Mandriva Linux Security Advisory : kernel (MDVSA-2009:289)

High Nessus Plugin ID 42284

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). (CVE-2009-1895)

Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. (CVE-2009-2406)

Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. (CVE-2009-2407)

The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a negative dentry and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
(CVE-2009-2908)

The kvm_emulate_hypercall function in arch/x86/kvm/x86.c in KVM in the Linux kernel 2.6.25-rc1, and other versions before 2.6.31, when running on x86 systems, does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service (guest kernel crash) and read or write guest kernel memory via unspecified random addresses. (CVE-2009-3290)

Additionaly, it includes the fixes from the stable kernel version 2.6.27.37. It also fixes also fixes IBM x3650 M2 hanging when using both network interfaces and Wake on Lan problems on r8169. For details, check the package changelog.

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution

Update the affected packages.

See Also

https://qa.mandriva.com/52294

https://qa.mandriva.com/52572

https://qa.mandriva.com/52573

https://qa.mandriva.com/53914

https://qa.mandriva.com/54555

Plugin Details

Severity: High

ID: 42284

File Name: mandriva_MDVSA-2009-289.nasl

Version: 1.19

Type: local

Published: 2009/10/28

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:ND

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest, p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:et131x-kernel-server-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hso-kernel-server-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.27.37-1mnb, p-cpe:/a:mandriva:linux:kernel-source-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lirc-kernel-server-latest, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omfs-kernel-server-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vhba-kernel-server-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.37-desktop-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.37-desktop586-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.37-server-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest, cpe:/o:mandriva:linux:2009.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/10/27

Reference Information

CVE: CVE-2009-1895, CVE-2009-2406, CVE-2009-2407, CVE-2009-2908, CVE-2009-3290

BID: 35647, 35850, 35851, 36512, 36639

MDVSA: 2009:289

CWE: 16, 119