-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2006-0022
Package names: kernel
Summary: Multiple vulnerabilities
Date: 2006-04-21
Affected versions: Trustix Secure Linux 3.0
- --------------------------------------------------------------------------
Package description:
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of
your Trustix Secure Linux operating system. The kernel handles the
basic functions of the operating system: memory allocation, process
allocation, device input and output, etc.
Problem description:
kernel < TSL 3.0 >
- New Upstream.
- SECURITY Fix: A vulnerability have been identified in Linux
Kernel, which could be exploited by local attackers to disclose
sensitive information. This flaw is due to an error where AMD K7/K8
CPUs only saving/restoring the FOP/FIP/FDP x87 registers in FXSAVE
when an exception is pending, which could cause x87 instruction
information to be leaked between processes.
- An error in the "ipc/shm.c" and "mm/madvise.c" files that do not
properly validate shared memory permissions, could be exploited by
attackers to gain write access to read-only "tmpfs" files or shared
memory via a specially crafted "madvise" call.
- A vulnerability caused due to a NULL pointer dereference in
"ip_route_input" and "inet_rtm_getroute" [net/ipv4/route.c] when
handling a specially crafted "route" command for a multicast IP
address, could be exploited by malicious users to crash a vulnerable
system, creating a denial of service condition.
- The sys_add_key function in the keyring code allows local users to
cause a denial of service (OOPS) via keyctl requests that add a key
to a user key instead of a keyring key, which causes
an invalid memory dereference.
- The __group_complete_signal function in the RCU signal handling
(signal.c) in Linux kernel 2.6.16, and possibly other versions, has
unknown impact and attack vectors related to improper use of BUG_ON.
- A vulnerability caused due to an error when the kernel returns
program control using SYSRET on Intel EM64T CPUs may cause a DoS
due to the way Intel EM64T CPUs handle uncanonical return addresses
when a user has been able to change the frames.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-1056, CVE-2006-1524, CVE-2006-1525,
CVE-2006-1522, CVE-2006-1523 and CVE-2006-0744
to these issues.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/> and
<URI:http://www.trustix.org/errata/trustix-3.0/>
or directly at
<URI:http://www.trustix.org/errata/2006/0022/>
MD5sums of the packages:
- --------------------------------------------------------------------------
f5089d76df7f1c7da9476bd1c0b04956 3.0/rpms/kernel-2.6.16.9-1tr.i586.rpm
b89a937882fd67ec9faaaa78605f792e 3.0/rpms/kernel-doc-2.6.16.9-1tr.i586.rpm
6f4d19d06824b4fba3f09b20703a1df9 3.0/rpms/kernel-headers-2.6.16.9-1tr.i586.rpm
1499038602984469bfee3905949ae800 3.0/rpms/kernel-smp-2.6.16.9-1tr.i586.rpm
7f129a48e72249599526e2fcd368695d
3.0/rpms/kernel-smp-headers-2.6.16.9-1tr.i586.rpm
3821888519d9727c8fb68453154fe10d 3.0/rpms/kernel-source-2.6.16.9-1tr.i586.rpm
2dc61bfd49247e41017b21c94eb5f06d 3.0/rpms/kernel-utils-2.6.16.9-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFESNFNi8CEzsK9IksRAss0AKCXdORE1WHYtjqN/KChNywwO37aVgCeMAo9
AVSuXSiimnygeqxVUuF6v4U=
=DsoN
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-announce
_______________________________________________
tsl-discuss mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-discuss
