Skip to main content

10 Kernel Vulnerabilities in Ubuntu 6.06, 8.04, 8.10, 9.04 and 9.10

Canonical announced a few hours ago the immediate availability of a new Linux kernel security update for the following Ubuntu distributions: 6.06 LTS (Dapper Drake), 8.04 LTS (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope) and 9.10 (Karmic Koala). The update also applies to Kubuntu, Edubuntu and Xubuntu and it patches 10 important security issues (see below for details) discovered in the Linux kernel packages by various hackers. Therefore, it is strongly recommended to update your system as soon as possible!

The following Linux kernel vulnerabilities were discovered:

1. The EXT4 and HFS filesystems failed to check various disk structures. Because of this, a remote attacker could trick a user into mounting a specially devised filesystem and could crash the affected system or gain root (system administrator) privileges. The issue was discovered by Amerigo Wang and Eric Sesterhenn and affects all the aforementioned Ubuntu systems.


2. FUSE (Filesystem in Userspace) failed to check various requests. Because of this, a local attacker that had access to FUSE mounts could crash the affected system or gain root (system administrator) privileges. The issue affects only Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04 systems.

3. KVM failed to decode various guest instructions. This could lead to a DoS attack and crash the affected system, by triggering "high scheduling latency" in the host. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

4. The OHCI firewire driver failed to handle various ioctls. Because of this, a local attacker could crash the affected system or gain root (system administrator) privileges. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

5. The Linux kernel failed to handle O_ASYNC on locked files. Because of this, a local attacker could gain root (system administrator) privileges. The issue was discovered by Tavis Ormandy and affects only Ubuntu 9.04 and 9.10 systems.

6. The e1000e and e1000 network drivers for Eee PCs failed to check Ethernet frames' size. Because of this, a local attacker on the LAN could crash the affected system or gain root (system administrator) privileges by sending specially devised traffic. The issue was discovered by Neil Horman and Eugene Teo, and affects all Ubuntu systems.

7. Random contents of kernel memory could be shown by "print-fatal-signals" reporting. This could lead to loss of privacy. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

8. IPv6 failed to handle jumbo frames. This could lead to a DoS attack and crash the affected system. The issue was discovered by Olli Jarva and Tuomo Untinen, and affects only Ubuntu 9.04 and 9.10 systems.

9. The rules of bridging netfilter could be modified by regular users. This could lead to a DoS attack, by fracturing the network traffic. The issue was discovered by Florian Westphal and affects all Ubuntu systems.

10. Linux kernel memory could be leaked by various mremap operations. This could lead to a DoS attack, by consuming the entire available memory. The issue was discovered by Al Viro and affects all Ubuntu systems.

The above Linux kernel vulnerabilities can be fixed if you update your system today to the following specific packages:

• For Ubuntu 6.06 LTS, users should update their kernel packages to linux-image-2.6.15-55.82.

• For Ubuntu 8.04 LTS, users should update their kernel packages to linux-image-2.6.24-27.65.

• For Ubuntu 8.10, users should update their kernel packages to linux-image-2.6.27-17.45.

• For Ubuntu 9.04, users should update their kernel packages to linux-image-2.6.28-18.59.

• For Ubuntu 9.10, users should update their kernel packages to linux-image-2.6.31-19.56.

Don't forget to reboot your computer after this important kernel update! To verify the kernel version, type the sudo dpkg -l linux-image-2.6.31-19-generic command in a terminal (the example is for Ubuntu 9.10 users ONLY, and it will output the version of the Linux kernel listed above).

ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall or recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.

Comments

Popular posts from this blog

Shell Script to check tomcat status and restart

The below script checks the status of a particular tomcat status and restarts it if the tomcat does not respond....TOMCAT_HOME=/usr/local/tomcat-folder/

is_Running ()
{

        wget -O - http://yourserver.com/ >& /dev/null
 if( test $? -eq 0 ) then
  return 0
 else
  return 1
 fi
}


kill_Hanged_Processes ()
{
 echo "killing hanged processes......"
 javaProcs=`ps -efl| grep -v grep | grep java`
 if(test ! -z "$javaProcs") then
  echo "nonzero"
  processId=`echo $javaProcs | awk '{ print $2} '`
  echo "$processId"
  kill -9 $processId
 fi
}
stop_Tomcat ()
{
 echo "shutting down......"
 $TOMCAT_HOME/bin/shutdown.sh
}

start_Tomcat ()
{
 echo "starting......"
 $TOMCAT_HOME/bin/startup.sh
}

restart ()
{
 stop_Tomcat
 sleep 10
 kill_Hanged_Processes
 start_Tomcat
 sleep 60
}

send_Mail ()
{
#!/bin/bash
# script to send simple email
# email subject
SUBJECT="Telegraphindia.com went down"
# Email To ?
EMAIL="mailid1@gmail.com,mailid2@gmail.com"
# Em…

Getting access to menu from portlet in liferay

The below code describes the way of accessing menu items from the portlet. Here i have called it from jsp. The best thing about this is you can use the beautiful permission management of menu items of liferay as well without bothering about that. Writing services for fetching menu names from the layout tables will need more codes for permission managements......

Hope this helps.........


<%--
/**
* Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 2.1 of the License, or (at your option)
* any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
*/
--%>
<%@ page import="com.li…

Virus f Opyum Team

Symptoms :: 
Several processes running named f or i. 
Network choked
Apache Dead
Unknown entry  * * * * * root f Opyum Team in crontab

Investigate ::
Try to kill the f process and even root will be unable to kill it. Check file named f and i in /etc or /bin or /usr/sbin directory. Try to delete, the file f  will not delete.  Some unknown .jpg files will be there in the same folder. 

Solve :: The root is unable to delete the file f because of the immutable bit in f
To remove it use ses or chattr
Follow the below steps to remove it completely.....



remove the unknown .jpg files in system folders

#top
(kill process f) option k

#ses -i /bin/f
#rm /bin/f
#ses -i /etc/crontab
#vi /etc/crontab (and delete last line)
#reboot


Precautions ::  In my case the server was hacked bu Brute-force attack
So set a good password with a combination of upper,lower case letters and special characters.

Post your feedback or any issues you may face removing the virus.  Very less number of good threads are there explaining …