Mandriva Linux Security Advisory : kernel (MDVSA-2010:257)

Medium Nessus Plugin ID 51337

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

A vulnerability was discovered and corrected in the Linux 2.6 kernel :

The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
(CVE-2010-3858)

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. (CVE-2010-2963)

Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call. (CVE-2010-3067)

Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. (CVE-2010-3442)

A kernel stack overflow, a bad pointer dereference and a missing permission check were corrected in the econet implementation (CVE-2010-3848) (CVE-2010-3849) (CVE-2010-3850).

Additionally, the kernel has been updated to the stable upstream version 2.6.27.56.

To update your kernel, please follow the directions located at :

http://www.mandriva.com/en/security/kernelupdate

Solution

Update the affected packages.

Plugin Details

Severity: Medium

ID: 51337

File Name: mandriva_MDVSA-2010-257.nasl

Version: 1.13

Type: local

Published: 2010/12/17

Updated: 2018/07/19

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.9

Temporal Score: 5.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest, p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:et131x-kernel-server-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest, p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:hso-kernel-server-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.27.56-1mnb, p-cpe:/a:mandriva:linux:kernel-source-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lirc-kernel-server-latest, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omfs-kernel-server-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vhba-kernel-server-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.56-desktop-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.56-desktop586-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.56-server-1mnb, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest, p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest, cpe:/o:mandriva:linux:2009.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/10/29

Reference Information

CVE: CVE-2010-2963, CVE-2010-3067, CVE-2010-3442, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858

BID: 43353, 43787, 44242, 44301, 45072

MDVSA: 2010:257