|
Linux Kernel Potential Denial of Service and Information Disclosure
|
|
Secunia Advisory:
|
SA17114
|
|
|
Release Date:
|
2005-10-11
|
|
Last Update:
|
2005-10-21
|
|
Popularity:
|
10,201 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Security Bypass
Exposure of sensitive information
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Linux Kernel 2.6.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
| | CVE reference: | CVE-2005-3119
CVE-2005-3179
CVE-2005-3180
CVE-2005-3181
|
|
Description:
Two vulnerabilities, a security issue, and a weakness have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, or by malicious people to disclose certain sensitive information.
1) A memory leak in "/security/keys/request_key_auth.c" can potentially be exploited by non-privileged users to cause a DoS.
2) A memory leak exists in "/fs/namei.c" when the CONFIG_AUDITSYSCALL option is enabled. This can potentially be exploited by local users to cause a DoS via an excessive number of system calls.
3) The orinoco wireless driver fails to pad data packets with zeroes when the length needs to be increased. This may cause uninitialized data to be sent, potentially exposing random pieces of the system memory.
4) The "/sys/module/drm/parameters/debug" file is created with world-writable permission in sysfs. This may be exploited by non-privileged users to turn on drm debugging.
Solution:
The vulnerabilities, security issue, and weakness have been fixed in version 2.6.14-rc4 and stable version 2.6.13.4.
Provided and/or discovered by:
2) Robert Derr
3) Meder Kydyraliev
4) alwin
Changelog:
2005-10-12: Added CVE reference. Added information about additional vulnerability.
2005-10-13: Added link to original advisory.
2005-10-19: Stable version 2.6.13.4 released. Updated "Description", "Solution" and "Original Advisory" sections.
2005-10-21: Added CVE reference.
Original Advisory:
Kernel.org
http://www.kernel.org/git/?p=linux/ke...d92c511bd4a0771ac0faaaef38bb1be3a29f6
http://www.kernel.org/git/?p=linux/ke...841146878e082613a49581ae252c071057c23
http://www.kernel.org/git/?p=linux/ke...39bec87ee3e35897fe27441e979e7c208f624
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.14-rc4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.13.4
Meder Kydyraliev:
http://o0o.nu/~meder/o0o_linux_orinoco_driver_info_leak.txt
Gentoo Bugzilla:
http://bugs.gentoo.org/show_bug.cgi?id=107893
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
10th Oct, 2008
|
New advisories:
|
15 |
|
New vulnerabilities:
|
83 |
|
Updated advisories:
|
41 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
