NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Home / News / Linux

Linux

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Update now

By Marius Nestor, Linux Editor

28th of November 2008, 10:20 GMT

Adjust text size:

On November 27th, the Ubuntu developers announced the availability of a major security update for the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu). The update patches nine security issues (see below for details) discovered in the Linux kernel packages. Therefore, it is strongly recommended to update your system as soon as possible!

The following Linux kernel vulnerabilities have been discovered:

1. The Xen hypervisor block driver couldn't accurately validate incoming requests. Therefore, a user with root privileges could crash a system and cause a DoS (Denial of Service) attack by executing malicious I/O requests. This issue affects only Ubuntu 7.10.

2. The i915 video driver couldn't accurately validate memory addresses. Therefore, an attacker could remap memory and cause a system crash, leading to a DoS (Denial of Service) attack. Ubuntu 6.06 LTS, 7.10 and 8.04 LTS users are not affected by this issue. Ubuntu 8.10 users should update their systems to correct this vulnerability!

3. When files were created in the setgid directories, the Linux kernel package couldn't accurately strip permissions. Because of this, a local user could gain extra group privileges. This issue was discovered by David Watson and it affects only Ubuntu 6.06 LTS users!

4. When file splice requests were handled, the Linux kernel package couldn't accurately reject the "append" flag. Therefore, a local attacker could create changes to random locations in a file by bypassing the append mode. This issue was discovered by Olaf Kirch and Miklos Szeredi, and affects only Ubuntu 7.10 and 8.04 LTS users!

5. The SCTP stack couldn't accurately handle INIT-ACK. Because of this, a remote user could send specially crafted SCTP traffic and crash the system, leading to a DoS (Denial of Service) attack. This issue affects only Ubuntu 8.10 users!

6. The SCTP stack couldn't accurately handle the length of bad packets. Because of this, a remote user could send specially crafted SCTP traffic and crash the system, leading to a DoS (Denial of Service) attack. This issue affects only Ubuntu 8.10 users!

7. The HFS+ filesystem had several flaws. Because of this, a user could be tricked to mount a malicious HFS+ filesystem, which could lead to a DoS (Denial of Service) attack and crash the system. This issue was discovered by Eric Sesterhenn, and affects all Ubuntu users!

8. The Unix Socket handler couldn't accurately process the SCM_RIGHTS message. Therefore, a local attacker could create a malicious socket request and crash the system, leading to a DoS (Denial of Service) attack. This issue affects all Ubuntu users!

9. The i2c audio driver couldn't accurately validate several function pointers. Therefore, a local users could obtain root privileges and crash the system, leading to a DoS (Denial of Service) attack. This issue affects all Ubuntu users!

The above Linux kernel vulnerabilities can be fixed if you update your system today to the following specific packages:

• For Ubuntu 6.06 LTS, users should update their kernel packages to linux-image-2.6.15-53.74

• For Ubuntu 7.10, users should update their kernel packages to linux-image-2.6.22-16.60

• For Ubuntu 8.04 LTS, users should update their kernel packages to linux-image-2.6.24-22.45

• For Ubuntu 8.10, users should update their kernel packages to linux-image-2.6.27-9.19

Don't forget to reboot your computer after this update! You can verify the kernel version by typing the sudo dpkg -l linux-image-2.6.27-9-generic command in a terminal (the example is for Ubuntu 8.10 users).

ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall or recompile all third-party kernel modules you might have installed. For example, after the upgrade to the above version of your kernel package, a software such as VirtualBox will NOT work anymore, therefore you must recompile its kernel module by issuing a specific command in the terminal. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.

Get the latest version of Ubuntu right now from Softpedia. Don't forget to share it with your friends and family.

TAGS:	kernel vulnerability \| security issue \| Ubuntu Linux \| Ubuntu kernel regression \| Ubuntu Linux	SHARE THIS
Read by 25,169 user(s) \| Add comment \| Link to this article		TWEET THIS

Article rating:

Very Good (4.6/5)

16 vote(s)

Subscribe to news |

Print article |

Send to friend

SEARCH THE NEWS ARCHIVE :

Today's News | Yesterday's News | News Archive

User opinions:

Comment #1 by: Randy on 29 Nov 2008, 19:13 GMT	reply to this comment
From the update manager last night (Nov 28, 2008) 8.10 is updated to 2.6.27-9.19 so they are all over it. Thanks for the article, and thanks to the Ubuntu team.

Comment #2 by: nooboo on 29 Nov 2008, 21:28 GMT	reply to this comment
Links to the vulnerabilities pls, and why do you keep claiming everything is a Dos attack? The way you write about these makes it seem as if you are shouting the sky is falling.

Comment #3 by: Wiseguy on 29 Nov 2008, 21:59 GMT	reply to this comment
What's the deal with instructions on individual package updates? All of thes Ubuntu releases have a package manager and updater that will prompt users to update. And it'll take care dependent packages. Good call on the manually installed modules...I've seen a lot of people get frustrated when they weren't expecting that breakage.

Comment #4 by: themacmeister on 30 Nov 2008, 01:52 GMT	reply to this comment
replace the term "couldn't accurately" with "FAILED" :-)

Comment #5 by: Marius Nestor on 02 Dec 2008, 08:07 GMT

reply to this comment

For nooboo: Here are the links to the vulnerabilities:

https://launchpad.net/bugs/cve/CVE-2007-5498
https://launchpad.net/bugs/cve/CVE-2008-3831
https://launchpad.net/bugs/cve/CVE-2008-4210
https://launchpad.net/bugs/cve/CVE-2008-4554
https://launchpad.net/bugs/cve/CVE-2008-4576
https://launchpad.net/bugs/cve/CVE-2008-4618
https://launchpad.net/bugs/cve/CVE-2008-4933
https://launchpad.net/bugs/cve/CVE-2008-4934
https://launchpad.net/bugs/cve/CVE-2008-5025
https://launchpad.net/bugs/cve/CVE-2008-5029
https://launchpad.net/bugs/cve/CVE-2008-5033

Comment #6 by: Marius Nestor on 02 Dec 2008, 08:13 GMT	reply to this comment
For Wiseguy: For the first part: Theoretically... but, some people have the 'automatic update' service turned off.. so it is better to get informed about major updates like this one. For the second part: Thanks ;)

Comment #7 by: Anonymous on 03 Dec 2008, 14:27 GMT	reply to this comment
These aren't newly discovered vulnerabilities -- in some cases they were fixed months ago in Red Hat Enterprise Linux, Fedora, and/or Debian. Meaning that Ubuntu users have been vulnerable to these issues for much longer than other distributions.

Share your opinion:

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| ENTER NEWS SITE \| ENGLISH BOARD \| ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use \| Update your software \| Archive