[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#506586: [SECURITY] [DSA 1809-1] New Linux 2.6.26 packages fix several vulnerabilities



On Wed, Jun 03, 2009 at 09:29:33AM +0200, Johannes Wiedersich wrote:
> Hallo list,
> 
> dann frazier wrote:
> > ----------------------------------------------------------------------
> > Debian Security Advisory DSA-1809-1                security@debian.org
> > http://www.debian.org/security/                           dann frazier
> > Jun 01, 2009                        http://www.debian.org/security/faq
> > ----------------------------------------------------------------------
> > 
> > Package        : linux-2.6
> > Vulnerability  : denial of service, privilege escalation
> > Problem type   : local/remote
> > Debian-specific: no
> > CVE Id(s)      : CVE-2009-1630 CVE-2009-1633 CVE-2009-1758
> 
> [snip]
> 
> > CVE-2009-1633
> > 
> >     Jeff Layton and Suresh Jayaraman fixed several buffer overflows in
> >     the CIFS filesystem which allow remote servers to cause memory
> >     corruption.
> 
> Apparently this is a different issue from #506586, I can still verify
> that bug on my system. In particular a simple 'du -hs' on the mounted
> cifs share leads to an immediate freeze of the system.
> 
> I have two questions:
> 
> Is a hard freeze, incurring data loss of all open/unsaved files
> considered a security issue?
> 
> Since #506586 and #509428 are reported to be fixed in
> inux-image-2.6.29-1-686 2.6.29-2
> inux-image-2.6.29-1-686 2.6.29-3
> is there any chance that the fixes are backported for lenny or should
> users of stable upgrade to the kernel from testing/unstable/backports?

The problem is that the exact changes fixing the problem are yet
unknown. If you can pinpoint the root cause we can consider a backport,
but since the crashes cannot be reproduced reliably bisecting or similar
methods are arguably hard.

Cheers,
        Moritz








Reply to: