Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues

To: debian-security@lists.debian.org
Cc: debian-kernel@lists.debian.org
Subject: Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
From: Vladislav Kurz <vladislav.kurz@webstep.net>
Date: Fri, 29 Feb 2008 17:06:18 +0100
Message-id: <[🔎] 200802291706.19171.vladislav.kurz@webstep.net>
In-reply-to: <20080222205548.GA6392@ldl.fc.hp.com>
References: <20080222205548.GA6392@ldl.fc.hp.com>

Hello all,

I wanted to file this through BTS but I'm not sure which package is the right 
place ot file kernel related bugs. Therefore I post here.

It seems that last upgrade of kernel 2.4.27 is causing system crash and maybe 
even filesystem corruption at least with ext2 filesystem.

Yesterday I have upgraded and rebooted couple of machines that still use 
kernel version 2.4.27, and one of them crashed after 5 and half hours.
It still responded to pings, maybe routing and firewalling as well, but SSH 
and other services were unavailable. This is the only machine still using 
ext2 filesystem.

After rebooting i worked fine until I tried to access some parts of 
filesystem. I susected problems with hard disk but there were no messages on 
console (I expected I/O errors and such). Memory was fine as well.
Checking filesystem with read-olny badblock scan "fsck -c /dev/hda2" reported 
everything OK. But at the moment I tried to copy (rsync, tar) the filesystem 
to new disk it crashed again. Copying the filesystem with dd was fine, but 
when i loop-mounted the image and tried to copy from there, system crashed 
again. So I ruled out hardware problems and tried to reboot with old kernel, 
and to my surprise I could read the "broken" filesystem without any problems.

With old kernel I was able to rsync files to new hard drives, so the system is 
up and running now. (Using old kernel.) I can provide filesystem image 
of "broken" /usr partition for analysis.

All my other servers running 2.4.27-4 kernels use ext3 filesystems seem to be 
OK, but I'm quite afraid if it might happen on ext3 as well.

These bugfixes seem to be the only ones that have to do something with 
ext2/ext3. Could someone look into this issue? I will try to be as heplful as 
possibe debugging this stuff.

> CVE-2006-6053
>
>     LMH reported a potential local DoS which could be exploited by a
> malicious user with the privileges to mount and read a corrupted ext3
> filesystem.
>
> CVE-2006-6054
>
>     LMH reported a potential local DoS which could be exploited by a
> malicious user with the privileges to mount and read a corrupted ext2
> filesystem.
>

Anyway, big thanks to the security team for the work that thay do.

-- 
Regards
Vladislav Kurz

Reply to:

Follow-Ups:
- RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
  - From: "Desai, Jason" <jase@sensis.com>
- RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
  - From: "Desai, Jason" <jase@sensis.com>

Prev by Date: Processed: reassign 468492 to kernel-package
Next by Date: RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Previous by thread: Processed: reassign 468492 to kernel-package
Next by thread: RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Index(es):
- Date
- Thread