Vulnerability Bulletins

int(1399)

Vulnerability Bulletins

Vulnerabilidad de la función sg_scsi_ioctl del kernel de Linux
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de la visibilidad
Dificulty	Experto
Required attacker level	Acceso remoto con cuenta
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	Linux kernel
Description
Se ha descubierto una vulnerabilidad en la función sg_scsi_ioctl del kernel de Linux. La vulnerabilidad reside en el manejo de valores enteros. La explotación de esta vulnerabilidad podría permitir a un atacante local leer o escribir memoria del kernel.
Solution
Actualización de software Red Hat Linux Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-enterprise-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-i686-up-4GB-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-p3-smp-64GB-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-secure-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-smp-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-source-2.6.3-29mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/kernel-source-stripped-2.6.3-29mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/kernel-2.6.3.29mdk-1-1mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/kernel-2.6.3.29mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/kernel-secure-2.6.3.29mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/kernel-smp-2.6.3.29mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/kernel-source-2.6.3-29mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/kernel-source-stripped-2.6.3-29mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/kernel-2.6.3.29mdk-1-1mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/kernel-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/kernel-i686-up-4GB-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/kernel-p3-smp-64GB-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/kernel-secure-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/kernel-smp-2.6.3.29mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/kernel-2.6.3.29mdk-1-1mdk.src.rpm Mandrakelinux 10.1 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-enterprise-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-i586-up-1GB-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-i686-up-64GB-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-secure-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-smp-2.6.8.1.26mdk-1-1mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-source-2.6-2.6.8.1-26mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-26mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/kernel-2.6.8.1.26mdk-1-1mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kernel-2.6.8.1.26mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kernel-secure-2.6.8.1.26mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kernel-smp-2.6.8.1.26mdk-1-1mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kernel-source-2.6-2.6.8.1-26mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/kernel-source-stripped-2.6-2.6.8.1-26mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/kernel-2.6.8.1.26mdk-1-1mdk.src.rpm
Standar resources
Property	Value
CVE	CAN-2005-0180
BID
Other resources
Red Hat Security Advisory RHSA-2005:092-14 https://rhn.redhat.com/errata/RHSA-2005-092.html Mandriva Security Advisory (MDKSA-2005:218) http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 Mandriva Security Advisory (MDKSA-2005:219) http://www.mandriva.com/security/advisories?name=MDKSA-2005:219

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-02-21
1.1	Aviso emitido por Mandriva (MDKSA-2005:218, MDKSA-2005:219)	2005-12-05

Vulnerability Bulletins

Vulnerabilidad de la función sg_scsi_ioctl del kernel de Linux

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history