Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA1103] DSA-1103-1 kernel-source-2.6.8


Vulnerability Assessment Details

[DSA1103] DSA-1103-1 kernel-source-2.6.8

Vulnerability Assessment Summary
DSA-1103-1 kernel-source-2.6.8

Detailed Explanation for this Vulnerability Assessment

Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
Franz Filz discovered that some socket calls permit causing inconsistent
reference counts on loadable modules, which permits local users to cause
a denial of service.
"Solar Designer" discovered that arithmetic computations in netfilter's
do_replace() function can lead to a buffer overflow and the execution of
arbitrary code. However, the operation requires CAP_NET_ADMIN rights,
which is only an issue in virtualization systems or fine grained access
control systems.
"Solar Designer" discovered a race condition in netfilter's
do_add_counters() function, which permits information disclosure of kernel
memory by exploiting a race condition. Likewise, it requires CAP_NET_ADMIN
rights.
David Howells discovered that the s390 assembly version of the
strnlen_user() function incorrectly returns some string size values.
It was discovered that the ftruncate() function of XFS can expose
unallocated blocks, which permits information disclosure of previously deleted
files.
It was discovered that some NFS file operations on handles mounted with
O_DIRECT can force the kernel into a crash.
It was discovered that the code to configure memory policies permits
tricking the kernel into a crash, thus permiting denial of service.
It was discovered by Cliff Wickman that perfmon for the IA64
architecture permits users to trigger a BUG() assert, which permits
denial of service.
Intel EM64T systems were discovered to be susceptible to a local
DoS due to an endless recursive fault related to a bad ELF entry
address.
Alan and Gareth discovered that the ia64 platform had an
incorrectly declared die_if_kernel() function as "does never
return" which could be exploited by a local attacker resulting in
a kernel crash.
The Linux kernel did not properly handle uncanonical return
addresses on Intel EM64T CPUs, reporting exceptions in the SYSRET
instead of the next instruction, causing the kernel exception
handler to run on the user stack with the wrong GS. This may result
in a DoS due to a local user changing the frames.
AMD64 machines (and other 7th and 8th generation AuthenticAMD
processors) were found to be vulnerable to sensitive information
leakage, due to how they handle saving and restoring the FOP, FIP,
and FDP x87 registers in FXSAVE/FXRSTOR when an exception is
pending. This permits a process to acertain portions of the state
of floating point instructions of other processes.
Marco Ivaldi discovered that there was an unintended information
disclosure permiting remote attackers to bypass protections against
Idle Scans (nmap -sI) by abusing the ID field of IP packets and
bypassing the zero IP ID in DF packet countermeasure. This was a
result of the ip
[...]

Solution : http://www.debian.org/security/2006/dsa-1103
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is (C) 2006 Michel Arboi

Cables, Connectors


ASUS H110M-R Motherboard Intel 6th/7th Gen LGA1151 DDR4 Micro-ATX i/o shield picture

ASUS H110M-R Motherboard Intel 6th/7th Gen LGA1151 DDR4 Micro-ATX i/o shield

$42.00



***NEW*** BCM RX67Q Gaming Motherboard | Intel Q67 2nd/3rd Gen. | LGA1155 | DDR3 picture

***NEW*** BCM RX67Q Gaming Motherboard | Intel Q67 2nd/3rd Gen. | LGA1155 | DDR3

$27.77



Asus B85M-E/CSM, LGA 1150 Intel Socket Motherboard picture

Asus B85M-E/CSM, LGA 1150 Intel Socket Motherboard

$39.99



ASRock B660M PRO RS LGA 1700 Intel SATA 6Gb/s DDR4 Micro ATX Motherboard picture

ASRock B660M PRO RS LGA 1700 Intel SATA 6Gb/s DDR4 Micro ATX Motherboard

$94.99



ASUS H110M-C LGA 1151 DDR4 SDRAM MSIP-REM-MSQ-H110M-C Desktop Motherboard picture

ASUS H110M-C LGA 1151 DDR4 SDRAM MSIP-REM-MSQ-H110M-C Desktop Motherboard

$43.95



*PCIE ISSUE, READ* MSI PRO Z690-P DDR4 Motherboard (ATX, AMD, Socket LGA 1700) picture

*PCIE ISSUE, READ* MSI PRO Z690-P DDR4 Motherboard (ATX, AMD, Socket LGA 1700)

$30.00



ASUS Motherboard H81M-C | No CPU picture

ASUS Motherboard H81M-C | No CPU

$30.00



ASUS Q87M-E/CSM Intel Q87 Chipset DDR3 mATX LGA1150 Motherboard Tested picture

ASUS Q87M-E/CSM Intel Q87 Chipset DDR3 mATX LGA1150 Motherboard Tested

$48.95



GIGABYTE MB10-Datto Motherboard Xeon D-1521- SR2DF 2.40 GHz- Open Box picture

GIGABYTE MB10-Datto Motherboard Xeon D-1521- SR2DF 2.40 GHz- Open Box

$115.00



BTC-S37 Mining Motherboard Kit /w SSD & Ram Preinstalled picture

BTC-S37 Mining Motherboard Kit /w SSD & Ram Preinstalled

$59.99



Discussions

No Discussions have been posted on this vulnerability.