| Description: | Summary:
The remote host is missing an update for the Debian 'kernel-source-2.4.27' package(s) announced via the DSA-1018-1 advisory.
Vulnerability Insight:
The original update lacked recompiled ALSA modules against the new kernel ABI. Furthermore, kernel-latest-2.4-sparc now correctly depends on the updated packages. For completeness we're providing the original problem description:
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2004-0887
Martin Schwidefsky discovered that the privileged instruction SACF (Set Address Space Control Fast) on the S/390 platform is not handled properly, allowing for a local user to gain root privileges.
CVE-2004-1058
A race condition allows for a local user to read the environment variables of another process that is still spawning through /proc/.../cmdline.
CVE-2004-2607
A numeric casting discrepancy in sdla_xfer allows local users to read portions of kernel memory via a large len argument which is received as an int but cast to a short, preventing read loop from filling a buffer.
CVE-2005-0449
An error in the skb_checksum_help() function from the netfilter framework has been discovered that allows the bypass of packet filter rules or a denial of service attack.
CVE-2005-1761
A vulnerability in the ptrace subsystem of the IA-64 architecture can allow local attackers to overwrite kernel memory and crash the kernel.
CVE-2005-2457
Tim Yamin discovered that insufficient input validation in the compressed ISO file system (zisofs) allows a denial of service attack through maliciously crafted ISO images.
CVE-2005-2555
Herbert Xu discovered that the setsockopt() function was not restricted to users/processes with the CAP_NET_ADMIN capability. This allows attackers to manipulate IPSEC policies or initiate a denial of service attack.
CVE-2005-2709
Al Viro discovered a race condition in the /proc handling of network devices. A (local) attacker could exploit the stale reference after interface shutdown to cause a denial of service or possibly execute code in kernel mode.
CVE-2005-2973
Tetsuo Handa discovered that the udp_v6_get_port() function from the IPv6 code can be forced into an endless loop, which allows a denial of service attack.
CVE-2005-3257
Rudolf Polzer discovered that the kernel improperly restricts access to the KDSKBSENT ioctl, which can possibly lead to privilege escalation.
CVE-2005-3783
The ptrace code using CLONE_THREAD didn't use the thread group ID to determine whether the caller is attaching to itself, which allows a denial of service attack.
CVE-2005-3806
Yen Zheng discovered that the IPv6 flow label code modified an incorrect variable, which could lead to memory corruption and denial of service.
CVE-2005-3848
Ollie Wild discovered a memory leak in the icmp_push_reply() function, which allows denial of service through memory consumption.
CVE-2005-3857
Chris ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'kernel-source-2.4.27' package(s) on Debian 3.1.
Solution:
Please install the updated package(s).
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
