RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues
Just to update anyone who cares, I moved the modules back and rebooted,
and verified that the system would have on bootup. Then I converted
from ext2 to ext3, and was able to boot just fine. I will let this
system run over the weekend and see how it is on Monday.
Jase
> -----Original Message-----
> From: Desai, Jason
> Sent: Friday, February 29, 2008 12:23 PM
> To: 'Vladislav Kurz'
> Cc: 'debian-security@lists.debian.org';
> 'debian-kernel@lists.debian.org'
> Subject: RE: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27
> packages fix several issues
>
> I have noticed very similar things with one of my boxes which
> was upgraded to the latest 2.4.27 kernel. Sometimes, it
> would even hang when running depmod from the modutils init
> script when booting. I did some troubleshooting, and found
> that the older kernel boots fine. Moving some modules out to
> a different directory allowed the system to boot. But it
> would eventually hang after a few hours, sometimes after only
> minutes. Like you indicated - ping would work. But there
> was nothing in the logs on the screen for me.
>
> I had other systems upgraded to this kernel too, and they
> seem ok. Most use ext3. However one does use ext2, and so
> far it has been ok. The system giving me problems is a VM
> running inside of VMWare Server. I was thinking the issue
> may have been with VMWare.
>
> I may consider trying to go to ext3 to see if that improves things.
>
> Jase
>
> > -----Original Message-----
> > From: Vladislav Kurz [mailto:vladislav.kurz@webstep.net]
> > Sent: Friday, February 29, 2008 11:06 AM
> > To: debian-security@lists.debian.org
> > Cc: debian-kernel@lists.debian.org
> > Subject: Re: [SECURITY] [DSA 1503-1] New Linux kernel 2.4.27
> > packages fix several issues
> >
> > Hello all,
> >
> > I wanted to file this through BTS but I'm not sure which
> > package is the right
> > place ot file kernel related bugs. Therefore I post here.
> >
> > It seems that last upgrade of kernel 2.4.27 is causing system
> > crash and maybe
> > even filesystem corruption at least with ext2 filesystem.
> >
> > Yesterday I have upgraded and rebooted couple of machines
> > that still use
> > kernel version 2.4.27, and one of them crashed after 5 and
> half hours.
> > It still responded to pings, maybe routing and firewalling as
> > well, but SSH
> > and other services were unavailable. This is the only machine
> > still using
> > ext2 filesystem.
> >
> > After rebooting i worked fine until I tried to access some parts of
> > filesystem. I susected problems with hard disk but there were
> > no messages on
> > console (I expected I/O errors and such). Memory was fine as well.
> > Checking filesystem with read-olny badblock scan "fsck -c
> > /dev/hda2" reported
> > everything OK. But at the moment I tried to copy (rsync, tar)
> > the filesystem
> > to new disk it crashed again. Copying the filesystem with dd
> > was fine, but
> > when i loop-mounted the image and tried to copy from there,
> > system crashed
> > again. So I ruled out hardware problems and tried to reboot
> > with old kernel,
> > and to my surprise I could read the "broken" filesystem
> > without any problems.
> >
> > With old kernel I was able to rsync files to new hard drives,
> > so the system is
> > up and running now. (Using old kernel.) I can provide
> > filesystem image
> > of "broken" /usr partition for analysis.
> >
> > All my other servers running 2.4.27-4 kernels use ext3
> > filesystems seem to be
> > OK, but I'm quite afraid if it might happen on ext3 as well.
> >
> > These bugfixes seem to be the only ones that have to do
> > something with
> > ext2/ext3. Could someone look into this issue? I will try to
> > be as heplful as
> > possibe debugging this stuff.
> >
> > > CVE-2006-6053
> > >
> > > LMH reported a potential local DoS which could be
> exploited by a
> > > malicious user with the privileges to mount and read a
> > corrupted ext3
> > > filesystem.
> > >
> > > CVE-2006-6054
> > >
> > > LMH reported a potential local DoS which could be
> exploited by a
> > > malicious user with the privileges to mount and read a
> > corrupted ext2
> > > filesystem.
> > >
> >
> > Anyway, big thanks to the security team for the work that thay do.
> >
> > --
> > Regards
> > Vladislav Kurz
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> >
> >
>
Reply to: