Mandriva Linux Security Advisory : kernel (MDVSA-2008:224-1)

medium Nessus Plugin ID 37851

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.
(CVE-2008-3528)

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. (CVE-2008-3831)

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. (CVE-2008-4554)

Additionaly, a problem with TCP options ordering, which could manifest as connection problems with many websites (bug #43372), was solved, a number of fixes for Intel HDA were added, another number of fixes for issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and others, were also added. Check package changelog for more information.

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Update :

The previous update included a patch which introduced a bug that would make the boot process to stop halfway in several machines. That patch has been removed in this new update, to avoid that problem.

Solution

Update the affected packages.

See Also

https://qa.mandriva.com/43372

https://qa.mandriva.com/43532

https://qa.mandriva.com/43885

https://qa.mandriva.com/44752

https://qa.mandriva.com/44803

https://qa.mandriva.com/45552

Plugin Details

Severity: Medium

ID: 37851

File Name: mandriva_MDVSA-2008-224.nasl

Version: 1.16

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest, p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:et131x-kernel-server-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hso-kernel-server-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.27.4-2mnb, p-cpe:/a:mandriva:linux:kernel-source-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lirc-kernel-server-latest, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omfs-kernel-server-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vhba-kernel-server-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop-2mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop586-2mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-server-2mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest, cpe:/o:mandriva:linux:2009.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 11/7/2008

Reference Information

CVE: CVE-2008-3528, CVE-2008-3831, CVE-2008-4554

CWE: 264, 399

MDVSA: 2008:224-1