Debian DSA-1436-1 : linux-2.6 - several vulnerabilities

high Nessus Plugin ID 29756
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2006-6058 LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem.

- CVE-2007-5966 Warren Togami discovered an issue in the hrtimer subsystem that allows a local user to cause a DoS (soft lockup) by requesting a timer sleep for a long period of time leading to an integer overflow.

- CVE-2007-6063 Venustech AD-LAB discovered a buffer overflow in the isdn ioctl handling, exploitable by a local user.

- CVE-2007-6206 Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information.

- CVE-2007-6417 Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page may be improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash).

These problems have been fixed in the stable distribution in version 2.6.18.dfsg.1-13etch6.

The following matrix lists additional packages that were rebuilt for compatibility with or to take advantage of this update :

Debian 4.0 (etch) fai-kernels 1.17+etch.13etch6 user-mode-linux 2.6.18-1um-2etch.13etch6

Solution

Upgrade the kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

See Also

https://security-tracker.debian.org/tracker/CVE-2006-6058

https://security-tracker.debian.org/tracker/CVE-2007-5966

https://security-tracker.debian.org/tracker/CVE-2007-6063

https://security-tracker.debian.org/tracker/CVE-2007-6206

https://security-tracker.debian.org/tracker/CVE-2007-6417

https://www.debian.org/security/2007/dsa-1436

Plugin Details

Severity: High

ID: 29756

File Name: debian_DSA-1436.nasl

Version: 1.21

Type: local

Agent: unix

Published: 12/24/2007

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:linux-2.6, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 12/20/2007

Reference Information

CVE: CVE-2006-6058, CVE-2007-5966, CVE-2007-6063, CVE-2007-6206, CVE-2007-6417

DSA: 1436

CWE: 16, 119, 189, 200, 399