USN-988-1: Linux kernel vulnerabilities

Releases

• Ubuntu 10.04
• Ubuntu 9.10
• Ubuntu 9.04
• Ubuntu 8.04
• Ubuntu 6.06

Packages

• linux - Support for ACPI (udeb)
• linux-source-2.6.15 - ACPI support modules (udeb)

Details

Ben Hawkes discovered that the Linux kernel did not correctly validate
memory ranges on 64bit kernels when allocating memory on behalf of 32bit
system calls. On a 64bit system, a local attacker could perform malicious
multicast getsockopt calls to gain root privileges. (CVE-2010-3081)

Ben Hawkes discovered that the Linux kernel did not correctly filter
registers on 64bit kernels when performing 32bit system calls. On a
64bit system, a local attacker could manipulate 32bit system calls to
gain root privileges. (Ubuntu 6.06 LTS and 8.04 LTS were not affected.)
(CVE-2010-3301)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10

• linux-image-2.6.31-22-server - 2.6.31-22.65
• linux-image-2.6.31-22-ia64 - 2.6.31-22.65
• linux-image-2.6.31-22-generic-pae - 2.6.31-22.65
• linux-image-2.6.31-22-386 - 2.6.31-22.65
• linux-image-2.6.31-22-powerpc - 2.6.31-22.65
• linux-image-2.6.31-22-sparc64 - 2.6.31-22.65
• linux-image-2.6.31-22-sparc64-smp - 2.6.31-22.65
• linux-image-2.6.31-22-powerpc-smp - 2.6.31-22.65
• linux-image-2.6.31-22-virtual - 2.6.31-22.65
• linux-image-2.6.31-22-powerpc64-smp - 2.6.31-22.65
• linux-image-2.6.31-22-generic - 2.6.31-22.65
• linux-image-2.6.31-22-lpia - 2.6.31-22.65

Ubuntu 9.04

• linux-image-2.6.28-19-lpia - 2.6.28-19.65
• linux-image-2.6.28-19-versatile - 2.6.28-19.65
• linux-image-2.6.28-19-imx51 - 2.6.28-19.65
• linux-image-2.6.28-19-generic - 2.6.28-19.65
• linux-image-2.6.28-19-server - 2.6.28-19.65
• linux-image-2.6.28-19-ixp4xx - 2.6.28-19.65
• linux-image-2.6.28-19-virtual - 2.6.28-19.65
• linux-image-2.6.28-19-iop32x - 2.6.28-19.65

Ubuntu 8.04

• linux-image-2.6.24-28-powerpc64-smp - 2.6.24-28.79
• linux-image-2.6.24-28-hppa32 - 2.6.24-28.79
• linux-image-2.6.24-28-generic - 2.6.24-28.79
• linux-image-2.6.24-28-powerpc - 2.6.24-28.79
• linux-image-2.6.24-28-sparc64-smp - 2.6.24-28.79
• linux-image-2.6.24-28-itanium - 2.6.24-28.79
• linux-image-2.6.24-28-openvz - 2.6.24-28.79
• linux-image-2.6.24-28-virtual - 2.6.24-28.79
• linux-image-2.6.24-28-rt - 2.6.24-28.79
• linux-image-2.6.24-28-lpia - 2.6.24-28.79
• linux-image-2.6.24-28-hppa64 - 2.6.24-28.79
• linux-image-2.6.24-28-mckinley - 2.6.24-28.79
• linux-image-2.6.24-28-server - 2.6.24-28.79
• linux-image-2.6.24-28-powerpc-smp - 2.6.24-28.79
• linux-image-2.6.24-28-386 - 2.6.24-28.79
• linux-image-2.6.24-28-lpiacompat - 2.6.24-28.79
• linux-image-2.6.24-28-sparc64 - 2.6.24-28.79
• linux-image-2.6.24-28-xen - 2.6.24-28.79

Ubuntu 6.06

• linux-image-2.6.15-55-hppa64 - 2.6.15-55.88
• linux-image-2.6.15-55-mckinley - 2.6.15-55.88
• linux-image-2.6.15-55-powerpc-smp - 2.6.15-55.88
• linux-image-2.6.15-55-hppa32-smp - 2.6.15-55.88
• linux-image-2.6.15-55-686 - 2.6.15-55.88
• linux-image-2.6.15-55-amd64-k8 - 2.6.15-55.88
• linux-image-2.6.15-55-amd64-server - 2.6.15-55.88
• linux-image-2.6.15-55-386 - 2.6.15-55.88
• linux-image-2.6.15-55-sparc64-smp - 2.6.15-55.88
• linux-image-2.6.15-55-k7 - 2.6.15-55.88
• linux-image-2.6.15-55-sparc64 - 2.6.15-55.88
• linux-image-2.6.15-55-server - 2.6.15-55.88
• linux-image-2.6.15-55-powerpc64-smp - 2.6.15-55.88
• linux-image-2.6.15-55-hppa32 - 2.6.15-55.88
• linux-image-2.6.15-55-mckinley-smp - 2.6.15-55.88
• linux-image-2.6.15-55-server-bigiron - 2.6.15-55.88
• linux-image-2.6.15-55-itanium-smp - 2.6.15-55.88
• linux-image-2.6.15-55-amd64-xeon - 2.6.15-55.88
• linux-image-2.6.15-55-powerpc - 2.6.15-55.88
• linux-image-2.6.15-55-amd64-generic - 2.6.15-55.88
• linux-image-2.6.15-55-hppa64-smp - 2.6.15-55.88
• linux-image-2.6.15-55-itanium - 2.6.15-55.88

Ubuntu 10.04

• linux-image-2.6.32-24-powerpc-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-386 - 2.6.32-24.43
• linux-image-2.6.32-24-powerpc - 2.6.32-24.43
• linux-image-2.6.32-24-powerpc64-smp - 2.6.32-24.43
• linux-image-2.6.32-24-preempt-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-sparc64-smp-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-powerpc64-smp-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-lpia - 2.6.32-24.43
• linux-image-2.6.32-24-generic-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-sparc64-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-ia64-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-generic-pae - 2.6.32-24.43
• linux-image-2.6.32-24-lpia-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-generic - 2.6.32-24.43
• linux-image-2.6.32-24-server - 2.6.32-24.43
• linux-image-2.6.32-24-preempt - 2.6.32-24.43
• linux-image-2.6.32-24-powerpc-smp-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-386-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-versatile - 2.6.32-24.43
• linux-image-2.6.32-24-virtual - 2.6.32-24.43
• linux-image-2.6.32-24-powerpc-smp - 2.6.32-24.43
• linux-image-2.6.32-24-generic-pae-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-server-dbgsym - 2.6.32-24.43
• linux-image-2.6.32-24-ia64 - 2.6.32-24.43
• linux-image-2.6.32-24-sparc64-smp - 2.6.32-24.43
• linux-image-2.6.32-24-sparc64 - 2.6.32-24.43
• linux-image-2.6.32-24-versatile-dbgsym - 2.6.32-24.43

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

• CVE-2010-3081
• CVE-2010-3301

Related notices

• USN-1074-1: linux-image-2.6.31-112-imx51, linux-fsl-imx51
• USN-1119-1: linux-ti-omap4, linux-image-2.6.35-903-omap4
• USN-1074-2: linux-image-2.6.31-608-imx51, linux-fsl-imx51
• USN-1083-1: linux-image-2.6.35-25-virtual, linux-image-2.6.35-25-generic-pae, linux-image-2.6.35-25-server, linux-image-2.6.35-25-generic, linux-lts-backport-maverick
• USN-1041-1: linux-image-2.6.35-24-generic, linux-image-2.6.35-24-versatile, linux-image-2.6.32-27-sparc64, linux-image-2.6.31-22-powerpc64-smp, linux-image-2.6.32-27-generic-pae, linux-image-2.6.32-27-powerpc64-smp, linux-image-2.6.31-22-powerpc, linux-image-2.6.32-27-generic, linux-image-2.6.31-22-sparc64-smp, linux-image-2.6.32-27-server, linux-image-2.6.32-27-versatile, linux-image-2.6.35-24-virtual, linux-image-2.6.32-27-powerpc, linux-image-2.6.35-24-server, linux-image-2.6.31-22-server, linux-image-2.6.32-27-powerpc-smp, linux-image-2.6.32-27-preempt, linux-image-2.6.31-22-sparc64, linux-image-2.6.31-22-lpia, linux-image-2.6.31-307-ec2, linux-image-2.6.32-27-386, linux-image-2.6.32-27-virtual, linux-image-2.6.35-24-omap, linux, linux-image-2.6.31-22-386, linux-image-2.6.31-22-generic-pae, linux-image-2.6.31-22-powerpc-smp, linux-image-2.6.35-24-generic-pae, linux-image-2.6.35-24-powerpc64-smp, linux-image-2.6.31-22-ia64, linux-image-2.6.32-311-ec2, linux-image-2.6.32-27-lpia, linux-image-2.6.35-24-powerpc-smp, linux-image-2.6.31-22-virtual, linux-image-2.6.31-22-generic, linux-image-2.6.35-24-powerpc, linux-image-2.6.32-27-ia64, linux-ec2, linux-image-2.6.32-27-sparc64-smp