|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1103] DSA-1103-1 kernel-source-2.6.8 Vulnerability Assessment Details
|
[DSA1103] DSA-1103-1 kernel-source-2.6.8 |
||
DSA-1103-1 kernel-source-2.6.8 Detailed Explanation for this Vulnerability Assessment Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: Franz Filz discovered that some socket calls permit causing inconsistent reference counts on loadable modules, which permits local users to cause a denial of service. "Solar Designer" discovered that arithmetic computations in netfilter's do_replace() function can lead to a buffer overflow and the execution of arbitrary code. However, the operation requires CAP_NET_ADMIN rights, which is only an issue in virtualization systems or fine grained access control systems. "Solar Designer" discovered a race condition in netfilter's do_add_counters() function, which permits information disclosure of kernel memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN rights. David Howells discovered that the s390 assembly version of the strnlen_user() function incorrectly returns some string size values. It was discovered that the ftruncate() function of XFS can expose unallocated blocks, which permits information disclosure of previously deleted files. It was discovered that some NFS file operations on handles mounted with O_DIRECT can force the kernel into a crash. It was discovered that the code to configure memory policies permits tricking the kernel into a crash, thus permiting denial of service. It was discovered by Cliff Wickman that perfmon for the IA64 architecture permits users to trigger a BUG() assert, which permits denial of service. Intel EM64T systems were discovered to be susceptible to a local DoS due to an endless recursive fault related to a bad ELF entry address. Alan and Gareth discovered that the ia64 platform had an incorrectly declared die_if_kernel() function as "does never return" which could be exploited by a local attacker resulting in a kernel crash. The Linux kernel did not properly handle uncanonical return addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET instead of the next instruction, causing the kernel exception handler to run on the user stack with the wrong GS. This may result in a DoS due to a local user changing the frames. AMD64 machines (and other 7th and 8th generation AuthenticAMD processors) were found to be vulnerable to sensitive information leakage, due to how they handle saving and restoring the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending. This permits a process to acertain portions of the state of floating point instructions of other processes. Marco Ivaldi discovered that there was an unintended information disclosure permiting remote attackers to bypass protections against Idle Scans (nmap -sI) by abusing the ID field of IP packets and bypassing the zero IP ID in DF packet countermeasure. This was a result of the ip [...] Solution : http://www.debian.org/security/2006/dsa-1103 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is (C) 2006 Michel Arboi |
||
Cables, Connectors |
Dell Memory SNPPKCG9C/8G A7990613 8GB 2Rx8 DDR3 RDIMM 1600MHz RAM
$49.95
Team T-FORCE VULCAN Z 16GB (2 x 8GB) 288-Pin PC RAM DDR4 3200 (PC4 25600) Intel
$35.99
A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G
$13.99
HyperX FURY RAM DDR4 16GB 8GB 32GB 4GB 3200 2666 2400 2133 Desktop Memory DIMM
$14.85
A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G
$13.99
A-Tech 16GB 2 x 8GB PC3-12800 Laptop SODIMM DDR3 1600 Memory RAM PC3L 16G DDR3L
$27.98
G.SKILL Trident Z RGB 16GB 2x 8GB 3200MHz DDR4 Desktop RAM F4-3200C16S-8GTZR
$38.99
Original Kingston 8GB 4GB 2GB DDR2 800Mhz PC2-6400 KVR800D2N6/2G Desktop Memory
$13.67
Crucial 16GB (2x 8GB) Kit DDR3 1600MHz PC3-12800 UDIMM Desktop 240-Pin CL11 RAM
$22.55
Corsair Vengeance 32GB 16GB 8GB DDR3 1600MHz 1866MHz 2133MHz 2400MHz Memory LOT
$79.99
|
||
No Discussions have been posted on this vulnerability. |