Debian Security Advisory DSA 441-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 18th, 2004 http://www.debian.org/security/faq
Package : kernel-patch-2.4.17-mips
Vulnerability : missing function return value check
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0077
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a
critical security vulnerability in the memory management code of
Linux inside the mremap(2) system call. Due to missing function
return value check of internal functions a local attacker can gain
root privileges.
For the stable distribution (woody) this problem has been fixed
in version 2.4.17-0.020226.2.woody5 for mips and mipsel kernel
images.
Other architectures will probably mentioned in a separate
advisory or are not affected (m68k).
For the unstable distribution (sid) this problem will be fixed
soon with the next upload of a 2.4.19 kernel image and in version
2.4.22-0.030928.3 for 2.4.22 for the mips and mipsel
architectures.
This problem is also fixed in the upstream version of Linux
2.4.25 and 2.6.3.
We recommend that you upgrade your Linux kernel packages
immediately.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 786 b96d0f387a948cf64a07e6d6c5102b30
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody5.tar.gz
Size/MD5 checksum: 1138658 dc1df0219c33c0de14ffd22ea8585ad5
Architecture independent components:
Size/MD5 checksum: 1138888 ba735096447ec98541c3d35838348e95
Big endian MIPS architecture:
Size/MD5 checksum: 3475886 0e2394ed3cee2a7dafa2d75a7a2042e6
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody5_mips.deb
Size/MD5 checksum: 2042458 1585029d1c0b32ce770a29d74b3720f8
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody5_mips.deb
Size/MD5 checksum: 2042414 83894b6f444b63c57a34051be23f8e04
Little endian MIPS architecture:
Size/MD5 checksum: 3474568 099f3c8bc36668123c2414aa861805c0
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody5_mipsel.deb
Size/MD5 checksum: 2197826 defe3a975447f16b14f5d52b61991458
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody5_mipsel.deb
Size/MD5 checksum: 2193704 89fc943ed1530fd0da6ca7a0303acb93
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody5_mipsel.deb
Size/MD5 checksum: 15114 65e08c5c4f432a537641b6b3a76a3c42
These files will probably be moved into the stable distribution
on its next revision.
–
Debian Security Advisory DSA 439-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 18th, 2004 http://www.debian.org/security/faq
Package : kernel-image-2.4.16-lart,
kernel-image-2.4.16-netwinder, kernel-image-2.4.16-riscpc,
kernel-patch-2.4.16-arm
Vulnerability : several vulnerabilities
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2003-0961 CAN-2003-0985 CAN-2004-0077
Several local root exploits have been discovered recently in the
Linux kernel. This security advisory updates the PowerPC/Apus
kernel for Debian GNU/Linux. The Common Vulnerabilities and
Exposures project identifies the following problems that are fixed
with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() function) for
Linux allows a local attacker to gain root privileges. Fixed
upstream in Linux 2.4.23.
CAN-2003-0985:
Paul Starzetz discovered a flaw in bounds checking in mremap()
in the Linux kernel (present in version 2.4.x and 2.6.x) which may
allow a local attacker to gain root privileges. Version 2.2 is not
affected by this bug. Fixed upstream in Linux 2.4.24.
CAN-2004-0077:
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a
critical security vulnerability in the memory management code of
Linux inside the mremap(2) system call. Due to missing function
return value check of internal functions a local attacker can gain
root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.
For the stable distribution (woody) this problem has been fixed
in version 2.4.26/20040204 of lart, netwinder and riscpc image and
in version 20040204 of kernel-patch-2.4.16-arm.
Other architectures will probably mentioned in a separate
advisory or are not affected (m68k).
For the unstable distribution (sid) these problems will be fixed
soon.
We recommend that you upgrade your Linux kernel packages
immediately.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 562 7bd0b443e490132da8f26188ca560f75
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.16-arm/kernel-patch-2.4.16-arm_20040204.tar.gz
Size/MD5 checksum: 579045 853b5f05e03217dfb47f28cf852dca4c
Size/MD5 checksum: 586 e2cb96946739cfffd4327ae1e218a982
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040204.tar.gz
Size/MD5 checksum: 16443 9b5b8c8311cc6ba23abc2e121882281a
Size/MD5 checksum: 624 d2258e373574684da142a45ecfc4312f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040204.tar.gz
Size/MD5 checksum: 21783 fc07fb8db829045ef9a8ee6881e1af48
Size/MD5 checksum: 592 f2252946f185d1c52796a68a1d442cb0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040204.tar.gz
Size/MD5 checksum: 19104 144bfd5b87a5daccf879049334b24bcd
Architecture independent components:
Size/MD5 checksum: 583148 6a4951879008cc3d882d6a30112d0cbc
ARM architecture:
Size/MD5 checksum: 717092 eb20d52fed79cfe95981f1838bc38e0c
Size/MD5 checksum: 3421140 3e0dfbdcb48437ab733d43c92deb0157
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040204_arm.deb
Size/MD5 checksum: 6671136 72f1f771e847c593e83179b6dbda4074
Size/MD5 checksum: 2910348 c4fab31d10a137738aeb722eb7358488
These files will probably be moved into the stable distribution
on its next revision.
–
Debian Security Advisory DSA 438-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 18th, 2004 http://www.debian.org/security/faq
Package : kernel-source-2.4.18, kernel-image-2.4.18-1-alpha,
kernel-image-2.4.18-1-i386, kernel-image-2.4.18-i386bf,
kernel-patch-2.4.18-powerpc
Vulnerability : missing function return value check
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0077
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a
critical security vulnerability in the memory management code of
Linux inside the mremap(2) system call. Due to missing function
return value check of internal functions a local attacker can gain
root privileges.
For the stable distribution (woody) this problem has been fixed
in version 2.4.18-14.2 of kernel-source, version 2.4.18-14 of alpha
images, version 2.4.18-12.2 of i386 images, version 2.4.18-5woody7
of i386bf images and version 2.4.18-1woody4 of powerpc images.
Other architectures will probably mentioned in a separate
advisory or are not affected (m68k).
For the unstable distribution (sid) this problem is fixed in
version 2.4.24-3 for source, i386 and alpha images and version
2.4.22-10 for powerpc images.
This problem is also fixed in the upstream version of Linux
2.4.25 and 2.6.3.
We recommend that you upgrade your Linux kernel packages
immediately.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 664 38e578dda3dd54a5daa6b8badcac1a58
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2.diff.gz
Size/MD5 checksum: 67490 e1ef6246f639481dfd8b3c5b15d8668e
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz
Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2
Size/MD5 checksum: 876 7774c946590a5a80332ca920f67cc8ec
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-14.tar.gz
Size/MD5 checksum: 24477 b9c0ba46774c2da3be69851110d6f2f9
Size/MD5 checksum: 1193 b44a4e8f803bb2214bd0c4c3e9f88d81
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-12.2.tar.gz
Size/MD5 checksum: 70044 f4caad005d02a1c7cadfa73bfc4952fb
Size/MD5 checksum: 656 e091295663f495df0ea8273703decef0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody7.tar.gz
Size/MD5 checksum: 26249 f84d855e356c1f5290f6fe96d9e039c8
Size/MD5 checksum: 713 7f68980058d55c40a037c6666354ffe9
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody4.tar.gz
Size/MD5 checksum: 79541 bff712e95a6960659a0e96dab9732ed4
Architecture independent components:
Size/MD5 checksum: 1719692 32cb6638a9be7e7f7332152c04854bba
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.2_all.deb
Size/MD5 checksum: 24133918 306f15a8a6279221394b6a8ac2c5a69c
Size/MD5 checksum: 79274 8ea5d169fd45e464c1213e729e4e5368
Alpha architecture:
Size/MD5 checksum: 3363042 9ee4da919ccec99281efdaaae303af73
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-14_alpha.deb
Size/MD5 checksum: 3512422 47b306297211fd7079abb918bb10ef37
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-14_alpha.deb
Size/MD5 checksum: 3515048 d0153184a825640d1fe64b905ab98de4
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-14_alpha.deb
Size/MD5 checksum: 12425644 aa320665938f55d33bfc8a9593e4639f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-14_alpha.deb
Size/MD5 checksum: 12800414 2901b9a0ff3cabfbb4249ee2cbb94b43
Intel IA-32 architecture:
Size/MD5 checksum: 3412982 cad64cfd789bfa49fe5463a3b4a8a5bd
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3503440 02c707f32c72f98df9002c04006aae6b
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504340 bd5e69e90ab3be3378f588abbfe23c79
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504232 6ab9026a1484be3aaf7fa08217ae9c5c
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3505300 2ffc58a24a13bf0991be5b982026b6c5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504034 a448bb692b10914a3a7f7f1d9b16be96
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-12.2_i386.deb
Size/MD5 checksum: 3504256 349318073fbd9b6f3eae2b7bc5d65b54
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8797608 df96f2969970f149992e74cfd7838919
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8704208 b29d3a133a3d5485645a1428045481f2
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8703628 fdf8ddc2c2fdc0c5ceffb9f34b8dc00f
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8959706 da0efa81b152f5ce0e949ba00a58b1f0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8660826 78ee935b25e3cb8e1d6affc13e78aa35
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-12.2_i386.deb
Size/MD5 checksum: 8863038 8b0605e449390dfd819e5543c79fe0e3
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-12.2_i386.deb
Size/MD5 checksum: 228532 83d533868f288d4bd7866cf4b3114321
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-12.2_i386.deb
Size/MD5 checksum: 228084 dca93798c731513d7f8908c591fc4992
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-12.2_i386.deb
Size/MD5 checksum: 227546 99c579382f1c93af23cdedb9dfdce997
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-12.2_i386.deb
Size/MD5 checksum: 231188 cae74563956d0a8757994959b101e5c0
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-12.2_i386.deb
Size/MD5 checksum: 227180 eb3383f20e4123b964a6143fae4be03b
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-12.2_i386.deb
Size/MD5 checksum: 230440 e4875246851ee5dd470bf61af43e2ef6
Size/MD5 checksum: 3410436 8238f8f8d03b19071ca774e611c83cd5
http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody7_i386.deb
Size/MD5 checksum: 6425110 e7e25ace06cd1edbb6967c3cae155e09
PowerPC architecture:
Size/MD5 checksum: 3432656 4116a684a091bbc46a94fcafc03ba50a
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 9452588 ca305391d3dfe3aa0ab140a047d67df2
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 10101958 d427f943297e02355545d7fa1a2ab263
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody4_powerpc.deb
Size/MD5 checksum: 10345492 4d6e160cb19df083c4d238f8ff1e4913
These files will probably be moved into the stable distribution
on its next revision.
–
Debian Security Advisory DSA 440-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 18th, 2004 http://www.debian.org/security/faq
Package : kernel-source-2.4.17, kernel-patch-2.4.17-apus
Vulnerability : several vulnerabilities
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2003-0961 CAN-2003-0985 CAN-2004-0077
Several local root exploits have been discovered recently in the
Linux kernel. This security advisory updates the PowerPC/Apus
kernel for Debian GNU/Linux. The Common Vulnerabilities and
Exposures project identifies the following problems that are fixed
with this update:
CAN-2003-0961:
An integer overflow in brk() system call (do_brk() function) for
Linux allows a local attacker to gain root privileges. Fixed
upstream in Linux 2.4.23.
CAN-2003-0985:
Paul Starzetz discovered a flaw in bounds checking in mremap()
in the Linux kernel (present in version 2.4.x and 2.6.x) which may
allow a local attacker to gain root privileges. Version 2.2 is not
affected by this bug. Fixed upstream in Linux 2.4.24.
CAN-2004-0077:
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a
critical security vulnerability in the memory management code of
Linux inside the mremap(2) system call. Due to missing function
return value check of internal functions a local attacker can gain
root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.
For the stable distribution (woody) these problems have been
fixed in version 2.4.17-4 of powerpc/apus images.
Other architectures will probably mentioned in a separate
advisory or are not affected (m68k).
For the unstable distribution (sid) this problem will be fixed
soon.
We recommend that you upgrade your Linux kernel packages
immediately.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 690 f4f41d8b5ce68462139eadff5e340b2f
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody2.diff.gz
Size/MD5 checksum: 38791 17b8f97671d0f1be7c595123bcf0c86c
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17.orig.tar.gz
Size/MD5 checksum: 29445154 d5de2a4dc49e32c37e557ef856d5d132
Size/MD5 checksum: 667 beff21e365dba9487c3d1009e6bb8ce7
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-4.tar.gz
Size/MD5 checksum: 489649 3feef2fdda2cb1385e12fb18b33c3787
Architecture independent components:
Size/MD5 checksum: 1719904 4299b7aeebc01ede7eb5a2f2f5ba0b45
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody2_all.deb
Size/MD5 checksum: 23878388 15202df8a94f2aa17f09382f520021fc
PowerPC architecture:
Size/MD5 checksum: 3365696 0f03db43dd1c83a6c02cbd474ae54685
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-2.4.17-apus_2.4.17-4_powerpc.deb
Size/MD5 checksum: 2210948 1f12b255f6644f144e3426fa5865b27e
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-apus_2.4.17-4_powerpc.deb
Size/MD5 checksum: 4078 6a495ea4088b900129c60dd769f7da8d
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-4_powerpc.deb
Size/MD5 checksum: 490346 41eebb692f46cfcb118818048de6d6ad
These files will probably be moved into the stable distribution
on its next revision.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>;