Vulnerability Bulletins |
Integer Overflow en el kernel de Linux |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Compromiso Root |
Dificulty | Avanzado |
Required attacker level | Acceso remoto con cuenta |
System information |
|
Property | Value |
Affected manufacturer | GNU/Linux |
Affected software |
Linux kernel 2.4.22 - 2.4.25 Linux kernel 2.6.1- 2.6.3 |
Description |
|
Se ha descubierto una vulnerabilidad de desbordamiento de entero en las versiones de la 2.4.22 a la 2.4.25 y de la 2.6.1 a la 2.6.3 del kernel de Linux. La vulnerabilidad reside en la función ip_setsockopt(), una subrutina de la llamada al sistema setsockopt. Esta llamada al sistema permite la manipulación de varias opciones de un socket IP, el código vulnerable se encuentra concretamente en el manejo de la opción MCAST_MSFILTER. La explotación de esta vulnerabilidad podría permitir a un atacante local conseguir privilegios de root. |
|
Solution |
|
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo. Actualización de software Linux Kernel Linux Kernel 2.4.26 http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.26.tar.gz Linux Kernel 2.6.4 http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.4.tar.gz Mandrake Linux Mandrake Linux 9.1 i386 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/kernel-secure-2.4.21.0.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/RPMS/kernel-source-2.4.21-0.30mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm PPC ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.ppc.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.ppc.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.ppc.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/RPMS/kernel-source-2.4.21-0.30mdk.ppc.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/ppc/9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm Mandrake Linux 9.2 i386 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-enterprise-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-i686-up-4GB-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-p3-smp-64GB-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/RPMS/kernel-source-2.4.22-30mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm AMD64 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.amd64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.amd64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.amd64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/RPMS/kernel-source-2.4.22-30mdk.amd64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/amd64/9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm Mandrake Multi Network Firewall 8.2 i386 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/mnf8.2/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm Mandrake Corporate Server 2.1 i386 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/kernel-2.4.19.40mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/kernel-enterprise-2.4.19.40mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/kernel-smp-2.4.19.40mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/RPMS/kernel-source-2.4.19-40mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm x86_64 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.x86_64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.x86_64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.x86_64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.x86_64.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/x86_64/corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm Mandrakelinux 10.0 i386 ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-2.4.25.4mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-enterprise-2.4.25.4mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-enterprise-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-i686-up-4GB-2.4.25.4mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-i686-up-4GB-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-p3-smp-64GB-2.4.25.4mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-p3-smp-64GB-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-secure-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-smp-2.4.25.4mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-smp-2.6.3.9mdk-1-1mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-source-2.4.25-4mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-source-2.6.3-9mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/RPMS/kernel-source-stripped-2.6.3-9mdk.i586.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/SRPMS/kernel-2.4.25.4mdk-1-1mdk.src.rpm ftp://ftp.proxad.net/pub/Distributions_Linux/Mandrake/official/updates/10.0/SRPMS/kernel-2.6.3.9mdk-1-1mdk.src.rpm SuSe Linux SuSE-9.1 i386 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.4-54.3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.4-54.3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.4-54.3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-syms-2.6.4-54.3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.4-54.3.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.4-54.3.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.4-54.3.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-syms-2.6.4-54.3.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.4-54.3.src.rpm Opteron x86_64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.4-54.3.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.4-54.3.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-syms-2.6.4-54.3.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.4-54.3.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.4-54.3.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-syms-2.6.4-54.3.src.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.4-54.3.src.rpm SuSE-9.0 i386 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-215.src.rpm Opteron x86_64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-215.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-215.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-215.src.rpm SuSE-8.2 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-111.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-111.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-111.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-111.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-111.src.rpm SuSE-8.1 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-215.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-215.src.rpm SuSE-8.0 i386 ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-293.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-293.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-293.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-293.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-293.nosrc.rpm |
|
Standar resources |
|
Property | Value |
CVE | CAN-2004-0424 |
BID | |
Other resources |
|
iSEC Security Advisory http://isec.pl/vulnerabilities/isec-0015-msfilter.txt MandrakeSoft Security Advisory MDKSA-2004:037 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:037 SuSe Security Advisory SuSE-SA:2004:010 http://www.suse.de/de/security/2004_10_kernel.html |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2004-04-22 |
2.0 | Prueba de concepto disponible públicamente | 2004-04-23 |
2.1 | CAN añadido. Advisory emitido por Mandrake. | 2004-04-28 |
2.2 | Aviso emitido por SuSe (SuSE-SA:2004:010) | 2004-05-05 |