---

Home Security

Advisories, December 14, 2005

By

Debian GNU/Linux

Debian Security Advisory DSA 921-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
December 14th, 2005 http://www.debian.org/security/faq

Package : kernel-source-2.4.27
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2005-0756 CVE-2005-0757 CVE-2005-1762 CVE-2005-1767
CVE-2005-1768 CVE-2005-2456 CVE-2005-2458 CVE-2005-2459
CVE-2005-2553 CVE-2005-2801 CVE-2005-2872 CVE-2005-3275
BugTraq ID : 14477
Debian Bug : 311164 319629 321401 322237

Several local and remote vulnerabilities have been discovered in
the Linux kernel that may lead to a denial of service or the
execution of arbitrary code. The Common Vulnerabilieis and
Exposures project identifies the following problems:

CVE-2005-0756

Alexander Nyberg discovered that the ptrace() system call does
not properly verify addresses on the amd64 architecture which can
be exploited by a local attacker to crash the kernel.

CVE-2005-0757

A problem in the offset handling in the xattr file system code
for ext3 has been discovered that may allow users on 64-bit systems
that have access to an ext3 filesystem with extended attributes to
cause the kernel to crash.

CVE-2005-1762

A vulnerability has been discovered in the ptrace() system call
on the amd64 architecture that allowas a local attacker to cause
the kernel to crash.

CVE-2005-1767

A vulnerability has been discovered in the stack segment fault
handler that could allow a local attacker to cause stack exception
that will leed the kernel to crash under certain circumstances.

CVE-2005-1768

Ilja van Sprundel discovered a race condition in the IA32 (x86)
compatibility execve() systemcall for amd64 and IA64 that allows
local attackers to cause the kernel to panic and possibly execute
arbitrary code.

CVE-2005-2456

Balazs Scheidler discovered that a local attacker could call
setsockopt() with an invalid xfrm_user policy message which would
cause the kernel to write beyond the boundaries of an array and
crash.

CVE-2005-2458

Vladimir Volovich discovered a bug in the zlib routines which
are also present in the Linux kernel and allows remote attackers to
krash the kernel

CVE-2005-2459

Another vulnerability has been discovered in the zlib routines
which are also present in the Linux kernel and allows remote
attackers to crash the kernel

CVE-2005-2553

A null pointer dereference in ptrace when tracing a 64-bit
executable can cause the kernel to crash.

CVE-2005-2801

Andreas Gruenbacher discovered a bug in the ext2 and ext3 file
systems. When data areas are to be shared among two inodes not all
information were compared for equality, which could expose wrong
ACLs for files.

CVE-2005-2872

Chad Walstrom discovered that the ipt_recent kernel module to
stop SSH bruteforce attacks could cause the kernel to crash on
64-bit architectures.

CVE-2005-3275

An error in the NAT code allows remote attackers to cause a
denial of service (memory corruption) by causing two packets for
the same protocol to be NATed at the same time, which leads to
memory corruption.

The following matrix explains which kernel version for which
architecture fix the problems mentioned above:

  Debian 3.1 (sarge)
Source 2.4.27-10sarge1
Alpha architecture 2.4.27-10sarge1
ARM architecture 2.4.27-2sarge1
Intel IA-32 architecture 2.4.27-10sarge1
Intel IA-64 architecture 2.4.27-10sarge1
Motorola 680×0 architecture 2.4.27-3sarge1
Big endian MIPS architecture 2.4.27-10.sarge1.040815-1
Little endian MIPS architecture 2.4.27-10.sarge1.040815-1
PowerPC architecture 2.4.27-10sarge1
IBM S/390 architecture 2.4.27-2sarge1
Sun Sparc architecture 2.4.27-9sarge1

We recommend that you upgrade your kernel package immediately
and reboot the machine.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.dsc

      Size/MD5 checksum: 900
cf29dbb52e2fd25da1d4ecb8dbe5e854
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1.diff.gz

      Size/MD5 checksum: 699494
3b26bc94e734e3e9c7de8851e9e308b7
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz

      Size/MD5 checksum: 38470181
56df34508cdc47a53d15bc02ffe4f42d

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge1.dsc

      Size/MD5 checksum: 831
0278c9e5d78a3f0192808e89d2fa389b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge1.tar.gz

      Size/MD5 checksum: 29945
c6c19bbf99fbff1d67d5216f28855755

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-arm/kernel-patch-2.4.27-arm_2.4.27-1sarge1.dsc

      Size/MD5 checksum: 577
0f7c9c24f228948824056914841278c5
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-arm/kernel-patch-2.4.27-arm_2.4.27-1sarge1.tar.gz

      Size/MD5 checksum: 828336
b38387d519bee09b40f6b706d54f60fc

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge1.dsc

      Size/MD5 checksum: 839
99ec4f95021ee6e9fb9b98087109c0d7
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge1.tar.gz

      Size/MD5 checksum: 32182
efdb3fde273dc5d0124d38f6d7dccbd6

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge1.dsc

      Size/MD5 checksum: 1581
0ddc89456decf24ce5d10aa79824cd5e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge1.tar.gz

      Size/MD5 checksum: 97268
6aa8cd7f87e3bda01cdcd09bda96e596

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge1.dsc

      Size/MD5 checksum: 1143
21e48f420a88976b9063e88cc7d8add5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge1.tar.gz

      Size/MD5 checksum: 53267
e3c410bc8e3bdfdfe81dbc00575f62e0

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge1.dsc

      Size/MD5 checksum: 889
a5253abf41b798233d68c8004da5049a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge1.tar.gz

      Size/MD5 checksum: 9791
3a5c08d227dac66ad83c75cd68c74375

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge1.040815-1.dsc

      Size/MD5 checksum: 1062
d03d719f6a6cef2732ba218ae40a6770
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge1.040815-1.tar.gz

      Size/MD5 checksum: 307828
fa74234db1cbd88277fcdd490b10a887

    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge1.dsc

      Size/MD5 checksum: 1129
125083312667f1bdb7c62e217b41963a
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge1.tar.gz

      Size/MD5 checksum: 1462360
ab3702cbcde8976d422e32d13173c942

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge1.dsc

      Size/MD5 checksum: 825
ecfb13748a5231fb8e1580b7bcd99600
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge1.tar.gz

      Size/MD5 checksum: 8123
5e41863c13ad4b96fe90ed25abd3e33d

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge1.dsc

      Size/MD5 checksum: 1074
a22bdef307d571cd0d9a055d0752111b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge1.tar.gz

      Size/MD5 checksum: 22912
2bcc7519c5da2edfe0b450b02b1c1e85

Architecture independent components:

    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge1_all.deb

      Size/MD5 checksum: 3577464
3a2c82fcc546bee30fb522f28193f3e7
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge1_all.deb

      Size/MD5 checksum: 650880
2cfb0a84539c910e596abba17e7d8d48
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge1_all.deb

      Size/MD5 checksum: 31026166
857f97955b1c7d145990f28581731fb7
    http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge1_all.deb

      Size/MD5 checksum: 24418
c346db9cb71c6e39328d49318a2f2ed4

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-arm/kernel-patch-2.4.27-arm_2.4.27-1sarge1_all.deb

      Size/MD5 checksum: 832704
b9e1f325937d5f7596688d5dd848de55

Alpha architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-2_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 5690
26d3f171f62b80b0b8e978652f8f485a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-2_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 4572104
d92c8a0b7398b6b41d52c7a55a3d88f1
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-2-generic_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 270932
be9e18785e87f29f8632a9fc973b0bbb
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-2-smp_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 272886
dea691efa19f4b82691124fa62e8963f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-2-generic_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 16516634
eb2e92ade4debc9bfdedb40134b3efd6
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-2-smp_2.4.27-10sarge1_alpha.deb

      Size/MD5 checksum: 16970506
2b58db598e31823c08f993da80ab10d0

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_alpha.deb

      Size/MD5 checksum: 18104
42337c47e36aab7279b3355987057447

AMD64 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_amd64.deb

      Size/MD5 checksum: 14830
1bef3063d2042b93b8734bbf02b57e8f

ARM architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 464238
58d912323c90cc0c588d7882965a0171
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 4657690
35d64aacb4e4d9286360881edec6a359
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 1688134
5cc159ac4ba8cd9152513616ebeff876
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 1053572
2ed7da9dfede24ce6c3ac6f3300c9f30
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 7330858
93afcdcfda01d2d08b0bc86f32a3d623
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 3141064
fdd304023a6f6da48c69417b1e531469
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge1_arm.deb

      Size/MD5 checksum: 3663614
e532db0019cc83e0b40e99cc5bd16179

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_arm.deb

      Size/MD5 checksum: 16498
98ff86517ac204296c7d2a8bd9d771cb

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-2_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 8224
ae479d6dbd6c171e94a25e5b59b4243f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 1823160
c058363ae7646c370f77d620c6bb6438
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-386_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 297168
19b508f76e107d8cf988560b3fd04a8b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-586tsc_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 298340
073efbc2d728e4ee3b30e980d2d0f5e6
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-686_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 298200
94f48b9438f8e100590c8874b3c05e0c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-686-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 300156
1143aa70f66386bf4789431e80810b2d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-k6_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 297050
44f3d785ad2c70829373321327e6e3e6
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-k7_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 297978
7795ea75d534ded9d2a7ade27fc3cf21
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-2-k7-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 299650
9676b8d779e9dd09f0583d950e2fd2d5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-386_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 11046010
e32bdedde43897d24792ce5199c8e428
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-586tsc_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 12024834
edfa4a6008fde7599fbd7e5081cc2bb9
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-686_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 12336042
d2c1f84d0c771fa8de10c87e0cb35e70
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-686-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 12679824
4ab0ad4ca8bf76e6614768cee8245c24
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-k6_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 11708878
7842c8dfed5e6c2cbbed136807b5cf7f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-k7_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 12083292
b45dd7f50ef9f4726711c4af87368037
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-2-k7-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 12415392
b56e1c928e816d53f6cba41f0138e91d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-386_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 267586
95d23b87e054f0a8dc82edd6a7f51f60
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-586tsc_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 292452
d090775026be223c949e0f86f5b1f646
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-686_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 298278
f8cc95014790c87b62bf81b2b2d2d674
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-686-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 303840
f1362454b42361047297b1ef7f90769c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-k6_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 286252
d67de5ec744bad676981089e5623561c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-k7_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 292100
0ce7cff58a32eb924199a652062a7e9f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-2-k7-smp_2.4.27-10sarge1_i386.deb

      Size/MD5 checksum: 296978
fdb699b60e0d3ae5fa4df76e0203c603

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_i386.deb

      Size/MD5 checksum: 14278
b17654c8d53b3813df9eaef78810efd4

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-2_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 5190
00c8fff6af32adf62f8c91794745931b
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-2_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 4678756
01467522c3106fab54cf6983a9c6487d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-2-itanium_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 239184
cd07eff9264141e6ddbd015f5f76e99e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-2-itanium-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 240504
03b131531af57cd2f46cf8ff8ba93f45
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-2-mckinley_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 239212
457102e92a389246447410ce172bbd2f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-2-mckinley-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 240498
66cc452b54b87366d7755da6693aa76c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 4916
8432a3f7650e77fc8ab88f9bf6efdc2a
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 4934
83fd412732f3cbc3d8b9c642f968bc61
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 4944
91ec4c1ca5123a5552cb1b74bea98b29
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 4962
26f8609ffe3a5711730283a5ac19e206
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-2-itanium_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 16665798
0dfd99eeb9d1c8933ec71f0cdc80a71e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-2-itanium-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 17023766
09ae0a0c0b133abe047cd50b8e09f02e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-2-mckinley_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 16623970
2b70e151d5c13c89d7646dc01d28a277
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-2-mckinley-smp_2.4.27-10sarge1_ia64.deb

      Size/MD5 checksum: 16970478
affcf0503482e489ae8384b3d7279fce

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_ia64.deb

      Size/MD5 checksum: 19858
ba4cea60b31ac6926bc2e12c89c98232

HP Precision architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_hppa.deb

      Size/MD5 checksum: 16894
ef6c734bc7a3be187324d77d6432affd

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2628642
9d7d78cb18b165526d3b9c69274cc186
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2535972
5367f4e405cd97ae879d13149813beca
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2384766
853a2da6b5f179ff9d4bedf82e1a041f
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2468516
788d44179a2aa91c9868c15fb371c11d
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2313758
4b7cb73958e218b3f63de0c0e9347e26
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2386394
e0a43e4b96b3ddfb782dd842bf063f89
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge1_m68k.deb

      Size/MD5 checksum: 2252242
a5f233f48b188fc7889a83c676d64b9e

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_m68k.deb

      Size/MD5 checksum: 14000
c9efe0c462af304a1ae5a9d3f3ccd2c2

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge1.040815-1_mips.deb

      Size/MD5 checksum: 4679334
8c640c4a3323fe874fbf7736afbf592f
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge1.040815-1_mips.deb

      Size/MD5 checksum: 3846338
af689f1f43f75f242ee3b1ee1d8d5c98
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge1.040815-1_mips.deb

      Size/MD5 checksum: 3847118
3ee1d8be5f4e2e4c9e4d9e09cb9f31ac
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge1.040815-1_mips.deb

      Size/MD5 checksum: 7171242
1ddb30791997030df21a1ca98f4874af
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_mips.deb

      Size/MD5 checksum: 18054
9174691199f426e382a8876fbb74d0ac

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 4684404
1d8dd72aa68218631bb8c53331bc30f4
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 3030092
dfddac8fdc4fee01d91dcb6a4eb28eea
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 2988820
3f1df983a7cf1691052fe9af1d84b7b1
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 4099956
49da290cf77d5a9a83dd2c365d347900
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 2135184
49d13799447a86acc1462c9d58c0e8e9
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 7035572
b4040a68e042f355c42af12cdc30a587
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 4665112
ce758787e61df3a2f1d4b43dccc68a00
    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_mipsel.deb

      Size/MD5 checksum: 18080
fbb7d48b4b95f67ce8777afa25168ddb

PowerPC architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_powerpc.deb

      Size/MD5 checksum: 16540
fde92bdf463104a5fd110846fbd10d6f

    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 137990
10c69171982c0953614db790071fe897
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 137824
714f0b2cd873ea876d68d183fab7e59e
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 151838
ab7d3a6c324a2b64eb674148cead1393
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 152182
41e9c9254f399c29b0c198b6d94ca7ac
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 151902
0539b0f041ffbe37a75b71a5554ffd66
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 4681796
c5e92c06e7a9887639da199bc1b94f80
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 4691992
0f2e90800a27bf34f48ea5dc062cbb59
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 4799772
7a4ec03f1373d998539fe68d209589e3
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 2494658
54d0408ab521a0a5e0874c80ebdba402
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 1813568
f6a3da841cffbed57b7bf11119abaf0d
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 13474368
134af15cd55b4b3848fdbdeff7ef214d
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 12746708
631ef07000bc6f99e43011a63a65c43f
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 13779958
5c40bd31a118b3bafda658e258379423
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 65396
a2d652c8bf5b5005597abda9918f02fc
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 8710
4f867433a832c50e2920c4a3c21e4cb2
    http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge1_powerpc.deb

      Size/MD5 checksum: 8636
3c83da402850e2e86197a655e26377a2

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_s390.deb

      Size/MD5 checksum: 16892
6323a7ca3a316a8eaa412c2a2d9e0e7c

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-2_2.4.27-2sarge1_s390.deb

      Size/MD5 checksum: 4578000
97fce93cc2ebc4da7c0a7bab1c157aef
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-2-s390_2.4.27-2sarge1_s390.deb

      Size/MD5 checksum: 2774574
86262b4b2bb4c6db5471c97dcc1747b4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-2-s390-tape_2.4.27-2sarge1_s390.deb

      Size/MD5 checksum: 991868
a712b00ecf74c79fadeeb0f50b298618
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-2-s390x_2.4.27-2sarge1_s390.deb

      Size/MD5 checksum: 2966354
5ebdd9b9fa80cdbdf0049683eaad24ee

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge1.040815-1_sparc.deb

      Size/MD5 checksum: 15812
85f732679a460ea8bed9a7017dbfc0b8

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-2_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 8328
1e092e0877937ac5dbf46e347992c7d3
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-2_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 2023482
b50d08e5c4c12fff4473e77babeda1ab
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-2-sparc32_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 162670
2c495f6b6e414dc24f2c676ecd84dda4
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-2-sparc32-smp_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 164478
f59e33098dec7e1ff68b162aab6d56a6
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-2-sparc64_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 201214
fa92988ddfba0e9f03ace13f365dfc77
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-2-sparc64-smp_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 202452
d56ab1dd8ddb9d4b10de13c37c4c4af5
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-2-sparc32_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 3597102
1c5334adb92bbaf0ce96e82abcf6d77e
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-2-sparc32-smp_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 3784076
3d1b5e5c3e147bf760c6077fa36eb783
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-2-sparc64_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 6377902
7bd0e77ec9494b0ed352917b829fa5a0
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-2-sparc64-smp_2.4.27-9sarge1_sparc.deb

      Size/MD5 checksum: 6543220
a73b077777c3a22ca9538666d3ff8aee

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 922-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
December 14th, 2005 http://www.debian.org/security/faq

Package : kernel-source-2.6.8
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2004-2302 CVE-2005-0756 CVE-2005-0757 CVE-2005-1265
CVE-2005-1761 CVE-2005-1762 CVE-2005-1763 CVE-2005-1765
CVE-2005-1767 CVE-2005-2456 CVE-2005-2458 CVE-2005-2459
CVE-2005-2548 CVE-2005-2801 CVE-2005-2872 CVE-2005-3105
CVE-2005-3106 CVE-2005-3107 CVE-2005-3108 CVE-2005-3109
CVE-2005-3110 CVE-2005-3271 CVE-2005-3272 CVE-2005-3273
CVE-2005-3274 CVE-2005-3275 CVE-2005-3276
BugTraq IDs : 14477 15527 15528 15533
Debian Bugs : 309308 311164 321401 322237 322339

Several local and remote vulnerabilities have been discovered in
the Linux kernel that may lead to a denial of service or the
execution of arbitrary code. The Common Vulnerabilieis and
Exposures project identifies the following problems:

CVE-2004-2302

A race condition in the sysfs filesystem allows local users to
read kernel memory and cause a denial of service (crash).

CVE-2005-0756

Alexander Nyberg discovered that the ptrace() system call does
not properly verify addresses on the amd64 architecture which can
be exploited by a local attacker to crash the kernel.

CVE-2005-0757

A problem in the offset handling in the xattr file system code
for ext3 has been discovered that may allow users on 64-bit systems
that have access to an ext3 filesystem with extended attributes to
cause the kernel to crash.

CVE-2005-1265

Chris Wright discovered that the mmap() function could create
illegal memory maps that could be exploited by a local user to
crash the kernel or potentially execute arbitrary code.

CVE-2005-1761

A vulnerability on the IA-64 architecture can lead local
attackers to overwrite ker

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.