Secunia Security Advisory - Two vulnerabilities have been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or bypass certain security restrictions.
51b1c5f0892cfab0d57a8221cd05d237a39bd44486061557538e74f451378444
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
Linux Kernel Denial of Service and IPsec Policy Bypass
SECUNIA ADVISORY ID:
SA16494
VERIFY ADVISORY:
http://secunia.com/advisories/16494/
CRITICAL:
Less critical
IMPACT:
Security Bypass, DoS
WHERE:
Local system
REVISION:
1.1 originally posted 2005-08-25
OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/product/2719/
DESCRIPTION:
Two vulnerabilities have been reported in the Linux kernel, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service) or bypass certain security restrictions.
1) The "setsockopt()" function is not restricted to privileged users
with the "CAP_NET_ADMIN" capability. This can be exploited to bypass
IPsec policies or set invalid policies to exploit other
vulnerabilities or exhaust available kernel memory.
2) An error in the "syscall32_setup_pages()" function on 64-bit x86
platforms can be exploited to cause a memory leak by executing a
malicious 32-bit application with specially crafted ELF headers.
SOLUTION:
1) The vulnerability has been fixed in version 2.6.13-rc7.
2) The vulnerability has been fixed in version 2.6.13-rc4.
PROVIDED AND/OR DISCOVERED BY:
1) Herbert Xu
2) Suresh Siddha
CHANGELOG:
2005-08-25: Added information about additional vulnerability.
ORIGINAL ADVISORY:
Kernel.org:
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.13-rc7
http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.13-rc4
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------