exploit the possibilities

Mandriva Linux Security Advisory 2010-214

Mandriva Linux Security Advisory 2010-214
Posted Nov 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-214 - A vulnerability in Linux kernel caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the compat_alloc_user_space method with an arbitrary length input.

tags | advisory, arbitrary, kernel
systems | linux, mandriva
advisories | CVE-2010-3081
MD5 | 5fe0152d9bc14e19754c9f0c28f744b8

Mandriva Linux Security Advisory 2010-214

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:214
http://www.mandriva.com/security/
_______________________________________________________________________

Package : kernel
Date : October 29, 2010
Affected: Corporate 4.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in the Linux 2.6 kernel:

A vulnerability in Linux kernel caused by insecure allocation of user
space memory when translating system call inputs to 64-bit. A stack
pointer underflow can occur when using the compat_alloc_user_space
method with an arbitrary length input. (CVE-2010-3081)

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081
https://qa.mandriva.com/61447
_______________________________________________________________________

Updated Packages:

Corporate 4.0:
fabca395b39b6ed6d458799eb412572e corporate/4.0/i586/kernel-2.6.12.42mdk-1-1mdk.i586.rpm
3077f89b0ee23364826844a7d9a83dcb corporate/4.0/i586/kernel-BOOT-2.6.12.42mdk-1-1mdk.i586.rpm
c3e963bcd59b676adf367224c8580998 corporate/4.0/i586/kernel-doc-2.6.12.42mdk-1-1mdk.i586.rpm
3fda402572a9ca2a6f3a2cce8a927ef5 corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.42mdk-1-1mdk.i586.rpm
74671054d68dd70b88042554a09dc70e corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.42mdk-1-1mdk.i586.rpm
e5fbee70a2318efbae909957653f0d21 corporate/4.0/i586/kernel-smp-2.6.12.42mdk-1-1mdk.i586.rpm
aaf581038c6cebb9d748d4503ce37af7 corporate/4.0/i586/kernel-source-2.6.12.42mdk-1-1mdk.i586.rpm
c694977b8e08fa592ce384a4f4a77eff corporate/4.0/i586/kernel-source-stripped-2.6.12.42mdk-1-1mdk.i586.rpm
52d63e629865ff6501d0c766c234f1ad corporate/4.0/i586/kernel-xbox-2.6.12.42mdk-1-1mdk.i586.rpm
a5a3649d10977f5c637043ac1efdb144 corporate/4.0/i586/kernel-xen0-2.6.12.42mdk-1-1mdk.i586.rpm
a2f59640dbaa4d566ad41eb6512c4e63 corporate/4.0/i586/kernel-xenU-2.6.12.42mdk-1-1mdk.i586.rpm
0c316f3efcbaff64fea607cdc9e0a085 corporate/4.0/SRPMS/kernel-2.6.12.42mdk-1-1mdk.src.rpm

Corporate 4.0/X86_64:
c471d4337b179919823bc63588a27e47 corporate/4.0/x86_64/kernel-2.6.12.42mdk-1-1mdk.x86_64.rpm
0bef4a498595c2df1d6d8c5d5be6f0c2 corporate/4.0/x86_64/kernel-BOOT-2.6.12.42mdk-1-1mdk.x86_64.rpm
582eae8d7a9d12fbf85d3c2a08ff9824 corporate/4.0/x86_64/kernel-doc-2.6.12.42mdk-1-1mdk.x86_64.rpm
d76674127a48f49db5647c9b007872f8 corporate/4.0/x86_64/kernel-smp-2.6.12.42mdk-1-1mdk.x86_64.rpm
36d9743d4ff644c74a33b9cee2adec05 corporate/4.0/x86_64/kernel-source-2.6.12.42mdk-1-1mdk.x86_64.rpm
6d077ef61b3438888da3ec9f901e3ad8 corporate/4.0/x86_64/kernel-source-stripped-2.6.12.42mdk-1-1mdk.x86_64.rpm
ad64ebbf54fa5ecf30e1da88eaacf540 corporate/4.0/x86_64/kernel-xen0-2.6.12.42mdk-1-1mdk.x86_64.rpm
1311e12d6c8ab1d93a6eb9623cd11aea corporate/4.0/x86_64/kernel-xenU-2.6.12.42mdk-1-1mdk.x86_64.rpm
0c316f3efcbaff64fea607cdc9e0a085 corporate/4.0/SRPMS/kernel-2.6.12.42mdk-1-1mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMyw/EmqjQ0CJFipgRAomrAJ0bZKR+DXaG5gd78VowqmVVdtp07ACfaoFQ
v6b4gKMa6SKoMRovnQ3bI+k=
=ENEg
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close