[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#402094: marked as done (kernel-source-2.6.8: Intel drivers (net/e100.c, net/e1000/e1000_main.c))

Your message dated Fri, 8 Dec 2006 23:10:09 +0100
with message-id <20061208221009.GA3787@galadriel.inutil.org>
and subject line This is not a vulnerability
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: kernel-source-2.6.8
Version: 2.6.8-16sarge5
Severity: critical
Justification: root security hole


Noticed:

  Intel LAN Driver Buffer Overflow Local Privilege Escalation
  http://support.intel.com/support/network/sb/CS-023726.htm

The Intel blurb says Linux, and specifically Debian, is affected also:

Product Family             OS      Affected Driver Versions  Corrected Driver Versions
Intel PRO 10/100 Adapters  Linux*  3.5.14 or previous        3.5.17 or later
Intel PRO/1000 Adapters    Linux   7.2.7 or previous         7.3.15 or later

and it seems that:

kernel-source-2.6.8/drivers/net/e100.c
  #define DRV_NAME                "e100"
  #define DRV_VERSION             "3.0.18"
  #define DRV_DESCRIPTION         "Intel(R) PRO/100 Network Driver"
  #define DRV_COPYRIGHT           "Copyright(c) 1999-2004 Intel Corporation"

kernel-source-2.6.8/drivers/net/e1000/e1000_main.c
  char e1000_driver_name[] = "e1000";
  char e1000_driver_string[] = "Intel(R) PRO/1000 Network Driver";
  char e1000_driver_version[] = "5.2.52-k4";
  char e1000_copyright[] = "Copyright (c) 1999-2004 Intel Corporation.";

are quite old (so seem to be affected).

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-spm1.6
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages kernel-source-2.6.8 depends on:
ii  binutils                      2.15-6     The GNU assembler, linker and bina
ii  bzip2                         1.0.2-7    high-quality block-sorting file co
ii  coreutils [fileutils]         5.2.1-2    The GNU core utilities
ii  fileutils                     5.2.1-2    The GNU file management utilities

--- End Message ---
--- Begin Message --- 
This vulnerability does not affect GNU/Linux. The security information
vendor providing this information refers to git commit 
0eb5a34cdf34ad07b6db2df1e523aaf6574601b4
However, the overflow cannot be triggered by unprivileged users, so
the whole issue is bogus. This information is confirmed by Intel people.

Cheers,
        Moritz

--- End Message ---
Reply to: