[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#541483: marked as done (linux-image-2.6.18-6-686-bigmem: root exploit)

Your message dated Thu, 20 Aug 2009 19:10:46 +0200
with message-id <20090820171046.GC18469@inutil.org>
and subject line Re: linux-image-2.6.26-2-686: Local Privilege Escalation
has caused the Debian Bug report #541403,
regarding linux-image-2.6.18-6-686-bigmem: root exploit
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
541403: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541403
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: linux-image-2.6.18-6-686-bigmem
Version: 2.6.18.dfsg.1-24etch2
Severity: critical
Tags: security
Justification: root security hole


see

http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html


and the fix

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98


We've tested one exploit and it worked (also in 2.6.8)



-- System Information:
Debian Release: 4.0
  APT prefers oldstable
  APT policy: (500, 'oldstable'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-6-686-bigmem (SMP w/4 CPU cores)
Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages linux-image-2.6.18-6-686-bigmem depends on:
ii  coreutils                    5.97-5.3    The GNU core utilities
ii  debconf [debconf-2.0]        1.5.11etch2 Debian configuration management sy
ii  initramfs-tools [linux-initr 0.85i       tools for generating an initramfs
ii  module-init-tools            3.3-pre4-2  tools for managing Linux kernel mo

Versions of packages linux-image-2.6.18-6-686-bigmem recommends:
ii  libc6-i686                    2.7-18     GNU C Library: Shared libraries [i

Versions of packages linux-image-2.6.18-6-686-bigmem suggests:
ii  grub                        0.97-27etch1 GRand Unified Bootloader
pn  linux-doc-2.6.18            <none>       (no description available)

-- debconf information:
  linux-image-2.6.18-6-686-bigmem/preinst/abort-overwrite-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/preinst/failed-to-move-modules-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/preinst/bootloader-initrd-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/preinst/abort-install-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/postinst/create-kimage-link-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/postinst/old-initrd-link-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/preinst/overwriting-modules-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/postinst/old-system-map-link-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/postinst/depmod-error-initrd-2.6.18-6-686-bigmem: false
  linux-image-2.6.18-6-686-bigmem/postinst/bootloader-error-2.6.18-6-686-bigmem:
  shared/kernel-image/really-run-bootloader: true
  linux-image-2.6.18-6-686-bigmem/prerm/would-invalidate-boot-loader-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/postinst/old-dir-initrd-link-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/prerm/removing-running-kernel-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/preinst/lilo-has-ramdisk:
* linux-image-2.6.18-6-686-bigmem/preinst/already-running-this-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/postinst/kimage-is-a-directory:
  linux-image-2.6.18-6-686-bigmem/postinst/bootloader-test-error-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/postinst/depmod-error-2.6.18-6-686-bigmem: false
  linux-image-2.6.18-6-686-bigmem/preinst/lilo-initrd-2.6.18-6-686-bigmem: true
  linux-image-2.6.18-6-686-bigmem/preinst/initrd-2.6.18-6-686-bigmem:
  linux-image-2.6.18-6-686-bigmem/preinst/elilo-initrd-2.6.18-6-686-bigmem: true

--- End Message ---
--- Begin Message --- 
Version: 2.6.30-6

On Thu, Aug 13, 2009 at 05:43:25PM -045A00, Stefano wrote:
> Package: linux-image-2.6.26-2-686
> Version: 2.6.26-17
> Justification: root security hole
> Severity: critical
> Tags: security
> 
> *** Please type your report below this line ***
> 
> Hi,
> 
> today a serious bug in the Linux Kernel has been discovered and
> disclosed. It affects all 2.4 and 2.6 kernels since 2001 on all
> architectures. 
> 
> See here for more details:
> http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
> 
> Hopefully this bug has already been patched:
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
> 
> I'm pretty sure that you guys already know that, but it is really urgent
> to apply the patch and release an update for the linux-image packages.
> 
> Thank you for your fantastic job.

This was fixed in unstable in 2.6.30-6. The 2.6.18, 2.6.24 and 2.6.26 kernels
from Etch and Lenny have been fixed in DSAs.

Cheers,
        Moritz

--- End Message ---
Reply to: