Your message dated Mon, 11 Feb 2008 13:02:15 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#464945: fixed in linux-2.6 2.6.24-4
has caused the Debian Bug report #464945,
regarding user->root exploit in vmsplice()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
464945: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464945
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: linux-image-2.6.18-6-686
Version: 2.6.18.dfsg.1-17etch1
Severity: important
There is a bug in vmsplice from 2.6.17 to 2.6.24.1 that can be
exploited by any user process to gain root privileges.
info is here
http://isc.sans.org/newssummary.html
which links to the source code for the exploit here:
http://www.milw0rm.com/exploits/5092
...which has been tested, and works like a charm.
Also here:
http://www.isec.pl/vulnerabilities/isec-0026-vmsplice_to_kernel.txt
...which describes the exploit in more detail.
--- End Message ---
--- Begin Message ---
Source: linux-2.6
Source-Version: 2.6.24-4
We believe that the bug you reported is fixed in the latest version of
linux-2.6, which is due to be installed in the Debian FTP archive:
linux-2.6_2.6.24-4.diff.gz
to pool/main/l/linux-2.6/linux-2.6_2.6.24-4.diff.gz
linux-2.6_2.6.24-4.dsc
to pool/main/l/linux-2.6/linux-2.6_2.6.24-4.dsc
linux-doc-2.6.24_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-doc-2.6.24_2.6.24-4_all.deb
linux-headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb
to
pool/main/l/linux-2.6/linux-headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-common_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-headers-2.6.24-1-common_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
to
pool/main/l/linux-2.6/linux-headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
to
pool/main/l/linux-2.6/linux-headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
linux-headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
linux-image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
to
pool/main/l/linux-2.6/linux-image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
linux-image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
linux-image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
linux-image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
linux-libc-dev_2.6.24-4_powerpc.deb
to pool/main/l/linux-2.6/linux-libc-dev_2.6.24-4_powerpc.deb
linux-manual-2.6.24_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-manual-2.6.24_2.6.24-4_all.deb
linux-patch-debian-2.6.24_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-patch-debian-2.6.24_2.6.24-4_all.deb
linux-source-2.6.24_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-source-2.6.24_2.6.24-4_all.deb
linux-support-2.6.24-1_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-support-2.6.24-1_2.6.24-4_all.deb
linux-tree-2.6.24_2.6.24-4_all.deb
to pool/main/l/linux-2.6/linux-tree-2.6.24_2.6.24-4_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastian Blank <[EMAIL PROTECTED]> (supplier of updated linux-2.6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 11 Feb 2008 12:29:23 +0100
Source: linux-2.6
Binary: linux-source-2.6.24 linux-doc-2.6.24 linux-manual-2.6.24
linux-patch-debian-2.6.24 linux-tree-2.6.24 linux-support-2.6.24-1
linux-libc-dev linux-headers-2.6.24-1-all linux-headers-2.6.24-1-all-alpha
linux-headers-2.6.24-1-common linux-image-2.6.24-1-alpha-generic
linux-headers-2.6.24-1-alpha-generic linux-image-2.6.24-1-alpha-smp
linux-headers-2.6.24-1-alpha-smp linux-image-2.6.24-1-alpha-legacy
linux-headers-2.6.24-1-alpha-legacy linux-headers-2.6.24-1-all-amd64
linux-image-2.6.24-1-amd64 linux-headers-2.6.24-1-amd64
linux-headers-2.6.24-1-all-arm linux-image-2.6.24-1-footbridge
linux-headers-2.6.24-1-footbridge linux-image-2.6.24-1-iop32x
linux-headers-2.6.24-1-iop32x linux-image-2.6.24-1-ixp4xx
linux-headers-2.6.24-1-ixp4xx linux-headers-2.6.24-1-all-armel
linux-image-2.6.24-1-versatile linux-headers-2.6.24-1-versatile
linux-headers-2.6.24-1-all-hppa linux-image-2.6.24-1-parisc
linux-headers-2.6.24-1-parisc linux-image-2.6.24-1-parisc-smp
linux-headers-2.6.24-1-parisc-smp linux-image-2.6.24-1-parisc64
linux-headers-2.6.24-1-parisc64 linux-image-2.6.24-1-parisc64-smp
linux-headers-2.6.24-1-parisc64-smp linux-headers-2.6.24-1-all-i386
linux-image-2.6.24-1-486 linux-headers-2.6.24-1-486 linux-image-2.6.24-1-686
linux-headers-2.6.24-1-686 linux-image-2.6.24-1-686-bigmem
linux-headers-2.6.24-1-686-bigmem linux-headers-2.6.24-1-common-xen
linux-image-2.6.24-1-xen-686 linux-modules-2.6.24-1-xen-686
linux-headers-2.6.24-1-xen-686 linux-headers-2.6.24-1-all-ia64
linux-image-2.6.24-1-itanium linux-headers-2.6.24-1-itanium
linux-image-2.6.24-1-mckinley linux-headers-2.6.24-1-mckinley
linux-headers-2.6.24-1-all-m68k linux-image-2.6.24-1-amiga
linux-headers-2.6.24-1-amiga linux-image-2.6.24-1-atari
linux-headers-2.6.24-1-atari linux-image-2.6.24-1-bvme6000
linux-headers-2.6.24-1-bvme6000 linux-image-2.6.24-1-mac
linux-headers-2.6.24-1-mac linux-image-2.6.24-1-mvme147
linux-headers-2.6.24-1-mvme147 linux-image-2.6.24-1-mvme16x
linux-headers-2.6.24-1-mvme16x linux-headers-2.6.24-1-all-mips
linux-image-2.6.24-1-r4k-ip22 linux-headers-2.6.24-1-r4k-ip22
linux-image-2.6.24-1-r5k-ip32 linux-headers-2.6.24-1-r5k-ip32
linux-image-2.6.24-1-sb1-bcm91250a linux-headers-2.6.24-1-sb1-bcm91250a
linux-image-2.6.24-1-sb1a-bcm91480b linux-headers-2.6.24-1-sb1a-bcm91480b
linux-image-2.6.24-1-4kc-malta linux-headers-2.6.24-1-4kc-malta
linux-image-2.6.24-1-5kc-malta linux-headers-2.6.24-1-5kc-malta
linux-headers-2.6.24-1-all-mipsel linux-image-2.6.24-1-r5k-cobalt
linux-headers-2.6.24-1-r5k-cobalt linux-headers-2.6.24-1-all-powerpc
linux-image-2.6.24-1-powerpc linux-headers-2.6.24-1-powerpc
linux-image-2.6.24-1-powerpc-smp linux-headers-2.6.24-1-powerpc-smp
linux-image-2.6.24-1-powerpc-miboot linux-headers-2.6.24-1-powerpc-miboot
linux-image-2.6.24-1-powerpc64 linux-headers-2.6.24-1-powerpc64
linux-headers-2.6.24-1-all-s390 linux-image-2.6.24-1-s390
linux-headers-2.6.24-1-s390 linux-image-2.6.24-1-s390-tape
linux-image-2.6.24-1-s390x linux-headers-2.6.24-1-s390x
linux-headers-2.6.24-1-all-sparc linux-image-2.6.24-1-sparc64
linux-headers-2.6.24-1-sparc64 linux-image-2.6.24-1-sparc64-smp
linux-headers-2.6.24-1-sparc64-smp
Architecture: source all powerpc
Version: 2.6.24-4
Distribution: unstable
Urgency: low
Maintainer: Debian Kernel Team <[EMAIL PROTECTED]>
Changed-By: Bastian Blank <[EMAIL PROTECTED]>
Description:
linux-doc-2.6.24 - Linux kernel specific documentation for version 2.6.24
linux-headers-2.6.24-1-all - All header files for Linux 2.6.24
linux-headers-2.6.24-1-all-powerpc - All header files for Linux 2.6.24
linux-headers-2.6.24-1-common - Common header files for Linux 2.6.24
linux-headers-2.6.24-1-powerpc - Header files for Linux 2.6.24 on uniprocessor
32-bit PowerPC
linux-headers-2.6.24-1-powerpc-miboot - Header files for Linux 2.6.24 on
32-bit PowerPC for miboot floppy
linux-headers-2.6.24-1-powerpc-smp - Header files for Linux 2.6.24 on
multiprocessor 32-bit PowerPC
linux-headers-2.6.24-1-powerpc64 - Header files for Linux 2.6.24 on 64-bit
PowerPC
linux-image-2.6.24-1-powerpc - Linux 2.6.24 image on uniprocessor 32-bit
PowerPC
linux-image-2.6.24-1-powerpc-miboot - Linux 2.6.24 image on 32-bit PowerPC for
miboot floppy
linux-image-2.6.24-1-powerpc-smp - Linux 2.6.24 image on multiprocessor 32-bit
PowerPC
linux-image-2.6.24-1-powerpc64 - Linux 2.6.24 image on 64-bit PowerPC
linux-libc-dev - Linux Kernel Headers for development
linux-manual-2.6.24 - Linux kernel API manual pages for version 2.6.24
linux-patch-debian-2.6.24 - Debian patches to version 2.6.24 of the Linux
kernel
linux-source-2.6.24 - Linux kernel source for version 2.6.24 with Debian
patches
linux-support-2.6.24-1 - Support files for Linux 2.6.24
linux-tree-2.6.24 - Linux kernel source tree for building Debian kernel images
Closes: 464945
Changes:
linux-2.6 (2.6.24-4) unstable; urgency=low
.
* Add stable release 2.6.24.1:
- splice: missing user pointer access verification (CVE-2008-0009/10)
- drm: the drm really should call pci_set_master..
- Driver core: Revert "Fix Firmware class name collision"
- fix writev regression: pan hanging unkillable and un-straceable
- sched: fix high wake up latencies with FAIR_USER_SCHED
- sched: let +nice tasks have smaller impact
- b43: Reject new firmware early
- selinux: fix labeling of /proc/net inodes
- b43legacy: fix DMA slot resource leakage
- b43legacy: drop packets we are not able to encrypt
- b43legacy: fix suspend/resume
- b43legacy: fix PIO crash
- b43: Fix dma-slot resource leakage
- b43: Drop packets we are not able to encrypt
- b43: Fix suspend/resume
- sky2: fix for WOL on some devices
- sky2: restore multicast addresses after recovery
- x86: restore correct module name for apm
- ACPI: update ACPI blacklist
- PCI: Fix fakephp deadlock
- sys_remap_file_pages: fix ->vm_file accounting
- lockdep: annotate epoll
- forcedeth: mac address mcp77/79
- USB: Fix usb_serial_driver structure for Kobil cardreader driver.
- USB: handle idVendor of 0x0000
- USB: fix usbtest halt check on big endian systems
- USB: storage: Add unusual_dev for HP r707
- USB: Variant of the Dell Wireless 5520 driver
- USB: use GFP_NOIO in reset path
- USB: ftdi driver - add support for optical probe device
- USB: pl2303: add support for RATOC REX-USB60F
- USB: remove duplicate entry in Option driver and Pl2303 driver for
Huawei modem
- USB: sierra: add support for Onda H600/Zte MF330 datacard to USB Driver
for Sierra Wireless
- USB: ftdi-sio: Patch to add vendor/device id for ATK_16IC CCD
- USB: ftdi_sio - enabling multiple ELV devices, adding EM1010PC
- USB: sierra driver - add devices
- USB: Adding YC Cable USB Serial device to pl2303
- USB: Sierra - Add support for Aircard 881U
- USB: add support for 4348:5523 WinChipHead USB->RS 232 adapter
- USB: CP2101 New Device IDs
- usb gadget: fix fsl_usb2_udc potential OOPS
- USB: keyspan: Fix oops
- vm audit: add VM_DONTEXPAND to mmap for drivers that need it
(CVE-2008-0007)
- slab: fix bootstrap on memoryless node
- DVB: cx23885: add missing subsystem ID for Hauppauge HVR1800 Retail
.
[ Martin Michlmayr ]
* [arm/ixp4xx] Enble ATA_OVER_ETH, requested by Nicola Fankhauser.
* [arm/iop32x] Enble ATA_OVER_ETH.
.
[ Bastian Blank ]
* Add stable release 2.6.24.2:
- splice: fix user pointer access in get_iovec_page_array()
(CVE-2008-0600, closes: #464945)
Files:
971296a07704875d7715091e0bb75fa6 4297 devel optional linux-2.6_2.6.24-4.dsc
5ca0c43e61b9280c6da7d5459b0b71e7 3631758 devel optional
linux-2.6_2.6.24-4.diff.gz
27722bc163f7f822db3421a390a31e3f 4276114 doc optional
linux-doc-2.6.24_2.6.24-4_all.deb
6b6a10398d37a67a27cc298617d7ba97 1551686 doc optional
linux-manual-2.6.24_2.6.24-4_all.deb
b2156c5a8008c08f3bfe2c4e1daccb55 579984 devel optional
linux-patch-debian-2.6.24_2.6.24-4_all.deb
8cfe0bce60323fe9cf616c251a9e9698 45935430 devel optional
linux-source-2.6.24_2.6.24-4_all.deb
b778e8daf4adcabb87825ee272476f61 89446 devel optional
linux-support-2.6.24-1_2.6.24-4_all.deb
8f7777e7926044546d99a2b0d53372f0 75042 devel optional
linux-tree-2.6.24_2.6.24-4_all.deb
37198b9515743c34e09a033f7e565829 19087100 admin optional
linux-image-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
ed4e26cdd8a1a29aa4424d07bad29d5b 310040 devel optional
linux-headers-2.6.24-1-powerpc_2.6.24-4_powerpc.deb
8bbab6ec1551f35bb810097aa8d06b67 17348568 admin optional
linux-image-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
a60112ce3490c810b0fcddb273e2cdcc 282226 devel optional
linux-headers-2.6.24-1-powerpc-miboot_2.6.24-4_powerpc.deb
b477b49c49a62f562e4742bd68b06fc0 19377568 admin optional
linux-image-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
2c59656e83fd96b2a92751be5b3ea76e 309208 devel optional
linux-headers-2.6.24-1-powerpc-smp_2.6.24-4_powerpc.deb
827ec84b09b0270e4f2f25c11b19e3e8 21017926 admin optional
linux-image-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
44b17a3fcc22864616ce26d650b75fbe 310680 devel optional
linux-headers-2.6.24-1-powerpc64_2.6.24-4_powerpc.deb
ca0d043d0c5a9744382e386d36b78589 3594522 devel optional
linux-headers-2.6.24-1-common_2.6.24-4_powerpc.deb
351478c946bee64fd5c9992d1345a7f2 74678 devel optional
linux-headers-2.6.24-1-all_2.6.24-4_powerpc.deb
8c83a9794df77eda176d12aae59c6ffa 74710 devel optional
linux-headers-2.6.24-1-all-powerpc_2.6.24-4_powerpc.deb
c21f01619e4dda2a66a5929ea0e7793d 714566 devel optional
linux-libc-dev_2.6.24-4_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iEYEARECAAYFAkewRPgACgkQxWtQqFixGB7T3QCfUPviowvW0LyXZOCMEIznxc0e
OdkAn1Gp0QjWbTjcon3vv/mC893kblkP
=759s
-----END PGP SIGNATURE-----
--- End Message ---
