Vulnerability Bulletins

int(3409)

Vulnerability Bulletins

Desbordamiento de búfer en el kernel de Linux
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de privilegios
Dificulty	Experto
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Linux kernel < 2.6.22
Description
Se ha encontrado una vulnerabilidad del tipo desbordamiento en el kernel de Linux en las versiones anteriores a la 2.6.22. La vulnerabilidad reside en un error en la implementación del generador de números aleatorios. Un atacante local con privilegios de root podría causar una denegación de servicio y aumentar sus privilegios mediante insertar el valor por defecto wakeup threshold a un valor mayor al tamaño de la output pool.
Solution
Actualización de software Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Red Hat (RHSA-2007:0940-7) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) https://rhn.redhat.com/ Red Hat (RHSA-2007:0939-10) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Mandriva (MDKSA-2007:216) Corporate Server 3.0 X86 corporate/3.0/i586/kernel-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-BOOT-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-doc-2.6.3-37mdk.i586.rpm corporate/3.0/i586/kernel-enterprise-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-i686-up-4GB-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-p3-smp-64GB-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-secure-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-smp-2.6.3.37mdk-1-1mdk.i586.rpm corporate/3.0/i586/kernel-source-2.6.3-37mdk.i586.rpm corporate/3.0/i586/kernel-source-stripped-2.6.3-37mdk.i586.rpm corporate/3.0/SRPMS/kernel-2.6.3.37mdk-1-1mdk.src.rpm X86_64 corporate/3.0/x86_64/kernel-2.6.3.37mdk-1-1mdk.x86_64.rpm corporate/3.0/x86_64/kernel-BOOT-2.6.3.37mdk-1-1mdk.x86_64.rpm corporate/3.0/x86_64/kernel-doc-2.6.3-37mdk.x86_64.rpm corporate/3.0/x86_64/kernel-secure-2.6.3.37mdk-1-1mdk.x86_64.rpm corporate/3.0/x86_64/kernel-smp-2.6.3.37mdk-1-1mdk.x86_64.rpm corporate/3.0/x86_64/kernel-source-2.6.3-37mdk.x86_64.rpm corporate/3.0/x86_64/kernel-source-stripped-2.6.3-37mdk.x86_64.rpm corporate/3.0/SRPMS/kernel-2.6.3.37mdk-1-1mdk.src.rpm Multi Network Firewall 2.0 X86 mnf/2.0/i586/kernel-2.6.3.37mdk-1-1mdk.i586.rpm mnf/2.0/i586/kernel-i686-up-4GB-2.6.3.37mdk-1-1mdk.i586.rpm mnf/2.0/i586/kernel-p3-smp-64GB-2.6.3.37mdk-1-1mdk.i586.rpm mnf/2.0/i586/kernel-secure-2.6.3.37mdk-1-1mdk.i586.rpm mnf/2.0/i586/kernel-smp-2.6.3.37mdk-1-1mdk.i586.rpm mnf/2.0/SRPMS/kernel-2.6.3.37mdk-1-1mdk.src.rpm Debian (DSA-1504-1) Debian Linux 3.1 Source updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.dsc updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.dsc updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.tar.gz updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz Arquitectura independiente updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1_all.deb updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb alpha (DEC Alpha) updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb amd64 (AMD x86_64 (AMD64)) updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb hppa (HP PA RISC) updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb i386 (Intel ia32) updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8_i386.deb updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb ia64 (Intel ia64) updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb m68k (Motorola Mc680x0) updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb powerpc (PowerPC) updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb s390 (IBM S/390) updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb sparc (Sun SPARC/UltraSPARC) updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb
Standar resources
Property	Value
CVE	CVE-2007-3105
BID	25348
Other resources
SUSE Security Advisory (SUSE-SA:2007:051) http://www.novell.com/linux/security/advisories/2007_51_kernel.html SUSE Security Advisory (SUSE-SA:2007:053) http://www.novell.com/linux/security/advisories/2007_53_kernel.html Red Hat Security Advisory (RHSA-2007:0940-7) https://rhn.redhat.com/errata/RHSA-2007-0940.html Red Hat Security Advisory (RHSA-2007:0939-10) https://rhn.redhat.com/errata/RHSA-2007-0939.html Mandriva Security Advisory (MDKSA-2007:216) http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 Debian Security Advisory (DSA-1504-1) http://lists.debian.org/debian-security-announce/2008/msg00068.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2007-09-07
1.1	Aviso emitido por Suse (SUSE-SA:2007:053)	2007-10-15
1.2	Aviso emitido por Red Hat (RHSA-2007:0940-7)	2007-10-24
1.3	Aviso emitido por Red Hat (RHSA-2007:0939-10)	2007-11-06
1.4	Aviso emitido por Mandriva (MDKSA-2007:216)	2007-11-15
1.5	Aviso emitido por Debian (DSA-1504-1)	2008-02-26

Vulnerability Bulletins

Desbordamiento de búfer en el kernel de Linux

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history