Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0130 -- Debian Security Advisory DSA 438-1
New Linux 2.4.18 packages fix local root exploit (alpha+i386+powerpc)
19 February 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Debian
Operating System: Debian GNU/Linux 3.0 alias woody
Linux
Impact: Root Compromise
Access Required: Existing Account
CVE Names: CAN-2004-0077
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 438-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 18th, 2004 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : kernel-source-2.4.18, kernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386, kernel-image-2.4.18-i386bf, kernel-patch-2.4.18-powerpc
Vulnerability : missing function return value check
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0077
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical
security vulnerability in the memory management code of Linux inside
the mremap(2) system call. Due to missing function return value check
of internal functions a local attacker can gain root privileges.
For the stable distribution (woody) this problem has been fixed in
version 2.4.18-14.2 of kernel-source, version 2.4.18-14 of alpha
images, version 2.4.18-12.2 of i386 images, version 2.4.18-5woody7
of i386bf images and version 2.4.18-1woody4 of powerpc images.
Other architectures will probably mentioned in a separate advisory or
are not affected (m68k).
For the unstable distribution (sid) this problem is fixed in version
2.4.24-3 for source, i386 and alpha images and version 2.4.22-10 for
powerpc images.
This problem is also fixed in the upstream version of Linux 2.4.25 and
2.6.3.
We recommend that you upgrade your Linux kernel packages immediately.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2.dsc
Size/MD5 checksum: 664 38e578dda3dd54a5daa6b8badcac1a58
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2.diff.gz
Size/MD5 checksum: 67490 e1ef6246f639481dfd8b3c5b15d8668e
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-14.dsc
Size/MD5 checksum: 876 7774c946590a5a80332ca920f67cc8ec
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-14.tar.gz
Size/MD5 checksum: 24477 b9c0ba46774c2da3be69851110d6f2f9
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-12.2.dsc
Size/MD5 checksum: 1193 b44a4e8f803bb2214bd0c4c3e9f88d81
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-12.2.tar.gz
Size/MD5 checksum: 70044 f4caad005d02a1c7cadfa73bfc4952fb
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody7.dsc
Size/MD5 checksum: 656 e091295663f495df0ea8273703decef0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody7.tar.gz
Size/MD5 checksum: 26249 f84d855e356c1f5290f6fe96d9e039c8
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4.dsc
Size/MD5 checksum: 713 7f68980058d55c40a037c6666354ffe9
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4.tar.gz
Size/MD5 checksum: 79541 bff712e95a6960659a0e96dab9732ed4
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.2_all.deb
Size/MD5 checksum: 1719692 32cb6638a9be7e7f7332152c04854bba
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2_all.deb
Size/MD5 checksum: 24133918 306f15a8a6279221394b6a8ac2c5a69c
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4_all.deb
Size/MD5 checksum: 79274 8ea5d169fd45e464c1213e729e4e5368
Alpha architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-14_alpha.deb
Size/MD5 checksum: 3363042 9ee4da919ccec99281efdaaae303af73
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-14_alpha.deb
Size/MD5 checksum: 3512422 47b306297211fd7079abb918bb10ef37
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-14_alpha.deb
Size/MD5 checksum: 3515048 d0153184a825640d1fe64b905ab98de4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-14_alpha.deb
Size/MD5 checksum: 12425644 aa320665938f55d33bfc8a9593e4639f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-14_alpha.deb
Size/MD5 checksum: 12800414 2901b9a0ff3cabfbb4249ee2cbb94b43
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3412982 cad64cfd789bfa49fe5463a3b4a8a5bd
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3503440 02c707f32c72f98df9002c04006aae6b
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504340 bd5e69e90ab3be3378f588abbfe23c79
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504232 6ab9026a1484be3aaf7fa08217ae9c5c
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3505300 2ffc58a24a13bf0991be5b982026b6c5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504034 a448bb692b10914a3a7f7f1d9b16be96
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504256 349318073fbd9b6f3eae2b7bc5d65b54
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8797608 df96f2969970f149992e74cfd7838919
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8704208 b29d3a133a3d5485645a1428045481f2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8703628 fdf8ddc2c2fdc0c5ceffb9f34b8dc00f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8959706 da0efa81b152f5ce0e949ba00a58b1f0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8660826 78ee935b25e3cb8e1d6affc13e78aa35
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8863038 8b0605e449390dfd819e5543c79fe0e3
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 228532 83d533868f288d4bd7866cf4b3114321
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 228084 dca93798c731513d7f8908c591fc4992
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 227546 99c579382f1c93af23cdedb9dfdce997
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 231188 cae74563956d0a8757994959b101e5c0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-12.2_i386.deb Size/MD5 checksum: 227180 eb3383f20e4123b964a6143fae4be03b
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-12.2_i386.deb Size/MD5 checksum: 230440 e4875246851ee5dd470bf61af43e2ef6
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody7_i386.deb
Size/MD5 checksum: 3410436 8238f8f8d03b19071ca774e611c83cd5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody7_i386.deb
Size/MD5 checksum: 6425110 e7e25ace06cd1edbb6967c3cae155e09
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 3432656 4116a684a091bbc46a94fcafc03ba50a
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 9452588 ca305391d3dfe3aa0ab140a047d67df2
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 10101958 d427f943297e02355545d7fa1a2ab263
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 10345492 4d6e160cb19df083c4d238f8ff1e4913
These files will probably be moved into the stable distribution on
its next revision.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAM2jFW5ql+IAeqTIRAjKuAJ9C50/t8NuXmFzw2oJOkA0JzMwLEACfZ3A3
ygZc/drgecpezqGQUmvkYyw=
=169V
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBQDRVRyh9+71yA2DNAQHJFAP+MWo1eFAUedxYf3GevLpDIZ1ZfA7sd7/q
sDRYZFfhyQ9rew1y050m6lz4s0z096WdR1ZmpHQnCU4flcEAujTUQ3EifHDIXz2o
6le3bgYpQ0OcmDnLLAprPB1SFqYGG90I1Z4Lrvuou+AlHoOCSmo+eXGhKxmTk7vG
DMEBdGgo7Cs=
=Ptrg
-----END PGP SIGNATURE-----