RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
I have noticed very similar things with one of my boxes which was
upgraded to the latest 2.4.27 kernel. Sometimes, it would even hang
when running depmod from the modutils init script when booting. I did
some troubleshooting, and found that the older kernel boots fine.
Moving some modules out to a different directory allowed the system to
boot. But it would eventually hang after a few hours, sometimes after
only minutes. Like you indicated - ping would work. But there was
nothing in the logs on the screen for me.
I had other systems upgraded to this kernel too, and they seem ok. Most
use ext3. However one does use ext2, and so far it has been ok. The
system giving me problems is a VM running inside of VMWare Server. I
was thinking the issue may have been with VMWare.
I may consider trying to go to ext3 to see if that improves things.
Jase
> -----Original Message-----
> From: Vladislav Kurz [mailto:vladislav.kurz@webstep.net]
> Sent: Friday, February 29, 2008 11:06 AM
> To: debian-security@lists.debian.org
> Cc: debian-kernel@lists.debian.org
> Subject: Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27
> packages fix several issues
>
> Hello all,
>
> I wanted to file this through BTS but I'm not sure which
> package is the right
> place ot file kernel related bugs. Therefore I post here.
>
> It seems that last upgrade of kernel 2.4.27 is causing system
> crash and maybe
> even filesystem corruption at least with ext2 filesystem.
>
> Yesterday I have upgraded and rebooted couple of machines
> that still use
> kernel version 2.4.27, and one of them crashed after 5 and half hours.
> It still responded to pings, maybe routing and firewalling as
> well, but SSH
> and other services were unavailable. This is the only machine
> still using
> ext2 filesystem.
>
> After rebooting i worked fine until I tried to access some parts of
> filesystem. I susected problems with hard disk but there were
> no messages on
> console (I expected I/O errors and such). Memory was fine as well.
> Checking filesystem with read-olny badblock scan "fsck -c
> /dev/hda2" reported
> everything OK. But at the moment I tried to copy (rsync, tar)
> the filesystem
> to new disk it crashed again. Copying the filesystem with dd
> was fine, but
> when i loop-mounted the image and tried to copy from there,
> system crashed
> again. So I ruled out hardware problems and tried to reboot
> with old kernel,
> and to my surprise I could read the "broken" filesystem
> without any problems.
>
> With old kernel I was able to rsync files to new hard drives,
> so the system is
> up and running now. (Using old kernel.) I can provide
> filesystem image
> of "broken" /usr partition for analysis.
>
> All my other servers running 2.4.27-4 kernels use ext3
> filesystems seem to be
> OK, but I'm quite afraid if it might happen on ext3 as well.
>
> These bugfixes seem to be the only ones that have to do
> something with
> ext2/ext3. Could someone look into this issue? I will try to
> be as heplful as
> possibe debugging this stuff.
>
> > CVE-2006-6053
> >
> > LMH reported a potential local DoS which could be exploited by a
> > malicious user with the privileges to mount and read a
> corrupted ext3
> > filesystem.
> >
> > CVE-2006-6054
> >
> > LMH reported a potential local DoS which could be exploited by a
> > malicious user with the privileges to mount and read a
> corrupted ext2
> > filesystem.
> >
>
> Anyway, big thanks to the security team for the work that thay do.
>
> --
> Regards
> Vladislav Kurz
>
>
> --
> To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
Reply to: