|| Hotline : 800 2378 ||  To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu ||  To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||
    Constituency
    Authority
    Vol. 2, Feb 2012
    Vol. 1, Oct 2011
    World CERTs
    Email Abuse
 
 
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University
 
 
 
 
 
 
 
 
 
 
 
 


   
 

CERT-MU AD-2008-18

Multiple Vulnerability in Linux Kernel

Original issue date: 03 October, 2008

Overview

Multiple vulnerabilities have been reported in Linux Kernel which could be exploited by local/remote attacker to cause denial of service attack on the affected system.

Description

1. Linux kernel “SCTP” denial of service vulnerability

A vulnerability has been reported in Stream Control Transmission Protocol (sctp) Linux kernel due to not verify SCTP-AUTH extension is enable before proceeding with SCTP-AUTH API functions in " net/sctp/socket.c" .This vulnerability could be exploited by local attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks..

2. Linux “nfsd system” buffer overflow vulnerability

A vulnerability has been reported in NFSD system. This vulnerability could be exploited by remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl to cause a Buffer overflow attack.

3. Linux kernel “tmpfs” denial of service vulnerability

A vulnerability has been reported in the tmpfs due to error in the tmpfs shmem_delete_inode() function in mm/shmem.c . This vulnerability could be exploited by local attackers vi a the insserv program using a certain sequence of file create, remove, and overwrite operations to cause denial of service.

4. Linux kernel “ Off-by-one ” denial of service vulnerability

A vulnerability has been reported in the Linux kernel due to Off-by-one error in the iov_iter_advance function in mm/filemap.c. This vulnerability could be exploited by local attackers to cause denial of service via a certain sequence of file I/O operations with readv and writev.

Affected systems  

• Linux kernel prior to 2.6.26.3
• Linux kernel prior to 2.6.27 rc1

Impact

Severity Rating: High

Solution

Upgrade to latest versions provided by the vendor
http://www.kernel.org/

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

kernel.org
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4
 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1
 http://www.kernel.org/pub/linux/kernel/v2.6/testing/Change Log-2.6.27-rc2
CVE-Name

CVE-2008-3792
CVE-2008-3915
CVE-2008-3534
CVE-2008-3535

References

IBM ISS X-force
http://xforce.iss.net/xforce/xfdb/45189
http://xforce.iss.net/xforce/xfdb/45055
 http://xforce.iss.net/xforce/xfdb/44489
http://xforce.iss.net/xforce/xfdb/44492

 SecurityFocus
http://www.securityfocus.com/bid/31121
http://www.securityfocus.com/bid/31132
http://www.securityfocus.com/bid/31133
http://www.securityfocus.com/bid/31134

  
 
News & Events
Safer Internet Day 2012
Computer Security Day 2011
Workshop on Cloud Security
Workshop on Mobile Security
Certificate Award Ceremony for Trainings in Information Security Management
  more...
 
Virus Alerts
RSS Feed
Subscribe Mailing List
 
 
 

Last Updated 20-Jul-2011
Disclaimer Maintained & Hosted by NCB
This site is best viewed in 1024 x 768 resolution. Internet Explorer 6.0 +