Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Hello all,
I wanted to file this through BTS but I'm not sure which package is the right
place ot file kernel related bugs. Therefore I post here.
It seems that last upgrade of kernel 2.4.27 is causing system crash and maybe
even filesystem corruption at least with ext2 filesystem.
Yesterday I have upgraded and rebooted couple of machines that still use
kernel version 2.4.27, and one of them crashed after 5 and half hours.
It still responded to pings, maybe routing and firewalling as well, but SSH
and other services were unavailable. This is the only machine still using
ext2 filesystem.
After rebooting i worked fine until I tried to access some parts of
filesystem. I susected problems with hard disk but there were no messages on
console (I expected I/O errors and such). Memory was fine as well.
Checking filesystem with read-olny badblock scan "fsck -c /dev/hda2" reported
everything OK. But at the moment I tried to copy (rsync, tar) the filesystem
to new disk it crashed again. Copying the filesystem with dd was fine, but
when i loop-mounted the image and tried to copy from there, system crashed
again. So I ruled out hardware problems and tried to reboot with old kernel,
and to my surprise I could read the "broken" filesystem without any problems.
With old kernel I was able to rsync files to new hard drives, so the system is
up and running now. (Using old kernel.) I can provide filesystem image
of "broken" /usr partition for analysis.
All my other servers running 2.4.27-4 kernels use ext3 filesystems seem to be
OK, but I'm quite afraid if it might happen on ext3 as well.
These bugfixes seem to be the only ones that have to do something with
ext2/ext3. Could someone look into this issue? I will try to be as heplful as
possibe debugging this stuff.
> CVE-2006-6053
>
> LMH reported a potential local DoS which could be exploited by a
> malicious user with the privileges to mount and read a corrupted ext3
> filesystem.
>
> CVE-2006-6054
>
> LMH reported a potential local DoS which could be exploited by a
> malicious user with the privileges to mount and read a corrupted ext2
> filesystem.
>
Anyway, big thanks to the security team for the work that thay do.
--
Regards
Vladislav Kurz
Reply to: