Mandriva Linux Security Advisory : kernel (MDVSA-2009:135)

High Nessus Plugin ID 39444

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)

The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
(CVE-2009-1337)

The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call. (CVE-2009-0029)

The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel before 2.6.29, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. (CVE-20090-1360)

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. (CVE-2009-1961)

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
(CVE-2009-1385)

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. (CVE-2009-1630)

Additionally, the kernel package was updated to the Linux upstream stable version 2.6.27.24.

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 39444

File Name: mandriva_MDVSA-2009-135.nasl

Version: 1.23

Type: local

Published: 2009/06/18

Updated: 2018/07/19

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest, p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:et131x-kernel-server-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hso-kernel-server-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.27.24-1mnb, p-cpe:/a:mandriva:linux:kernel-source-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lirc-kernel-server-latest, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omfs-kernel-server-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vhba-kernel-server-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-desktop586-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.24-server-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest, cpe:/o:mandriva:linux:2009.0

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/06/17

Reference Information

CVE: CVE-2009-0029, CVE-2009-1184, CVE-2009-1192, CVE-2009-1265, CVE-2009-1337, CVE-2009-1360, CVE-2009-1385, CVE-2009-1630, CVE-2009-1961

BID: 34405, 34654, 34673, 34934, 35143, 35185

MDVSA: 2009:135

CWE: 16, 20, 119, 189, 264, 362