Mandrake Linux Security Advisory : kernel (MDKSA-2007:060)

high Nessus Plugin ID 24810

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :

The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms would allow a local user to cause a DoS (crash) via a malformed ELF file (CVE-2006-4538).

The mincore function in the Linux kernel did not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock (CVE-2006-4814).

An unspecified vulnerability in the listxattr system call, when a 'bad inode' is present, could allow a local user to cause a DoS (data corruption) and possibly gain privileges via unknown vectors (CVE-2006-5753).

The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption (CVE-2006-5823).

The ext3fs_dirhash function could allow local users to cause a DoS (crash) via an ext3 stream with malformed data structures (CVE-2006-6053).

When SELinux hooks are enabled, the kernel could allow a local user to cause a DoS (crash) via a malformed file stream that triggers a NULL pointer derefernece (CVE-2006-6056).

The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference (CVE-2007-0006).

The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that triggered a free of an incorrect pointer (CVE-2007-0772).

A local user could read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump; a variant of CVE-2004-1073 (CVE-2007-0958).

The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes.

In addition to these security fixes, other fixes have been included such as :

- add PCI IDs for cciss driver (HP ML370G5 / DL360G5)

- fixed a mssive SCSI reset on megasas (Dell PE2960)

- increased port-reset completion delay for HP controllers (HP ML350)

- NUMA rnage fixes for x86_64

- various netfilter fixes

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 24810

File Name: mandrake_MDKSA-2007-060.nasl

Version: 1.18

Type: local

Family: Mandriva Local Security Checks

Published: 3/12/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:kernel-i586-up-1gb-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-xen0-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-source-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6.12.31mdk, cpe:/o:mandriva:linux:2006, p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-boot-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-smp-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-doc-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-xenu-2.6.12.31mdk, p-cpe:/a:mandriva:linux:kernel-xbox-2.6.12.31mdk

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/9/2007

Reference Information

CVE: CVE-2006-4538, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6056, CVE-2007-0006, CVE-2007-0772, CVE-2007-0958

BID: 19702, 21663, 22316, 22625

CWE: 399

MDKSA: 2007:060

Detections

Analytics