Bug#506586: [SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities
On Wed, Jun 03, 2009 at 09:29:33AM +0200, Johannes Wiedersich wrote:
> Hallo list,
>
> dann frazier wrote:
> > ----------------------------------------------------------------------
> > Debian Security Advisory DSA-1809-1 security@debian.org
> > http://www.debian.org/security/ dann frazier
> > Jun 01, 2009 http://www.debian.org/security/faq
> > ----------------------------------------------------------------------
> >
> > Package : linux-2.6
> > Vulnerability : denial of service, privilege escalation
> > Problem type : local/remote
> > Debian-specific: no
> > CVE Id(s) : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
>
> [snip]
>
> > CVE-2009-1633
> >
> > Jeff Layton and Suresh Jayaraman fixed several buffer overflows in
> > the CIFS filesystem which allow remote servers to cause memory
> > corruption.
>
> Apparently this is a different issue from #506586, I can still verify
> that bug on my system. In particular a simple 'du -hs' on the mounted
> cifs share leads to an immediate freeze of the system.
>
> I have two questions:
>
> Is a hard freeze, incurring data loss of all open/unsaved files
> considered a security issue?
>
> Since #506586 and #509428 are reported to be fixed in
> inux-image-2.6.29-1-686 2.6.29-2
> inux-image-2.6.29-1-686 2.6.29-3
> is there any chance that the fixes are backported for lenny or should
> users of stable upgrade to the kernel from testing/unstable/backports?
The problem is that the exact changes fixing the problem are yet
unknown. If you can pinpoint the root cause we can consider a backport,
but since the crashes cannot be reproduced reliably bisecting or similar
methods are arguably hard.
Cheers,
Moritz
Reply to: