CVE-2006-3745
CVSS7.2
发布时间 :2006-08-23 15:04:00
修订时间 :2012-03-19 00:00:00
NMCOPS    

[原文]Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.


[CNNVD]Linux Kernel sctp模块sctp_make_abort_user函数本地溢出漏洞(CNNVD-200608-395)

        Linux Kernel是开放源码操作系统Linux所使用的内核。
        Linux sctp模块的sctp_make_abort_user函数中存在溢出漏洞,可能允许本地用户获得root权限并以内核权限级别执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.2 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:linux:linux_kernel:2.6.12.2Linux Kernel 2.6.12.2
cpe:/o:linux:linux_kernel:2.6.1Linux Kernel 2.6.1
cpe:/o:linux:linux_kernel:2.6.16.27Linux Kernel 2.6.16.27
cpe:/o:linux:linux_kernel:2.4.27Linux Kernel 2.4.27
cpe:/o:linux:linux_kernel:2.6.11.6Linux Kernel 2.6.11.6
cpe:/o:linux:linux_kernel:2.6.16.13Linux Kernel 2.6.16.13
cpe:/o:linux:linux_kernel:2.6.16.14Linux Kernel 2.6.16.14
cpe:/o:linux:linux_kernel:2.6.16.24Linux Kernel 2.6.16.24
cpe:/o:linux:linux_kernel:2.6.17.5Linux Kernel 2.6.17.5
cpe:/o:linux:linux_kernel:2.6.16.15Linux Kernel 2.6.16.15
cpe:/o:linux:linux_kernel:2.6.14.2Linux Kernel 2.6.14.2
cpe:/o:linux:linux_kernel:2.6.11Linux Kernel 2.6.11
cpe:/o:linux:linux_kernel:2.6.16.8Linux Kernel 2.6.16.8
cpe:/o:linux:linux_kernel:2.6.16Linux Kernel 2.6.16
cpe:/o:linux:linux_kernel:2.6.16.3Linux Kernel 2.6.16.3
cpe:/o:linux:linux_kernel:2.6.16.11Linux Kernel 2.6.16.11
cpe:/o:linux:linux_kernel:2.6.15Linux Kernel 2.6.15
cpe:/o:linux:linux_kernel:2.4.32Linux Kernel 2.4.32
cpe:/o:linux:linux_kernel:2.6.17.4Linux Kernel 2.6.17.4
cpe:/o:linux:linux_kernel:2.6.17.1Linux Kernel 2.6.17.1
cpe:/o:linux:linux_kernel:2.6.15.3Linux Kernel 2.6.15.3
cpe:/o:linux:linux_kernel:2.6.11.3Linux Kernel 2.6.11.3
cpe:/o:linux:linux_kernel:2.6.15.7Linux Kernel 2.6.15.7
cpe:/o:linux:linux_kernel:2.6.11.9Linux Kernel 2.6.11.9
cpe:/o:linux:linux_kernel:2.4.23Linux Kernel 2.4.23
cpe:/o:linux:linux_kernel:2.4.30Linux Kernel 2.4.30
cpe:/o:linux:linux_kernel:2.6.12.1Linux Kernel 2.6.12.1
cpe:/o:linux:linux_kernel:2.6.16.7Linux Kernel 2.6.16.7
cpe:/o:linux:linux_kernel:2.6.14.4Linux Kernel 2.6.14.4
cpe:/o:linux:linux_kernel:2.6.14.6Linux Kernel 2.6.14.6
cpe:/o:linux:linux_kernel:2.6.16.31Linux Kernel 2.6.16.31
cpe:/o:linux:linux_kernel:2.6.11.2Linux Kernel 2.6.11.2
cpe:/o:linux:linux_kernel:2.6.17.7Linux Kernel 2.6.17.7
cpe:/o:linux:linux_kernel:2.4.33Linux Kernel 2.4.33
cpe:/o:linux:linux_kernel:2.6.16.22Linux Kernel 2.6.16.22
cpe:/o:linux:linux_kernel:2.6.16.12Linux Kernel 2.6.16.12
cpe:/o:linux:linux_kernel:2.6.0Linux Kernel 2.6.0
cpe:/o:linux:linux_kernel:2.6.12.3Linux Kernel 2.6.12.3
cpe:/o:linux:linux_kernel:2.6.11.4Linux Kernel 2.6.11.4
cpe:/o:linux:linux_kernel:2.6.16.26Linux Kernel 2.6.16.26
cpe:/o:linux:linux_kernel:2.6.11.12Linux Kernel 2.6.11.12
cpe:/o:linux:linux_kernel:2.6.15.2Linux Kernel 2.6.15.2
cpe:/o:linux:linux_kernel:2.6.16.17Linux Kernel 2.6.16.17
cpe:/o:linux:linux_kernel:2.6.16.1Linux Kernel 2.6.16.1
cpe:/o:linux:linux_kernel:2.6.17.6Linux Kernel 2.6.17.6
cpe:/o:linux:linux_kernel:2.4.25Linux Kernel 2.4.25
cpe:/o:linux:linux_kernel:2.4.31Linux Kernel 2.4.31
cpe:/o:linux:linux_kernel:2.6.16.30Linux Kernel 2.6.16.30
cpe:/o:linux:linux_kernel:2.6.16.28Linux Kernel 2.6.16.28
cpe:/o:linux:linux_kernel:2.6.16.18Linux Kernel 2.6.16.18
cpe:/o:linux:linux_kernel:2.6.13.3Linux Kernel 2.6.13.3
cpe:/o:linux:linux_kernel:2.6.16.4Linux Kernel 2.6.16.4
cpe:/o:linux:linux_kernel:2.6.15.1Linux Kernel 2.6.15.1
cpe:/o:linux:linux_kernel:2.6.17.9Linux Kernel 2.6.17.9
cpe:/o:linux:linux_kernel:2.6.16.19Linux Kernel 2.6.16.19
cpe:/o:linux:linux_kernel:2.6.13.5Linux Kernel 2.6.13.5
cpe:/o:linux:linux_kernel:2.6.14.7Linux Kernel 2.6.14.7
cpe:/o:linux:linux_kernel:2.6.16.25Linux Kernel 2.6.16.25
cpe:/o:linux:linux_kernel:2.6.13.2Linux Kernel 2.6.13.2
cpe:/o:linux:linux_kernel:2.4.28Linux Kernel 2.4.28
cpe:/o:linux:linux_kernel:2.6.16.2Linux Kernel 2.6.16.2
cpe:/o:linux:linux_kernel:2.6.12Linux Kernel 2.6.12
cpe:/o:linux:linux_kernel:2.6.15.6Linux Kernel 2.6.15.6
cpe:/o:linux:linux_kernel:2.6.13.1Linux Kernel 2.6.13.1
cpe:/o:linux:linux_kernel:2.6.17.8Linux Kernel 2.6.17.8
cpe:/o:linux:linux_kernel:2.6.16.20Linux Kernel 2.6.16.20
cpe:/o:linux:linux_kernel:2.6.12.5Linux Kernel 2.6.12.5
cpe:/o:linux:linux_kernel:2.6.15.5Linux Kernel 2.6.15.5
cpe:/o:linux:linux_kernel:2.6.17.3Linux Kernel 2.6.17.3
cpe:/o:linux:linux_kernel:2.6.13.4Linux Kernel 2.6.13.4
cpe:/o:linux:linux_kernel:2.6.16.16Linux Kernel 2.6.16.16
cpe:/o:linux:linux_kernel:2.6.14.5Linux Kernel 2.6.14.5
cpe:/o:linux:linux_kernel:2.6.12.6Linux Kernel 2.6.12.6
cpe:/o:linux:linux_kernel:2.6.16.9Linux Kernel 2.6.16.9
cpe:/o:linux:linux_kernel:2.6.12.4Linux Kernel 2.6.12.4
cpe:/o:linux:linux_kernel:2.6.11.8Linux Kernel 2.6.11.8
cpe:/o:linux:linux_kernel:2.4.24Linux Kernel 2.4.24
cpe:/o:linux:linux_kernel:2.6.16.5Linux Kernel 2.6.16.5
cpe:/o:linux:linux_kernel:2.6.13Linux Kernel 2.6.13
cpe:/o:linux:linux_kernel:2.6.16.23Linux Kernel 2.6.16.23
cpe:/o:linux:linux_kernel:2.6.16.10Linux Kernel 2.6.16.10
cpe:/o:linux:linux_kernel:2.6.11.5Linux Kernel 2.6.11.5
cpe:/o:linux:linux_kernel:2.6.16.29Linux Kernel 2.6.16.29
cpe:/o:linux:linux_kernel:2.6.17Linux Kernel 2.6.17
cpe:/o:linux:linux_kernel:2.6.17.2Linux Kernel 2.6.17.2
cpe:/o:linux:linux_kernel:2.6.15.4Linux Kernel 2.6.15.4
cpe:/o:linux:linux_kernel:2.6.11.11Linux Kernel 2.6.11.11
cpe:/o:linux:linux_kernel:2.6.11.7Linux Kernel 2.6.11.7
cpe:/o:linux:linux_kernel:2.6.16.6Linux Kernel 2.6.16.6
cpe:/o:linux:linux_kernel:2.6.10Linux Kernel 2.6.10
cpe:/o:linux:linux_kernel:2.6.14Linux Kernel 2.6.14
cpe:/o:linux:linux_kernel:2.4.26Linux Kernel 2.4.26
cpe:/o:linux:linux_kernel:2.6.11.1Linux Kernel 2.6.11.1
cpe:/o:linux:linux_kernel:2.6.14.1Linux Kernel 2.6.14.1
cpe:/o:linux:linux_kernel:2.6.14.3Linux Kernel 2.6.14.3
cpe:/o:linux:linux_kernel:2.6.16.21Linux Kernel 2.6.16.21
cpe:/o:linux:linux_kernel:2.4.29Linux Kernel 2.4.29
cpe:/o:linux:linux_kernel:2.6.11.10Linux Kernel 2.6.11.10

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10706Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3745
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200608-395
(官方数据源) CNNVD

- 其它链接及资源

http://www.redhat.com/support/errata/RHSA-2006-0617.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2006:0617
http://secunia.com/advisories/21605
(VENDOR_ADVISORY)  SECUNIA  21605
https://issues.rpath.com/browse/RPL-611
(UNKNOWN)  CONFIRM  https://issues.rpath.com/browse/RPL-611
http://xforce.iss.net/xforce/xfdb/28530
(UNKNOWN)  XF  kernel-sctp-privilege-escalation(28530)
http://www.vupen.com/english/advisories/2006/3358
(VENDOR_ADVISORY)  VUPEN  ADV-2006-3358
http://www.ubuntu.com/usn/usn-346-1
(UNKNOWN)  UBUNTU  USN-346-1
http://www.securityfocus.com/bid/19666
(UNKNOWN)  BID  19666
http://www.securityfocus.com/archive/1/archive/1/444887/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060831 rPSA-2006-0162-1 kernel
http://www.securityfocus.com/archive/1/archive/1/444066/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060822 Linux Kernel SCTP Privilege Elevation Vulnerability
http://www.novell.com/linux/security/advisories/2006_57_kernel.html
(UNKNOWN)  SUSE  SUSE-SA:2006:057
http://www.novell.com/linux/security/advisories/2006_22_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:022
http://www.novell.com/linux/security/advisories/2006_21_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2006:021
http://www.mandriva.com/security/advisories?name=MDKSA-2007:025
(UNKNOWN)  MANDRIVA  MDKSA-2007:025
http://www.mandriva.com/security/advisories?name=MDKSA-2006:151
(UNKNOWN)  MANDRIVA  MDKSA-2006:151
http://www.mandriva.com/security/advisories?name=MDKSA-2006:150
(UNKNOWN)  MANDRIVA  MDKSA-2006:150
http://www.debian.org/security/2006/dsa-1184
(UNKNOWN)  DEBIAN  DSA-1184
http://www.debian.org/security/2006/dsa-1183
(UNKNOWN)  DEBIAN  DSA-1183
http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-203.htm
http://secunia.com/advisories/22174
(VENDOR_ADVISORY)  SECUNIA  22174
http://secunia.com/advisories/22148
(VENDOR_ADVISORY)  SECUNIA  22148
http://secunia.com/advisories/22093
(VENDOR_ADVISORY)  SECUNIA  22093
http://secunia.com/advisories/22082
(VENDOR_ADVISORY)  SECUNIA  22082
http://secunia.com/advisories/21934
(VENDOR_ADVISORY)  SECUNIA  21934
http://secunia.com/advisories/21847
(VENDOR_ADVISORY)  SECUNIA  21847
http://secunia.com/advisories/21695
(VENDOR_ADVISORY)  SECUNIA  21695
http://secunia.com/advisories/21614
(VENDOR_ADVISORY)  SECUNIA  21614
http://secunia.com/advisories/21576
(VENDOR_ADVISORY)  SECUNIA  21576
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.2
(UNKNOWN)  CONFIRM  http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.2
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0600.html
(UNKNOWN)  FULLDISC  20060822 Linux Kernel SCTP Privilege Elevation Vulnerability

- 漏洞信息

Linux Kernel sctp模块sctp_make_abort_user函数本地溢出漏洞
高危 边界条件错误
2006-08-23 00:00:00 2006-08-31 00:00:00
本地  
        Linux Kernel是开放源码操作系统Linux所使用的内核。
        Linux sctp模块的sctp_make_abort_user函数中存在溢出漏洞,可能允许本地用户获得root权限并以内核权限级别执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.17.y.git;a=commit;h=96ec9da385cf72c5f775e5f163420ea92e66ded2
        http://lwn.net/Alerts/196702/?format=printable

- 漏洞信息 (F49475)

Mandriva Linux Security Advisory 2006.151 (PacketStormID:F49475)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,kernel,vulnerability
linux,mandriva
CVE-2006-1066,CVE-2006-1863,CVE-2006-1864,CVE-2006-2934,CVE-2006-2935,CVE-2006-2936,CVE-2006-3468,CVE-2006-3745
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-151 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:151
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : August 25, 2006
 Affected: 2006.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 Prior to and including 2.6.16-rc2, when running on x86_64 systems with
 preemption enabled, local users can cause a DoS (oops) via multiple
 ptrace tasks that perform single steps (CVE-2006-1066).
 
 Prior to 2.6.16, a directory traversal vulnerability in CIFS could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1863).
 
 Prior to 2.6.16, a directory traversal vulnerability in smbfs could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1864).
 
 Prior to to 2.6.16.23, SCTP conntrack in netfilter allows remote
 attackers to cause a DoS (crash) via a packet without any chunks,
 causing a variable to contain an invalid value that is later used to
 dereference a pointer (CVE-2006-2934).
 
 The dvd_read_bca function in the DVD handling code assigns the wrong
 value to a length variable, which could allow local users to execute
 arbitrary code via a crafted USB storage device that triggers a buffer
 overflow (CVE-2006-2935).
 
 Prior to 2.6.17, the ftdi_sio driver could allow local users to cause
 a DoS (memory consumption) by writing more data to the serial port than
 the hardware can handle, causing the data to be queued (CVE-2006-2936).
 
 The 2.6 kernel, when using both NFS and EXT3, allowed remote attackers
 to cause a DoS (file system panic) via a crafted UDP packet with a V2
 lookup procedure that specifies a bad file handle (inode number),
 triggering an error and causing an exported directory to be remounted
 read-only (CVE-2006-3468).
 
 The 2.6 kernel's SCTP was found to cause system crashes and allow for
 the possibility of local privilege escalation due to a bug in the
 get_user_iov_size() function that doesn't properly handle overflow when
 calculating the length of iovec (CVE-2006-3745).
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.
 
 In addition to these security fixes, other fixes have been included
 such as:
 
 - added support for new devices:
   o Testo products in usb-serial
   o ATI SB600 IDE
   o ULI M-1573 south Bridge
   o PATA and SATA support for nVidia MCP55, MCP61, MCP65, and AMD CS5536
   o Asus W6A motherboard in snd-hda-intel
   o bcm 5780
 - fixed ip_gre module unload OOPS
 - enabled opti621 driver for x86 and x86_64
 - fixed a local DoS introduced by an imcomplete fix for CVE-2006-2445
 - updated to Xen 3.0.1 with selected fixes
 - enable hugetlbfs
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1066
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2934
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 9b4811892823bfa6ddfa648f029ee500  2006.0/RPMS/kernel-2.6.12.25mdk-1-1mdk.i586.rpm
 27e6afeac2d98e07cd8a16d2ffa8de28  2006.0/RPMS/kernel-BOOT-2.6.12.25mdk-1-1mdk.i586.rpm
 dcd2a1843a5f56c286a0e6270c7b1d79  2006.0/RPMS/kernel-i586-up-1GB-2.6.12.25mdk-1-1mdk.i586.rpm
 477b78d6836d03484a58720f2137e506  2006.0/RPMS/kernel-i686-up-4GB-2.6.12.25mdk-1-1mdk.i586.rpm
 ab1f7540dbfd41f469f4931a710dbe95  2006.0/RPMS/kernel-smp-2.6.12.25mdk-1-1mdk.i586.rpm
 ed246f8b552bb26bb8e89c0c0842bbe9  2006.0/RPMS/kernel-source-2.6.12.25mdk-1-1mdk.i586.rpm
 acb15b08ed7f7d2ad3747c555a07b401  2006.0/RPMS/kernel-source-stripped-2.6.12.25mdk-1-1mdk.i586.rpm
 ede19a2f7dd7b715c58e9c61ee1c3359  2006.0/RPMS/kernel-xbox-2.6.12.25mdk-1-1mdk.i586.rpm
 848a9f9725f141077a34affb42088946  2006.0/RPMS/kernel-xen0-2.6.12.25mdk-1-1mdk.i586.rpm
 d280fd356d01831e6dbe5f0fc73c741b  2006.0/RPMS/kernel-xenU-2.6.12.25mdk-1-1mdk.i586.rpm
 c0a388efafe83a187a58d582ddf9cafb  2006.0/SRPMS/kernel-2.6.12.25mdk-1-1mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 54c6b69a3ce44d4dfb217f4b4f620293  x86_64/2006.0/RPMS/kernel-2.6.12.25mdk-1-1mdk.x86_64.rpm
 0eded734bf839d253c18d4849507a687  x86_64/2006.0/RPMS/kernel-BOOT-2.6.12.25mdk-1-1mdk.x86_64.rpm
 c379d55bcaee5070b46475b2e1cbce0a  x86_64/2006.0/RPMS/kernel-smp-2.6.12.25mdk-1-1mdk.x86_64.rpm
 2fad12f6ea68fdd1d000c2602f47a0a3  x86_64/2006.0/RPMS/kernel-source-2.6.12.25mdk-1-1mdk.x86_64.rpm
 1ae8c5f75d5660e511cfe2db62a02056  x86_64/2006.0/RPMS/kernel-source-stripped-2.6.12.25mdk-1-1mdk.x86_64.rpm
 160c2425b4be695feaafffdb59cc8fcd  x86_64/2006.0/RPMS/kernel-xen0-2.6.12.25mdk-1-1mdk.x86_64.rpm
 677a458c0eb70f9f8a5bd9553b96f589  x86_64/2006.0/RPMS/kernel-xenU-2.6.12.25mdk-1-1mdk.x86_64.rpm
 c0a388efafe83a187a58d582ddf9cafb  x86_64/2006.0/SRPMS/kernel-2.6.12.25mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7xpfmqjQ0CJFipgRAio9AKDjb4g8obg5dkOccjQOlFQ6oeIKAQCgkNQ3
ZdXAs/f1g9RsGP1wVlrqg+U=
=TeRg
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F49474)

Mandriva Linux Security Advisory 2006.150 (PacketStormID:F49474)
2006-08-28 00:00:00
Mandriva  mandriva.com
advisory,kernel,vulnerability
linux,mandriva
CVE-2006-0554,CVE-2006-0744,CVE-2006-1343,CVE-2006-1857,CVE-2006-1858,CVE-2006-1863,CVE-2006-1864,CVE-2006-2274,CVE-2006-2935,CVE-2006-2936,CVE-2006-3468,CVE-2006-3745
[点击下载]

Mandriva Linux Security Advisory MDKSA-2006-150 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:150
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : kernel
 Date    : August 25, 2006
 Affected: Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of vulnerabilities were discovered and corrected in the Linux
 2.6 kernel:
 
 Prior to 2.6.15.5, the kerenl allowed local users to obtain sensitive
 information via a crafted XFS ftruncate call (CVE-2006-0554).
 
 Prior to 2.6.15.5, the kernel did not properly handle uncanonical
 return addresses on Intel EM64T CPUs causing the kernel exception
 handler to run on the user stack with the wrong GS (CVE-2006-0744).
 
 ip_conntrack_core.c in the 2.6 kernel, and possibly
 nf_conntrack_l3proto_ipv4.c did not clear sockaddr_in.sin_zero before
 returning IPv4 socket names from the getsockopt function with
 SO_ORIGINAL_DST, which could allow local users to obtain portions of
 potentially sensitive memory (CVE-2006-1343).
 
 Prior to 2.6.16.17, the a buffer overflow in SCTP in the kernel allowed
 remote attackers to cause a Denial of Service (crash) and possibly
 execute arbitrary code via a malformed HB-ACK chunk (CVE-2006-1857).
 
 Prior to 2.6.16.17, SCTP in the kernel allowed remote attackers to
 cause a DoS (crash) and possibly execute arbitrary code via a chunk
 length that is inconsistent with the actual length of provided
 parameters (CVE-2006-1858).
 
 Prior to 2.6.16, a directory traversal vulnerability in CIFS could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1863).
 
 Prior to 2.6.16, a directory traversal vulnerability in smbfs could
 allow a local user to escape chroot restrictions for an SMB-mounted
 filesystem via "..\\" sequences (CVE-2006-1864).
 
 Prior to 2.6.17, Linux SCTP allowed a remote attacker to cause a DoS
 (infinite recursion and crash) via a packet that contains two or more
 DATA fragments, which caused an skb pointer to refer back to itself
 when the full message is reassembled, leading to an infinite recursion
 in the sctp_skb_pull function (CVE-2006-2274).
 
 The dvd_read_bca function in the DVD handling code assigns the wrong
 value to a length variable, which could allow local users to execute
 arbitrary code via a crafted USB storage device that triggers a buffer
 overflow (CVE-2006-2935).
 
 Prior to 2.6.17, the ftdi_sio driver could allow local users to cause
 a DoS (memory consumption) by writing more data to the serial port than
 the hardware can handle, causing the data to be queued (CVE-2006-2936).
 
 The 2.6 kernel, when using both NFS and EXT3, allowed remote attackers
 to cause a DoS (file system panic) via a crafted UDP packet with a V2
 lookup procedure that specifies a bad file handle (inode number),
 triggering an error and causing an exported directory to be remounted
 read-only (CVE-2006-3468).
 
 The 2.6 kernel's SCTP was found to cause system crashes and allow for
 the possibility of local privilege escalation due to a bug in the
 get_user_iov_size() function that doesn't properly handle overflow when
 calculating the length of iovec (CVE-2006-3745).
 
 The provided packages are patched to fix these vulnerabilities.  All
 users are encouraged to upgrade to these updated kernels immediately
 and reboot to effect the fixes.
 
 To update your kernel, please follow the directions located at:
 
   http://www.mandriva.com/en/security/kernelupdate
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0554
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1857
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1858
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1863
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3745
 _______________________________________________________________________
 
 Updated Packages:
 
 Corporate 3.0:
 9d14c43145beafb4e63fe8cae758d0f6  corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 e7331f51ed5cf4edee33efcb01f49243  corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.i586.rpm
 dcb027450192d7d73f407f30d3e3e852  corporate/3.0/RPMS/kernel-enterprise-2.6.3.35mdk-1-1mdk.i586.rpm
 59f29ace5cc862c84cace5d046d6302e  corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 6b062c5059587a927f31fea04fb91a3a  corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 744287198a20913bd38b1c1d37a68bd2  corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 17780ad90f4989615baab5f115074f8a  corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 4555bac09b7ce50d83b97c47af0b2724  corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.i586.rpm
 7165754462cdfcd92c894f56623bc8b0  corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.i586.rpm
 e59db387f0642f5293dc60283832557b  corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Corporate 3.0/X86_64:
 918a70fe836d900b217f442b5208c779  x86_64/corporate/3.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.x86_64.rpm
 dd1ea77b15bd07c75f5ab7caf00dbde0  x86_64/corporate/3.0/RPMS/kernel-BOOT-2.6.3.35mdk-1-1mdk.x86_64.rpm
 c8964849f4142c2c51c3ddd298513753  x86_64/corporate/3.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.x86_64.rpm
 7a98664c4ba5f0d50a500c1158a8fb08  x86_64/corporate/3.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.x86_64.rpm
 3c4d5ca4f7a1a91d99fc182e499c9e76  x86_64/corporate/3.0/RPMS/kernel-source-2.6.3-35mdk.x86_64.rpm
 a25c6705ba2b70c85c1c86e68cb0d3cd  x86_64/corporate/3.0/RPMS/kernel-source-stripped-2.6.3-35mdk.x86_64.rpm
 e59db387f0642f5293dc60283832557b  x86_64/corporate/3.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm

 Multi Network Firewall 2.0:
 5cab4be7c19a67689f33f01de208879e  mnf/2.0/RPMS/kernel-2.6.3.35mdk-1-1mdk.i586.rpm
 ee1db88c9010b3a1af0f5ea93ce86505  mnf/2.0/RPMS/kernel-i686-up-4GB-2.6.3.35mdk-1-1mdk.i586.rpm
 0e3618eec1dcb5bca817ecec7e912836  mnf/2.0/RPMS/kernel-p3-smp-64GB-2.6.3.35mdk-1-1mdk.i586.rpm
 ded09245567203340c86b3ddacf21b3a  mnf/2.0/RPMS/kernel-secure-2.6.3.35mdk-1-1mdk.i586.rpm
 7efdc84f2748f1c2237a72ef94d90b31  mnf/2.0/RPMS/kernel-smp-2.6.3.35mdk-1-1mdk.i586.rpm
 d12744fdab6bf6606ed13fae69b51f50  mnf/2.0/SRPMS/kernel-2.6.3.35mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFE7xa9mqjQ0CJFipgRAsAAAKC/kOcYUfcUldfx8MGy87CHigyjSgCeJ/43
JsyWup/H/+NRqjHU1SGHaGc=
=8KyZ
-----END PGP SIGNATURE-----

    

- 漏洞信息

28119
Linux Kernel SCTP sctp_make_abort_user() Function Local Privilege Escalation
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2006-08-22 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.4.33.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Linux Kernel SCTP_Make_Abort_User Function Buffer Overflow Vulnerability
Boundary Condition Error 19666
No Yes
2006-08-22 12:00:00 2006-12-19 06:13:00
Wei Wang of McAfee Avert Labs has been credited with the discovery of this vulnerability.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE SUSE Linux Enterprise Server 8
SuSE SUSE Linux Enterprise Server 10
SuSE SUSE Linux Enterprise Desktop 10
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Open-Enterprise-Server 1
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Office Server
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Novell Linux Desktop 1.0
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Office Server
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 10
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux Database Server 0
S.u.S.E. Linux Connectivity Server
rPath rPath Linux 1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Linux kernel 2.6.17 .9
Linux kernel 2.6.17 .8
Linux kernel 2.6.17 .7
Linux kernel 2.6.17 .6
Linux kernel 2.6.17 .5
Linux kernel 2.6.17 .4
Linux kernel 2.6.17 .3
Linux kernel 2.6.17 .1
Linux kernel 2.6.17 -rc5
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.17
Linux kernel 2.6.16 27
Linux kernel 2.6.16 13
Linux kernel 2.6.16 .9
Linux kernel 2.6.16 .8
Linux kernel 2.6.16 .7
Linux kernel 2.6.16 .5
Linux kernel 2.6.16 .4
Linux kernel 2.6.16 .3
Linux kernel 2.6.16 .23
Linux kernel 2.6.16 .21
Linux kernel 2.6.16 .2
Linux kernel 2.6.16 .19
Linux kernel 2.6.16 .18
Linux kernel 2.6.16 .17
Linux kernel 2.6.16 .16
Linux kernel 2.6.16 .12
Linux kernel 2.6.16 .11
Linux kernel 2.6.16 .1
Linux kernel 2.6.16 -rc1
Linux kernel 2.6.16
Linux kernel 2.6.15 .6
Linux kernel 2.6.15 .4
Linux kernel 2.6.15 .3
Linux kernel 2.6.15 .2
Linux kernel 2.6.15 .1
Linux kernel 2.6.15 -rc6
Linux kernel 2.6.15 -rc5
Linux kernel 2.6.15 -rc4
Linux kernel 2.6.15 -rc3
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.15
Linux kernel 2.6.14 .5
Linux kernel 2.6.14 .4
Linux kernel 2.6.14 .3
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .6
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.12
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Linux kernel 2.6.8
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.4.33 .1
Linux kernel 2.4.33 -pre1
Linux kernel 2.4.33
Linux kernel 2.4.32 -pre2
Linux kernel 2.4.32 -pre1
Linux kernel 2.4.32
Linux kernel 2.4.31 -pre1
Linux kernel 2.4.31
Linux kernel 2.4.30 rc3
Linux kernel 2.4.30 rc2
Linux kernel 2.4.30
Linux kernel 2.4.29 -rc2
Linux kernel 2.4.29 -rc1
Linux kernel 2.4.29
Linux kernel 2.4.28
Linux kernel 2.4.27 -pre5
Linux kernel 2.4.27 -pre4
Linux kernel 2.4.27 -pre3
Linux kernel 2.4.27 -pre2
Linux kernel 2.4.27 -pre1
Linux kernel 2.4.27
Linux kernel 2.4.26
Linux kernel 2.4.25
Linux kernel 2.4.24 -ow1
Linux kernel 2.4.24
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23 -ow2
Linux kernel 2.4.23
+ Trustix Secure Linux 2.0
Linux kernel 2.4.22
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ SuSE SUSE Linux Enterprise Server 8
Linux kernel 2.4.20
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
Linux kernel 2.4.18
+ Astaro Security Linux 2.0 23
+ Astaro Security Linux 2.0 16
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0
+ Red Hat Enterprise Linux AS 2.1 IA64
+ RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Linux 8.0
+ RedHat Linux 7.3
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
+ S.u.S.E. Linux Firewall on CD
+ S.u.S.E. Linux Office Server
+ S.u.S.E. Linux Openexchange Server
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. SuSE eMail Server 3.1
+ S.u.S.E. SuSE eMail Server III
+ SuSE SUSE Linux Enterprise Server 8
+ SuSE SUSE Linux Enterprise Server 7
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Linux kernel 2.4.17
Linux kernel 2.4.16
Linux kernel 2.4.15
Linux kernel 2.4.14
Linux kernel 2.4.13
Linux kernel 2.4.12
+ Conectiva Linux 7.0
Linux kernel 2.4.11
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.3
Linux kernel 2.4.2
Linux kernel 2.4.1
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4
Linux kernel 2.6.15.5
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Avaya S8710 CM 3.1
Avaya S8700 CM 3.1
Avaya S8500 CM 3.1
Avaya S8300 CM 3.1
Linux kernel 2.6.17 .10
Linux kernel 2.4.33 2

- 不受影响的程序版本

Linux kernel 2.6.17 .10
Linux kernel 2.4.33 2

- 漏洞讨论

The Linux kernel is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

A local attacker can exploit this issue to execute arbitrary code and potentially compromise the affected computer.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

The vendor has released versions 2.6.17.10 and 2.4.33.2 to address this issue.

Please see the referenced advisories for more information.


Linux kernel 2.4.18

Linux kernel 2.6 -test4

Linux kernel 2.6 -test9

Linux kernel 2.6 -test10

Linux kernel 2.6.1

Linux kernel 2.6.10 rc2

Linux kernel 2.6.11 -rc3

Linux kernel 2.6.11 .11

Linux kernel 2.6.11 .7

Linux kernel 2.6.12 .1

Linux kernel 2.6.12 -rc4

Linux kernel 2.6.12 .2

Linux kernel 2.6.13 .3

Linux kernel 2.6.13

Linux kernel 2.6.14 .1

Linux kernel 2.6.14 -rc2

Linux kernel 2.6.15

Linux kernel 2.6.15 -rc3

Linux kernel 2.6.15 -rc4

Linux kernel 2.6.16 .9

Linux kernel 2.6.16 .1

Linux kernel 2.6.16 13

Linux kernel 2.6.16 .11

Linux kernel 2.6.16 .18

Linux kernel 2.6.17 -rc5

Linux kernel 2.6.17 .3

Linux kernel 2.6.17

Linux kernel 2.6.6 rc1

Linux kernel 2.6.7

Linux kernel 2.6.7 rc1

Linux kernel 2.6.8 rc2

Linux kernel 2.6.8 rc1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站