux Kernel 2.6.15.4
cpe:/o:linux:linux_kernel:2.6.8:rc1Linux Kernel 2.6.8 Release Candidate 1
cpe:/o:linux:linux_kernel:2.6.11.11Linux Kernel 2.6.11.11
cpe:/o:linux:linux_kernel:2.6.16_rc7
cpe:/o:linux:linux_kernel:2.6.11.7Linux Kernel 2.6.11.7
cpe:/o:linux:linux_kernel:2.6.16.6Linux Kernel 2.6.16.6
cpe:/o:linux:linux_kernel:2.6.10Linux Kernel 2.6.10
cpe:/o:linux:linux_kernel:2.6.14Linux Kernel 2.6.14
cpe:/o:linux:linux_kernel:2.6.0:test3Linux Kernel 2.6 test3
cpe:/o:linux:linux_kernel:2.6.8Linux Kernel 2.6.8
cpe:/o:linux:linux_kernel:2.6.11.1Linux Kernel 2.6.11.1
cpe:/o:linux:linux_kernel:2.6.14.1Linux Kernel 2.6.14.1
cpe:/o:linux:linux_kernel:2.6.16:rc4Linux Kernel 2.6.16 Release Candidate 4
cpe:/o:linux:linux_kernel:2.6.13:rc6Linux Kernel 2.6.13 Release Candidate 6
cpe:/o:linux:linux_kernel:2.6.14.3Linux Kernel 2.6.14.3
cpe:/o:linux:linux_kernel:2.6.6Linux Kernel 2.6.6
cpe:/o:linux:linux_kernel:2.6.16.21Linux Kernel 2.6.16.21
cpe:/o:linux:linux_kernel:2.6.11.10Linux Kernel 2.6.11.10
cpe:/o:linux:linux_kernel:2.6.8.1.5::power3

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:9809Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3468
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200607-334
(官方数据源) CNNVD

- 其它链接及资源

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172
(UNKNOWN)  MISC  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=199172
http://lkml.org/lkml/2006/7/17/41
(UNKNOWN)  MISC  http://lkml.org/lkml/2006/7/17/41
http://www.ubuntu.com/usn/usn-346-1
(UNKNOWN)  UBUNTU  USN-346-1
http://www.trustix.org/errata/2006/0046/
(UNKNOWN)  TRUSTIX  2006-0046
http://www.securityfocus.com/bid/19396
(UNKNOWN)  BID  19396
http://www.redhat.com/support/errata/RHSA-2006-0617.html
(UNKNOWN)  REDHAT  RHSA-2006:0617
http://www.novell.com/linux/security/advisories/2006_64_kernel.html
(UNKNOWN)  SUSE  SUSE-SA:2006:064
http://www.novell.com/linux/security/advisories/2006_57_kernel.html
(UNKNOWN)  SUSE  SUSE-SA:2006:057
http://www.novell.com/linux/security/advisories/2006_22_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:022
http://www.novell.com/linux/security/advisories/2006_21_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:021
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
(UNKNOWN)  MANDRIVA  MDKSA-2006:151
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
(UNKNOWN)  MANDRIVA  MDKSA-2006:150
http://www.debian.org/security/2006/dsa-1184
(UNKNOWN)  DEBIAN  DSA-1184
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
http://secunia.com/advisories/22822
(UNKNOWN)  SECUNIA  22822
http://secunia.com/advisories/22174
(UNKNOWN)  SECUNIA  22174
http://secunia.com/advisories/22148
(UNKNOWN)  SECUNIA  22148
http://secunia.com/advisories/22093
(UNKNOWN)  SECUNIA  22093
http://secunia.com/advisories/21934
(UNKNOWN)  SECUNIA  21934
http://secunia.com/advisories/21847
(UNKNOWN)  SECUNIA  21847
http://secunia.com/advisories/21614
(UNKNOWN)  SECUNIA  21614
http://secunia.com/advisories/21605
(UNKNOWN)  SECUNIA  21605
http://secunia.com/advisories/21369
(UNKNOWN)  SECUNIA  21369

- 漏洞信息

Linux Kernel NFS和EXT3组合远程拒绝服务漏洞
高危 其他
2006-07-21 00:00:00 2006-07-21 00:00:00
本地  
        Linux kernel 2.6.x同时使用NFS和EXT3时,远程攻击者可以借助包含指定错误文件句柄(inode编号)的V2查找程序的特制UDP包,触发错误并造成导出的目录被重新安装为只读,从而引起拒绝服务(文件系统恐慌)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Linux kernel 2.6.10
        Ubuntu ide-modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb
        Ubuntu 5.10:
        http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.12/ide- modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb
        Linux kernel 2.6.3
        Mandriva kernel-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-2.6.3.35mdk-1-1mdk.x86_64.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-BOOT-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-BOOT-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-BOOT-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-BOOT-2.6.3.35mdk-1-1mdk.x86_64.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-enterprise-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-i586-up-1GB-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-i686-up-4GB-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-secure-2.6.3.35mdk-1-1mdk.x86_64.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-smp-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-smp-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-smp-2.6.3.35mdk-1-1mdk.x86_64.rpm
        Corporate 3.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-source-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-source-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-source-stripped-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-source-stripped-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-xbox-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-xen0-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-xen0-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-xenU-2.6.12.25mdk-1-1mdk.i586.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        Mandriva kernel-xenU-2.6.12.25mdk-1-1mdk.x86_64.rpm
        Mandriva Linux 2006.0:
        http://wwwnew.mandriva.com/en/downloads
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        

- 漏洞信息 (F49475)

Mandriva Linux Security Advisory 2006.151 (PacketStormID:F49475)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,kernel,vulnerability
linux,mandriva
CVE-2006-1066,CVE-2006-1863,CVE-2006-1864,CVE-2006-2934,CVE-2006-2935,CVE-2006-2936,CVE-2006-3468,CVE-2006-3745
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-151 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:151
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : August 25, 2006
 Affected: 2006.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 Prior to and including 2.6.16-rc2, when running on x86_64 systems with
 preemption enabled, local users can cause a DoS (oops) via multiple
 ptrace tasks that perform single steps (CVE-2006-1066).
 
 Prior to 2.6.16, a directory traversal vulnerability in CIFS could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1863).
 
 Prior to 2.6.16, a directory traversal vulnerability in smbfs could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1864).
 
 Prior to to 2.6.16.23, SCTP conntrack in netfilter allows remote
 attackers to cause a DoS (crash) via a packet without any chunks,
 causing a variable to contain an invalid value that is later used to
 dereference a pointer (CVE-2006-2934).
 
 The dvd_read_bca function in the DVD handling code assigns the wrong
 value to a length variable, which could allow local users to execute
 arbitrary code via a crafted USB storage device that triggers a buffer
 overflow (CVE-2006-2935).
 
 Prior to 2.6.17, the ftdi_sio driver could allow local users to cause
 a DoS (memory consumption) by writing more data to the serial port than
 the hardware can handle, causing the data to be queued (CVE-2006-2936).
 
 The 2.6 kernel, when using both NFS and EXT3, allowed remote attackers
 to cause a DoS (file system panic) via a crafted UDP packet with a V2
 lookup procedure that specifies a bad file handle (inode number),
 triggering an error and causing an exported directory to be remounted
 read-only (CVE-2006-3468).
 
 The 2.6 kernel's SCTP was found to cause system crashes and allow for
 the possibility of local privilege escalation due to a bug in the
 get_user_iov_size() function that doesn't properly handle overflow when
 calculating the length of iovec (CVE-2006-3745).
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.
 
 In addition to these security fixes, other fixes have been included
 such as:
 
 - added support for new devices:
   o Testo products in usb-serial
   o ATI SB600 IDE
   o ULI M-1573 south Bridge
   o PATA and SATA support for nVidia MCP55, MCP61, MCP65, and AMD CS5536
   o Asus W6A motherboard in snd-hda-intel
   o bcm 5780
 - fixed ip_gre module unload OOPS
 - enabled opti621 driver for x86 and x86_64
 - fixed a local DoS introduced by an imcomplete fix for CVE-2006-2445
 - updated to Xen 3.0.1 with selected fixes
 - enable hugetlbfs
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1066
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2934
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 9b4811892823bfa6ddfa648f029ee500  2006.0/RPMS/kernel-2.6.12.25mdk-1-1mdk.i586.rpm
 27e6afeac2d98e07cd8a16d2ffa8de28  2006.0/RPMS/kernel-BOOT-2.6.12.25mdk-1-1mdk.i586.rpm
 dcd2a1843a5f56c286a0e6270c7b1d79  2006.0/RPMS/kernel-i586-up-1GB-2.6.12.25mdk-1-1mdk.i586.rpm
 477b78d6836d03484a58720f2137e506  2006.0/RPMS/kernel-i686-up-4GB-2.6.12.25mdk-1-1mdk.i586.rpm
 ab1f7540dbfd41f469f4931a710dbe95  2006.0/RPMS/kernel-smp-2.6.12.25mdk-1-1mdk.i586.rpm
 ed246f8b552bb26bb8e89c0c0842bbe9  2006.0/RPMS/kernel-source-2.6.12.25mdk-1-1mdk.i586.rpm
 acb15b08ed7f7d2ad3747c555a07b401  2006.0/RPMS/kernel-source-stripped-2.6.12.25mdk-1-1mdk.i586.rpm
 ede19a2f7dd7b715c58e9c61ee1c3359  2006.0/RPMS/kernel-xbox-2.6.12.25mdk-1-1mdk.i586.rpm
 848a9f9725f141077a34affb42088946  2006.0/RPMS/kernel-xen0-2.6.12.25mdk-1-1mdk.i586.rpm
 d280fd356d01831e6dbe5f0fc73c741b  2006.0/RPMS/kernel-xenU-2.6.12.25mdk-1-1mdk.i586.rpm
 c0a388efafe83a187a58d582ddf9cafb  2006.0/SRPMS/kernel-2.6.12.25mdk-1-1mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 54c6b69a3ce44d4dfb217f4b4f620293  x86_64/2006.0/RPMS/kernel-2.6.12.25mdk-1-1mdk.x86_64.rpm
 0eded734bf839d253c18d4849507a687  x86_64/2006.0/RPMS/kernel-BOOT-2.6.12.25mdk-1-1mdk.x86_64.rpm
 c379d55bcaee5070b46475b2e1cbce0a  x86_64/2006.0/RPMS/kernel-smp-2.6.12.25mdk-1-1mdk.x86_64.rpm
 2fad12f6ea68fdd1d000c2602f47a0a3  x86_64/2006.0/RPMS/kernel-source-2.6.12.25mdk-1-1mdk.x86_64.rpm
 1ae8c5f75d5660e511cfe2db62a02056  x86_64/2006.0/RPMS/kernel-source-stripped-2.6.12.25mdk-1-1mdk.x86_64.rpm
 160c2425b4be695feaafffdb59cc8fcd  x86_64/2006.0/RPMS/kernel-xen0-2.6.12.25mdk-1-1mdk.x86_64.rpm
 677a458c0eb70f9f8a5bd9553b96f589  x86_64/2006.0/RPMS/kernel-xenU-2.6.12.25mdk-1-1mdk.x86_64.rpm
 c0a388efafe83a187a58d582ddf9cafb  x86_64/2006.0/SRPMS/kernel-2.6.12.25mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7xpfmqjQ0CJFipgRAio9AKDjb4g8obg5dkOccjQOlFQ6oeIKAQCgkNQ3
ZdXAs/f1g9RsGP1wVlrqg+U=
=TeRg
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F49474)

Mandriva Linux Security Advisory 2006.150 (PacketStormID:F49474)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,kernel,vulnerability
linux,mandriva
CVE-2006-0554,CVE-2006-0744,CVE-2006-1343,CVE-2006-1857,CVE-2006-1858,CVE-2006-1863,CVE-2006-1864,CVE-2006-2274,CVE-2006-2935,CVE-2006-2936,CVE-2006-3468,CVE-2006-3745
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-150 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:150
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : August 25, 2006
 Affected: Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 Prior to 2.6.15.5, the kerenl allowed local users to obtain sensitive
 information via a crafted XFS ftruncate call (CVE-2006-0554).
 
 Prior to 2.6.15.5, the kernel did not properly handle uncanonical
 return addresses on Intel EM64T CPUs causing the kernel exception
 handler to run on the user stack with the wrong GS (CVE-2006-0744).
 
 ip_conntrack_core.c in the 2.6 kernel, and possibly
 nf_conntrack_l3proto_ipv4.c did not clear sockaddr_in.sin_zero before
 returning IPv4 socket names from the getsockopt function with
 SO_ORIGINAL_DST, which could allow local users to obtain portions of
 potentially sensitive memory (CVE-2006-1343).
 
 Prior to 2.6.16.17, the a buffer overflow in SCTP in the kernel allowed
 remote attackers to cause a Denial of Service (crash) and possibly
 execute arbitrary code via a malformed HB-ACK chunk (CVE-2006-1857).
 
 Prior to 2.6.16.17, SCTP in the kernel allowed remote attackers to
 cause a DoS (crash) and possibly execute arbitrary code via a chunk
 length that is inconsistent with the actual length of provided
 parameters (CVE-2006-1858).
 
 Prior to 2.6.16, a directory traversal vulnerability in CIFS could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1863).
 
 Prior to 2.6.16, a directory traversal vulnerability in smbfs could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1864).
 
 Prior to 2.6.17, Linux SCTP allowed a remote attacker to cause a DoS
 (infinite recursion and crash) via a packet that contains two or more
 DATA fragments, which caused an skb pointer to refer back to itself
 when the full message is reassembled, leading to an infinite recursion
 in the sctp_skb_pull function (CVE-2006-2274).
 
 The dvd_read_bca function in the DVD handling code assigns the wrong
 value to a length variable, which could allow local users to execute
 arbitrary code via a crafted USB storage device that triggers a buffer
 overflow (CVE-2006-2935).
 
 Prior to 2.6.17, the ftdi_sio driver could allow local users to cause
 a DoS (memory consumption) by writing more data to the serial port than
 the hardware can handle, causing the data to be queued (CVE-2006-2936).
 
 The 2.6 kernel, when using both NFS and EXT3, allowed remote attackers
 to cause a DoS (file system panic) via a crafted UDP packet with a V2
 lookup procedure that specifies a bad file handle (inode number),
 triggering an error and causing an exported directory to be remounted
 read-only (CVE-2006-3468).
 
 The 2.6 kernel's SCTP was found to cause system crashes and allow for
 the possibility of local privilege escalation due to a bug in the
 get_user_iov_size() function that doesn't properly handle overflow when
 calculating the length of iovec (CVE-2006-3745).
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0554
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1857
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1858
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 9d14c43145beafb4e63fe8cae758d0f6  corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 e7331f51ed5cf4edee33efcb01f49243  corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.i586.rpm
 dcb027450192d7d73f407f30d3e3e852  corporate/3.0/RPMS/kernel-enterprise-2.6.3.35mdk-1-1mdk.i586.rpm
 59f29ace5cc862c84cace5d046d6302e  corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 6b062c5059587a927f31fea04fb91a3a  corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 744287198a20913bd38b1c1d37a68bd2  corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 17780ad90f4989615baab5f115074f8a  corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 4555bac09b7ce50d83b97c47af0b2724  corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.i586.rpm
 7165754462cdfcd92c894f56623bc8b0  corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.i586.rpm
 e59db387f0642f5293dc60283832557b  corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Corporate 3.0/X86_64:
 918a70fe836d900b217f442b5208c779  x86_64/corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.x86_64.rpm
 dd1ea77b15bd07c75f5ab7caf00dbde0  x86_64/corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.x86_64.rpm
 c8964849f4142c2c51c3ddd298513753  x86_64/corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.x86_64.rpm
 7a98664c4ba5f0d50a500c1158a8fb08  x86_64/corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.x86_64.rpm
 3c4d5ca4f7a1a91d99fc182e499c9e76  x86_64/corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.x86_64.rpm
 a25c6705ba2b70c85c1c86e68cb0d3cd  x86_64/corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.x86_64.rpm
 e59db387f0642f5293dc60283832557b  x86_64/corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Multi Network Firewall 2.0:
 5cab4be7c19a67689f33f01de208879e  mnf/2.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 ee1db88c9010b3a1af0f5ea93ce86505  mnf/2.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 0e3618eec1dcb5bca817ecec7e912836  mnf/2.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 ded09245567203340c86b3ddacf21b3a  mnf/2.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 7efdc84f2748f1c2237a72ef94d90b31  mnf/2.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 d12744fdab6bf6606ed13fae69b51f50  mnf/2.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7xa9mqjQ0CJFipgRAsAAAKC/kOcYUfcUldfx8MGy87CHigyjSgCeJ/43
JsyWup/H/+NRqjHU1SGHaGc=
=8KyZ
-----END PGP SIGNATURE-----

    

- 漏洞信息

27812
Linux Kernel NFS/EXT3 Invalid Inode Number Remote DoS
Remote / Network Access Denial of Service, Input Manipulation
Loss of Availability
Exploit Public Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-07-17 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel NFS and EXT3 Combination Remote Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 19396
No Yes
2006-08-07 12:00:00 2007-01-16 11:00:00
James McKenzie discovered this issue.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Trustix Secure Linux 3.0
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise Desktop 10
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Office Server
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Office Server
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 10
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Database Server 0
S.u.S.E. Linux Connectivity Server
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
Red Hat Enterprise Linux AS 4
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Linux kernel 2.6.17 .7
Linux kernel 2.6.17 .6
Linux kernel 2.6.17 .5
Linux kernel 2.6.17 .4
Linux kernel 2.6.17 .3
Linux kernel 2.6.17 .1
Linux kernel 2.6.17 -rc5
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.16 27
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .8
Linux kernel 2.6.16 .7
Linux kernel 2.6.16 .5
Linux kernel 2.6.16 .4
Linux kernel 2.6.16 .3
Linux kernel 2.6.16 .23
Linux kernel 2.6.16 .21
Linux kernel 2.6.16 .2
Linux kernel 2.6.16 .19
Linux kernel 2.6.16 .18
Linux kernel 2.6.16 .17
Linux kernel 2.6.16 .16
Linux kernel 2.6.16 .12
Linux kernel 2.6.16 .11
Linux kernel 2.6.16 .1
Linux kernel 2.6.16 -rc1
Linux kernel 2.6.16
Linux kernel 2.6.15 .6
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc6
Linux kernel 2.6.15 -rc5
Linux kernel 2.6.15 -rc4
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.12
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6
Linux kernel 2.6.15.5
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Avaya S8710 CM 3.1
Avaya S8700 CM 3.1
Avaya S8500 CM 3.1
Avaya S8300 CM 3.1
Linux kernel 2.6.17 .8

- 不受影响的程序版本

Linux kernel 2.6.17 .8

- 漏洞讨论

The Linux kernel is susceptible to a remote denial-of-service vulnerability because the EXT3 filesystem code fails to properly handle unexpected conditions.

Remote attackers may trigger this issue by sending crafted UDP datagrams to affected computers that are configured as NFS servers, causing filesystem errors. Depending on the mount-time options of affected filesystems, this may result in remounting filesystems as read-only or cause a kernel panic.

Linux kernel versions 2.6.14.4, 2.6.17.6, and 2.6.17.7 are vulnerable to this issue; other versions in the 2.6 series are also likely affected.

- 漏洞利用

The following code is sufficient to trigger this issue:

- 解决方案

The vendor has released version 2.6.17.8 to address this issue.

Please see the references for more information.


Linux kernel 2.6.10

Linux kernel 2.6.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站