Mandriva Linux Security Advisory : kernel (MDVSA-2009:119)

Medium Nessus Plugin ID 48145

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :

The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.
(CVE-2009-1337)

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)

drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes garbage memory to be sent. (CVE-2009-1265)

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution

Update the affected packages.

Plugin Details

Severity: Medium

ID: 48145

File Name: mandriva_MDVSA-2009-119.nasl

Version: 1.22

Type: local

Published: 2010/07/30

Updated: 2019/01/02

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest, p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest, p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:em8300-kernel-server-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hso-kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.29.3-1mnb, p-cpe:/a:mandriva:linux:kernel-source-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest, p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:libafs-kernel-server-latest, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lirc-kernel-server-latest, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop-latest, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-server-latest, p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:nouveau-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nouveau-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nouveau-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest, p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:syntek-kernel-server-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vhba-kernel-server-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop586-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-server-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest, cpe:/o:mandriva:linux:2009.1

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/05/19

Reference Information

CVE: CVE-2009-1184, CVE-2009-1192, CVE-2009-1265, CVE-2009-1337

BID: 34405, 34654, 34673

MDVSA: 2009:119

CWE: 16, 119, 264