-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-1494-1 security@debian.org http://www.debian.org/security/ Florian Weimer February 11, 2008 http://www.debian.org/security/faq - ---------------------------------------------------------------------- Package : linux-2.6 Vulnerability : missing access checks Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-0010 CVE-2008-0163 CVE-2008-0600 The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges (CVE-2008-0010, CVE-2008-0600). In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers (CVE-2008-0163). For the stable distribution (etch), this problem has been fixed in version 2.6.18.dfsg.1-18etch1. In addition to these fixes, this update also incorporates changes from the upcoming point release of the stable distribution. The old stable distribution (sarge) is not affected by this problem. The unstable (sid) and testing distributions will be fixed soon. We recommend that you upgrade your linux-2.6 package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Stable updates are available for alpha, amd64, i386, ia64 and s390. The remaining updates will follow. Source archives: http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.diff.gz Size/MD5 checksum: 5379550 6a28d0278e4abe270c0c1f69ed463b9c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.dsc Size/MD5 checksum: 5680 684a9ddb3b6975ce30764b26377f9162 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060 Architecture independent packages: http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 3753320 1e23b46c2d099b80cc0502c1ebb72e1b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 53924 5bd9cd783c6e8fdc37ccfe767578616d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 1582740 8f6c460f657f081dcb367688ddf695a7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 42181646 6d8046bfab1037093850d4194ab7e205 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 1105710 744ef385a2799906634ea3bb0c96e481 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch1_all.deb Size/MD5 checksum: 3736216 ca1179eeb523abe2ec79d32c6291b21f alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 53432 6a4fa9d91e94001156df2fc0b2734881 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 23843418 a3deed56c7f65efc99fca3c80a0caa88 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 3027008 58817d16f3a96938ce15165feab3df05 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 23535814 9d284588da0acfb391f15c307b7329be http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 266840 456d1471ee10e314276f45b26174b10d http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 266486 0f72f068044bfa6d94affaf9329f6208 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 23490812 cb4bc1a4c532173af1731fca79e721db http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 53458 dd653b1cd4270d660fa397604ddee9d2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 3050962 7f0cba3e1da1d554877fe71748675ff3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 265630 aee9d2a87dadb3ca5b3ca5f05b0a1427 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 266170 221de745eb1b57fd2994822cf41b1aa4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb Size/MD5 checksum: 23469638 c16005b855758657c515df4968476699 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 1650400 31a44d5fe186084528c494aeb6bf4e57 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 3394088 3a84135fbc74c45d4b725add41f3c7b5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 53426 56d2366d6417b28cb9e8160a81cc530e http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 53410 7984a6fbe17ddded4c4b195eeec275da http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 3249644 8fc467cf40d99c4d0d9c7cee5b350ed8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 1682468 d5661572d7f608177e6a808d6eea7fd3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 274928 4ef9ee65a61c3069fa5e1ec26daf0fc4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 274128 9069b9a2f7d63ec555ded35041574afc http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 53424 572285472f4fd6d85daa5b942f592f57 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 53452 e1e93e54c0a89dc846a23f22d3107758 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 274824 d75a7ae583f4dc2f689a361c66995274 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 15364328 a459d8f359ccb91592e04efc63a218c8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 15348084 7f6ef2c74aad2a8e7bdaff7f10ec1ce2 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 3418196 57a52cd8359988c8536c542e36335bef http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 16909236 af6e7ff6e6cbb016bf6ff224c8819706 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 274384 22a5f1bbcdea0543ccab87bf35e2b0ae http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 3224978 8d7e1cfff6006f38972cb73fe92501c7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb Size/MD5 checksum: 16946162 cef425d442bcd009feadbd75b5f67b01 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 285462 eea7c9d02758a2a28b326041a858a3d0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 1298914 46e398fa8d60075c456e6f95b60b46bd http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 274154 10dda65c9444d16293f7ce3010059d13 http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 53422 a7438e4cae438b3f7ecd073a33c41c0b http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16628086 65db69728829d1c1921e65af1aa2b449 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16307210 1fbf35f84845b3b8cc9336827794a028 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 53420 4abb1004d25c2895562ec803f5b6b9ac http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 3230848 ce365b29e4885c42d2ac40f380fb49b4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 14382584 30bca3849a67bd23ded608771fa4f7b4 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 281034 2601cd40d0e4de13b40e295fbba6857a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 282480 87f961c91c166aea7eb1cf1f5c79c6a3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 53478 3bde467e3fd60b4cdd8f3ab6b4820e53 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 3225042 4218e0f0e5c5fe639d3f2c19e85ae688 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 274398 7ef59e558b2fc9da773a6fd66e8df087 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 1326272 a047520d88897840b5697fb8c5232a99 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 281192 028f100550c07558c8657ee12236e555 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 14370222 f8fffe8f30b2422723063fb8121656ab http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 283276 24c807eccc8b14e48ce58f6c1cfaf8b0 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16498152 b2475f60454170db949b306a77805918 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 282854 df89a9f4d1e7ce9f8ac8ab9604f4a8aa http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 53406 89ec585789ffdd7c48daffbf7a3dd439 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16916628 dd59564026f36522ae510be3937fb07c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 3206820 da840b21564212553039e487a41c3e4a http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 3111440 e3a2ed1994c5388e4adcf5da39107104 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16585538 e7784fc3ebb5a4ddc7b0cb4ff0728736 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 274194 d208d7319b225265a9cd8a7cde545a1c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16528368 60e83ef38f8a96a61d4ca271a393a770 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb Size/MD5 checksum: 16452102 df37f1243a791a6fa2cd2317bfd7ae1c ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 53440 e6b5b2bf1103a890c0ea905122dd024e http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 28180622 892500c8c8c370071071dcdf21e0a58c http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 254800 c0b112b2a6e1530acc82951eb49518f9 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 254700 8d8700caa62359fc3e47f1053e035e77 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 53420 2033b801dd14b62f8be443121002d527 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 28013704 f83e98bc516b724786d9e85450a0ec2f http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_ia64.deb Size/MD5 checksum: 3081188 d437965a91ae9ac56952997e2d33ad0b s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 2942294 5001340969644792fc29d3747a4797f8 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 5619132 83aac920b1b9de8e5811ce9af5005744 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 142998 679ee41aff912fa8ef11a6ff635b3081 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 53436 46ce3c7f73df4137cdb772470b68a5a7 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 5661404 97c3bae25cf2e1f52620293ea821e884 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 1437980 030e11553c2b6713e63b55b1431b2ac5 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 5401206 d90ae8bb83a230e16c5caf4ec4587429 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 2965340 8dc36dfb19566dd1d33f6772f3d989ce http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 53418 aabcb9e7514f03258c0316b3b2ef45f3 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 143856 9c1af4e31e728c477b1a2ff2bd2e5584 http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb Size/MD5 checksum: 142562 00777b961f7edd8e6188bff95eddb485 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBR7BUp797/wQC1SS+AQJGBgf5AfW2p8scsIFEfHqccxg9nXBg/6Tt4q6W cwU4ojRWpAatcpKOvrhugGAr/I56BDTt/OumJr2LcXzNkCCC730ui2tKbyrqjzr/ iQH1WR0zFGOJDiMRm9ytQ+5yLhFSNyzPxrXlvukZoCoj8PwcM7mrPZTmS2emSc7A ut6G8WZD91Y703klpoqMLTpBmyuuFqyK0/pnhIfkB7MDe3JgsXC3yxssQLslBNje aUSg2yfT/LkXML2hzZjNR49F3aJLy2Kip0XS3arh95cWih19Q8dZirdLW0J2fAKx MiMSWmOambbjQZnOug2EXLgozgacNKhqHpolxsodxL76Oxv+DEpGDw== =mM2m -----END PGP SIGNATURE-----