Vulnerabilities > CVE-2008-0600 - Code Injection vulnerability in Linux Kernel
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Leverage Executable Code in Non-Executable Files An attack of this type exploits a system's trust in configuration and resource files, when the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high. The attack can be directed at a client system, such as causing buffer overrun through loading seemingly benign image files, as in Microsoft Security Bulletin MS04-028 where specially crafted JPEG files could cause a buffer overrun once loaded into the browser. Another example targets clients reading pdf files. In this case the attacker simply appends javascript to the end of a legitimate url for a pdf (http://www.gnucitizen.org/blog/danger-danger-danger/) http://path/to/pdf/file.pdf#whatever_name_you_want=javascript:your_code_here The client assumes that they are reading a pdf, but the attacker has modified the resource and loaded executable javascript into the client's browser process. The attack can also target server processes. The attacker edits the resource or configuration file, for example a web.xml file used to configure security permissions for a J2EE app server, adding role name "public" grants all users with the public role the ability to use the administration functionality. The server trusts its configuration file to be correct, but when they are manipulated, the attacker gains full control.
- Manipulating User-Controlled Variables This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An attacker can override environment variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the attacker can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.
Exploit-Db
description Linux Kernel 2.6.17 - 2.6.24.1 vmsplice Local Root Exploit. CVE-2008-0009,CVE-2008-0010,CVE-2008-0600. Local exploit for linux platform file exploits/linux/local/5092.c id EDB-ID:5092 last seen 2016-01-31 modified 2008-02-09 platform linux port published 2008-02-09 reporter qaaz source https://www.exploit-db.com/download/5092/ title Linux Kernel 2.6.17 <= 2.6.24.1 - vmsplice Local Root Exploit type local description Linux Kernel 2.6.23 - 2.6.24 vmsplice Local Root Exploit. CVE-2008-0009,CVE-2008-0010,CVE-2008-0600. Local exploit for linux platform file exploits/linux/local/5093.c id EDB-ID:5093 last seen 2016-01-31 modified 2008-02-09 platform linux port published 2008-02-09 reporter qaaz source https://www.exploit-db.com/download/5093/ title Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit type local
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2008-0129.NASL description From Red Hat Security Advisory 2008:0129 : Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 67651 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67651 title Oracle Linux 5 : kernel (ELSA-2008-0129) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0129 and # Oracle Linux Security Advisory ELSA-2008-0129 respectively. # include("compat.inc"); if (description) { script_id(67651); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:07"); script_cve_id("CVE-2008-0600"); script_bugtraq_id(27801); script_xref(name:"RHSA", value:"2008:0129"); script_name(english:"Oracle Linux 5 : kernel (ELSA-2008-0129)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2008:0129 : Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2008-February/000513.html" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); include("ksplice.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); if (get_one_kb_item("Host/ksplice/kernel-cves")) { rm_kb_item(name:"Host/uptrack-uname-r"); cve_list = make_list("CVE-2008-0600"); if (ksplice_cves_check(cve_list)) { audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for ELSA-2008-0129"); } else { __rpm_report = ksplice_reporting_text(); } } kernel_major_minor = get_kb_item("Host/uname/major_minor"); if (empty_or_null(kernel_major_minor)) exit(1, "Unable to determine kernel major-minor level."); expected_kernel_major_minor = "2.6"; if (kernel_major_minor != expected_kernel_major_minor) audit(AUDIT_OS_NOT, "running kernel level " + expected_kernel_major_minor + ", it is running kernel level " + kernel_major_minor); flag = 0; if (rpm_exists(release:"EL5", rpm:"kernel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-PAE-2.6.18") && rpm_check(release:"EL5", cpu:"i386", reference:"kernel-PAE-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-PAE-devel-2.6.18") && rpm_check(release:"EL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-debug-2.6.18") && rpm_check(release:"EL5", reference:"kernel-debug-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-debug-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-debug-devel-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-devel-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-doc-2.6.18") && rpm_check(release:"EL5", reference:"kernel-doc-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-headers-2.6.18") && rpm_check(release:"EL5", reference:"kernel-headers-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-xen-2.6.18") && rpm_check(release:"EL5", reference:"kernel-xen-2.6.18-53.1.13.0.1.el5")) flag++; if (rpm_exists(release:"EL5", rpm:"kernel-xen-devel-2.6.18") && rpm_check(release:"EL5", reference:"kernel-xen-devel-2.6.18-53.1.13.0.1.el5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "affected kernel"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-043.NASL description A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected. To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate last seen 2020-06-01 modified 2020-06-02 plugin id 36383 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36383 title Mandriva Linux Security Advisory : kernel (MDVSA-2008:043) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2008:043. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(36383); script_version ("1.16"); script_cvs_date("Date: 2019/08/02 13:32:50"); script_cve_id("CVE-2008-0009", "CVE-2008-0010", "CVE-2008-0600"); script_xref(name:"MDVSA", value:"2008:043"); script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2008:043)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected. To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(20, 94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-doc-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-doc-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-legacy-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-legacy-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-stripped-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-xen0-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-xen0-latest"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-xenU-2.6.17.17mdv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-xenU-latest"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007.1"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.0", reference:"kernel-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"kernel-doc-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"kernel-enterprise-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", cpu:"i386", reference:"kernel-legacy-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"kernel-source-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"kernel-source-stripped-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"kernel-xen0-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.0", reference:"kernel-xenU-2.6.17.17mdv-1-1mdv2007.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-doc-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-doc-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"kernel-enterprise-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"kernel-enterprise-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"kernel-legacy-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", cpu:"i386", reference:"kernel-legacy-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-source-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-source-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-source-stripped-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-source-stripped-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-xen0-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-xen0-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-xenU-2.6.17.17mdv-1-1mdv2007.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2007.1", reference:"kernel-xenU-latest-2.6.17-17mdv", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-4987.NASL description This kernel update fixes the following security problems : - CVE-2008-0600: A local privilege escalation was found in the vmsplice_pipe system call, which could be used by local attackers to gain root access. - CVE-2007-6151: The isdn_ioctl function in isdn_common.c allowed local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. last seen 2020-06-01 modified 2020-06-02 plugin id 31090 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31090 title openSUSE 10 Security Update : kernel (kernel-4987) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update kernel-4987. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(31090); script_version ("1.13"); script_cvs_date("Date: 2019/10/25 13:36:32"); script_cve_id("CVE-2007-6151", "CVE-2008-0600"); script_name(english:"openSUSE 10 Security Update : kernel (kernel-4987)"); script_summary(english:"Check for the kernel-4987 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This kernel update fixes the following security problems : - CVE-2008-0600: A local privilege escalation was found in the vmsplice_pipe system call, which could be used by local attackers to gain root access. - CVE-2007-6151: The isdn_ioctl function in isdn_common.c allowed local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow." ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94, 119); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-bigsmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kdump"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xenpae"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.2", reference:"kernel-bigsmp-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-default-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-kdump-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-source-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-syms-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-xen-2.6.18.8-0.9") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"kernel-xenpae-2.6.18.8-0.9") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-bigsmp / kernel-default / kernel-kdump / kernel-source / etc"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0129.NASL description Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 31086 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31086 title RHEL 5 : kernel (RHSA-2008:0129) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0129. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(31086); script_version ("1.27"); script_cvs_date("Date: 2019/10/25 13:36:13"); script_cve_id("CVE-2008-0600"); script_bugtraq_id(27801); script_xref(name:"RHSA", value:"2008:0129"); script_name(english:"RHEL 5 : kernel (RHSA-2008:0129)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2008-0600" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2008:0129" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); include("ksplice.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (get_one_kb_item("Host/ksplice/kernel-cves")) { rm_kb_item(name:"Host/uptrack-uname-r"); cve_list = make_list("CVE-2008-0600"); if (ksplice_cves_check(cve_list)) { audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2008:0129"); } else { __rpm_report = ksplice_reporting_text(); } } yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2008:0129"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", reference:"kernel-doc-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"kernel-headers-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-headers-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-headers-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-53.1.13.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc"); } }NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2008-0129.NASL description Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 31054 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31054 title CentOS 5 : kernel (CESA-2008:0129) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0129 and # CentOS Errata and Security Advisory 2008:0129 respectively. # include("compat.inc"); if (description) { script_id(31054); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:04"); script_cve_id("CVE-2008-0600"); script_bugtraq_id(27801); script_xref(name:"RHSA", value:"2008:0129"); script_name(english:"CentOS 5 : kernel (CESA-2008:0129)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue." ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014684.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?56dd3070" ); # https://lists.centos.org/pipermail/centos-announce/2008-February/014685.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fae0389b" ); script_set_attribute( attribute:"solution", value:"Update the affected kernel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-5", reference:"kernel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-devel-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-doc-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-headers-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-xen-2.6.18-53.1.13.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"kernel-xen-devel-2.6.18-53.1.13.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-devel / kernel-doc / etc"); }NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2008-042-01.NASL description New kernel packages are available for Slackware 12.0, and -current to fix a local root exploit. last seen 2020-06-01 modified 2020-06-02 plugin id 31027 published 2008-02-12 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31027 title Slackware 12.0 / current : kernel exploit fix (SSA:2008-042-01) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2008-042-01. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(31027); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:21"); script_cve_id("CVE-2008-0010", "CVE-2008-0163", "CVE-2008-0600"); script_xref(name:"SSA", value:"2008-042-01"); script_name(english:"Slackware 12.0 / current : kernel exploit fix (SSA:2008-042-01)"); script_summary(english:"Checks for updated packages in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "New kernel packages are available for Slackware 12.0, and -current to fix a local root exploit." ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.562341 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?464b58b9" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(20, 59, 94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-generic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-huge"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-modules"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-source"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/02/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/02/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"12.0", pkgname:"kernel-generic", pkgver:"2.6.21.5", pkgarch:"i486", pkgnum:"2_slack12.0")) flag++; if (slackware_check(osver:"12.0", pkgname:"kernel-generic-smp", pkgver:"2.6.21.5_smp", pkgarch:"i686", pkgnum:"2_slack12.0")) flag++; if (slackware_check(osver:"12.0", pkgname:"kernel-huge", pkgver:"2.6.21.5", pkgarch:"i486", pkgnum:"2_slack12.0")) flag++; if (slackware_check(osver:"12.0", pkgname:"kernel-huge-smp", pkgver:"2.6.21.5_smp", pkgarch:"i686", pkgnum:"2_slack12.0")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-generic", pkgver:"2.6.23.16", pkgarch:"i486", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-generic-smp", pkgver:"2.6.23.16_smp", pkgarch:"i686", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-headers", pkgver:"2.6.23.16_smp", pkgarch:"i386", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-huge", pkgver:"2.6.23.16", pkgarch:"i486", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-huge-smp", pkgver:"2.6.23.16_smp", pkgarch:"i686", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-modules", pkgver:"2.6.23.16", pkgarch:"i486", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-modules-smp", pkgver:"2.6.23.16_smp", pkgarch:"i686", pkgnum:"1")) flag++; if (slackware_check(osver:"current", pkgname:"kernel-source", pkgver:"2.6.23.16_smp", pkgarch:"noarch", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2008-2002.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - [x86_64] kernel vmsplice_to_pipe flaw (Alexander Viro) [432252] (CVE-2008-0600) last seen 2020-06-01 modified 2020-06-02 plugin id 79445 published 2014-11-26 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79445 title OracleVM 2.1 : kernel (OVMSA-2008-2002) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The package checks in this plugin were extracted from OracleVM # Security Advisory OVMSA-2008-2002. # include("compat.inc"); if (description) { script_id(79445); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:06"); script_cve_id("CVE-2008-0600"); script_bugtraq_id(27801); script_name(english:"OracleVM 2.1 : kernel (OVMSA-2008-2002)"); script_summary(english:"Checks the RPM output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote OracleVM host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote OracleVM system is missing necessary patches to address critical security updates : - [x86_64] kernel vmsplice_to_pipe flaw (Alexander Viro) [432252] (CVE-2008-0600)" ); # https://oss.oracle.com/pipermail/oraclevm-errata/2008-March/000001.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?e091bf5a" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_cwe_id(94); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-BOOT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-BOOT-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-ovs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:kernel-ovs-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:ocfs2-2.6.18-8.1.6.0.20.el5BOOT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:vm:ocfs2-2.6.18-8.1.6.0.20.el5ovs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:vm_server:2.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/02/12"); script_set_attribute(attribute:"patch_publication_date", value:"2008/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"OracleVM Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleVM/release", "Host/OracleVM/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/OracleVM/release"); if (isnull(release) || "OVS" >!< release) audit(AUDIT_OS_NOT, "OracleVM"); if (! preg(pattern:"^OVS" + "2\.1" + "(\.[0-9]|$)", string:release)) audit(AUDIT_OS_NOT, "OracleVM 2.1", "OracleVM " + release); if (!get_kb_item("Host/OracleVM/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "OracleVM", cpu); flag = 0; if (rpm_check(release:"OVS2.1", reference:"kernel-BOOT-2.6.18-8.1.6.0.20.el5")) flag++; if (rpm_check(release:"OVS2.1", reference:"kernel-BOOT-devel-2.6.18-8.1.6.0.20.el5")) flag++; if (rpm_check(release:"OVS2.1", reference:"kernel-ovs-2.6.18-8.1.6.0.20.el5")) flag++; if (rpm_check(release:"OVS2.1", reference:"kernel-ovs-devel-2.6.18-8.1.6.0.20.el5")) flag++; if (rpm_check(release:"OVS2.1", reference:"ocfs2-2.6.18-8.1.6.0.20.el5BOOT-1.2.7-1.el5")) flag++; if (rpm_check(release:"OVS2.1", reference:"ocfs2-2.6.18-8.1.6.0.20.el5ovs-1.2.7-1.el5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-BOOT / kernel-BOOT-devel / kernel-ovs / kernel-ovs-devel / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-4986.NASL description This kernel update fixes the following security problems : - CVE-2008-0600: A local privilege escalation was found in the vmsplice_pipe system call, which could be used by local attackers to gain root access. - CVE-2007-6206: Core dumps from root might be accessible to the wrong owner. And the following bugs (numbers are https://bugzilla.novell.com/ references) : - Update to minor kernel version 2.6.22.17 - networking bugfixes - contains the following patches which were removed : - patches.arch/acpica-psd.patch - patches.fixes/invalid-semicolon - patches.fixes/nopage-range-fix.patch - patches.arch/acpi_thermal_blacklist_add_r50p.patch: Avoid critical temp shutdowns on specific Thinkpad R50p (https://bugzilla.novell.com/show_bug.cgi?id=333043). - Update config files. CONFIG_USB_DEBUG in debug kernel - patches.rt/megasas_IRQF_NODELAY.patch: Convert megaraid sas IRQ to non-threaded IRQ (337489). - patches.drivers/libata-implement-force-parameter added to series.conf. - patches.xen/xen3-fixup-arch-i386: xen3 i386 build fixes. - patches.xen/xenfb-module-param: Re: Patching Xen virtual framebuffer. last seen 2020-06-01 modified 2020-06-02 plugin id 31089 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31089 title openSUSE 10 Security Update : kernel (kernel-4986) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-044.NASL description The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third-party information. (CVE-2007-5500) The tcp_sacktag_write_queue function in the Linux kernel 2.6.21 through 2.6.23.7 allowed remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference (CVE-2007-5501). The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information (CVE-2007-6206). VFS in the Linux kernel before 2.6.22.16 performed tests of access mode by using the flag variable instead of the acc_mode variable, which could possibly allow local users to bypass intended permissions and remove directories (CVE-2008-0001). The Linux kernel prior to 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allowed local users to access kernel memory via an out-of-range offset (CVE-2008-0007). A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges (CVE-2008-0600). Mandriva urges all users to upgrade to these new kernels immediately as the CVE-2008-0600 flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected. Additionally, this kernel updates the version from 2.6.22.12 to 2.6.22.18 and fixes numerous other bugs, including : - fix freeze when ejecting a cm40x0 PCMCIA card - fix crash on unloading netrom - fixes alsa-related sound issues on Dell XPS M1210 and M1330 models - the HZ value was increased on the laptop kernel to increase interactivity and reduce latency - netfilter ipset, psd, and ifwlog support was re-enabled - unionfs was reverted to a working 1.4 branch that is less buggy To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate last seen 2020-06-01 modified 2020-06-02 plugin id 36924 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36924 title Mandriva Linux Security Advisory : kernel (MDVSA-2008:044) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1494.NASL description The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges (CVE-2008-0010, CVE-2008-0600 ). In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers (CVE-2008-0163 ). last seen 2020-06-01 modified 2020-06-02 plugin id 31028 published 2008-02-12 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31028 title Debian DSA-1494-2 : linux-2.6 - missing access checks NASL family Scientific Linux Local Security Checks NASL id SL_20080212_KERNEL_ON_SL5_X.NASL description A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) There is a public available exploit for this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 60358 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60358 title Scientific Linux Security Update : kernel on SL5.x i386/x86_64 NASL family Fedora Local Security Checks NASL id FEDORA_2008-1629.NASL description CVE-2008-0600 fix (bug #432517) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31078 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31078 title Fedora 7 : kernel-xen-2.6-2.6.21-7.fc7 (2008-1629) NASL family Fedora Local Security Checks NASL id FEDORA_2008-1433.NASL description CVE-2008-0600 fix (bug #432517) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31059 published 2008-02-14 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31059 title Fedora 8 : kernel-xen-2.6-2.6.21-2957.fc8 (2008-1433) NASL family Fedora Local Security Checks NASL id FEDORA_2008-1423.NASL description Update to Linux kernel 2.6.23.15: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.15 Fix vmsplice local root vulnerability: CVE-2008-0009: Fixed by update to 2.6.23.15. CVE-2008-0010: Fixed by update to 2.6.23.15. CVE-2008-0600: Extra fix from upstream applied. Fix memory leak in netlabel code. Work around broken Seagate LBA48 disks. (#429364) Fix futex oops on uniprocessor machine. (#429412) Add support for new Macbook touchpads. (#426574) Fix the initio driver broken in 2.6.23. (#390531) Fix segfaults from using vdso=2. (#427641) FireWire updates, fixing multiple problems. (#429598) ACPI: fix multiple problems with brightness controls (#427518) Fix Megahertz PCMCIA Ethernet adapter (#233255) Fix oops in netfilter. (#430663) ACPI: fix early init of EC (#426480) ALSA: fix audio on some systems with STAC codec (#431360) Atheros L2 fast Ethernet driver (atl2) for ASUS Eeepc. ASUS Eeepc ACPI hotkey driver. Wireless driver updates from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31030 published 2008-02-12 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31030 title Fedora 8 : kernel-2.6.23.15-137.fc8 (2008-1423) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-577-1.NASL description Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers. A local attacker could exploit this to overwrite arbitrary kernel memory and gain root privileges. (CVE-2008-0600). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31092 published 2008-02-14 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31092 title Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerability (USN-577-1) NASL family Fedora Local Security Checks NASL id FEDORA_2008-1422.NASL description Update to Linux kernel 2.6.23.15: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.15 Fix vmsplice local root vulnerability: CVE-2008-0009: Fixed by update to 2.6.23.15. CVE-2008-0010: Fixed by update to 2.6.23.15. CVE-2008-0600: Extra fix from upstream applied. Fix memory leak in netlabel code (#352281) Autoload the Dell dcdbas driver like in F8 (#326041) Work around broken Seagate LBA48 disks. (F8#429364) Fix futex oops on uniprocessor machine. (F8#429412) Add support for new Macbook touchpads. (F8#426574) Fix the initio driver broken in 2.6.23. (F8#390531) Fix segfaults from using vdso=2. (F8#427641) FireWire updates, fixing multiple problems. ACPI: fix multiple problems with brightness controls (F8#427518) Wireless driver updates from upstream. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 31029 published 2008-02-12 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31029 title Fedora 7 : kernel-2.6.23.15-80.fc7 (2008-1422) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5339.NASL description This kernel update fixes the following security problems: CVE-2008-2136: A problem in SIT IPv6 tunnel handling could be used by remote attackers to immediately crash the machine. CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. CVE-2008-2148: The permission checking in sys_utimensat was incorrect and local attackers could change the filetimes of files they do not own to the current time. CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. CVE-2008-1375: Fixed a dnotify race condition, which could be used by local attackers to potentially execute code. CVE-2007-6282: A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets (default filtered by the firewall). CVE-2008-1367: Clear the last seen 2020-06-01 modified 2020-06-02 plugin id 33253 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33253 title openSUSE 10 Security Update : kernel (kernel-5339)
Oval
| accepted | 2013-04-29T04:13:30.467-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:11358 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
| title | The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010. | ||||||||||||
| version | 18 |
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 27801 CVE(CAN) ID: CVE-2008-0600 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的实现上存在漏洞,本地攻击者可能利用此漏洞提升自己的权限。 Linux Kernel的fs/splice.c文件中的vmsplice_to_pipe没有正确地验证某些用户域指针,这允许本地攻击者通过特制的vmsplice系统调用获得root用户权限提升。 Linux kernel 2.6.17 - 2.6.24.1 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1494-2)以及相应补丁: DSA-1494-2:New linux-2.6 packages fix privilege escalation 链接:<a href=http://www.debian.org/security/2008/dsa-1494 target=_blank>http://www.debian.org/security/2008/dsa-1494</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.diff.gz target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.diff.gz</a> Size/MD5 checksum: 5379550 6a28d0278e4abe270c0c1f69ed463b9c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.dsc target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-18etch1.dsc</a> Size/MD5 checksum: 5680 684a9ddb3b6975ce30764b26377f9162 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz</a> Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060 <a href=http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1.dsc target=_blank>http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1.dsc</a> Size/MD5 checksum: 740 42ad7f3b4925c86466a12f6af1f60d34 <a href=http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1.tar.gz target=_blank>http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1.tar.gz</a> Size/MD5 checksum: 56178 1d940e99b60ea13d97af2a2c7091b7ca <a href=http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1.dsc target=_blank>http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1.dsc</a> Size/MD5 checksum: 892 a316e3449f9cd0bbf497ad704c1d78ec <a href=http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1.diff.gz target=_blank>http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1.diff.gz</a> Size/MD5 checksum: 16048 b62c78f80dbe59c81827b4d7cf1c3997 <a href=http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz</a> Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582 Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 3753320 1e23b46c2d099b80cc0502c1ebb72e1b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 53924 5bd9cd783c6e8fdc37ccfe767578616d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 1582740 8f6c460f657f081dcb367688ddf695a7 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 42181646 6d8046bfab1037093850d4194ab7e205 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 1105710 744ef385a2799906634ea3bb0c96e481 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch1_all.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-6_2.6.18.dfsg.1-18etch1_all.deb</a> Size/MD5 checksum: 3736216 ca1179eeb523abe2ec79d32c6291b21f alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 3027008 58817d16f3a96938ce15165feab3df05 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 53432 6a4fa9d91e94001156df2fc0b2734881 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 53458 dd653b1cd4270d660fa397604ddee9d2 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 266170 221de745eb1b57fd2994822cf41b1aa4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 266486 0f72f068044bfa6d94affaf9329f6208 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 265630 aee9d2a87dadb3ca5b3ca5f05b0a1427 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 3050962 7f0cba3e1da1d554877fe71748675ff3 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 266840 456d1471ee10e314276f45b26174b10d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 23490812 cb4bc1a4c532173af1731fca79e721db <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 23469638 c16005b855758657c515df4968476699 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 23843418 a3deed56c7f65efc99fca3c80a0caa88 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-18etch1_alpha.deb</a> Size/MD5 checksum: 23535814 9d284588da0acfb391f15c307b7329be AMD64 architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 3224978 8d7e1cfff6006f38972cb73fe92501c7 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 53426 56d2366d6417b28cb9e8160a81cc530e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 53452 e1e93e54c0a89dc846a23f22d3107758 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 274128 9069b9a2f7d63ec555ded35041574afc <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 3249644 8fc467cf40d99c4d0d9c7cee5b350ed8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 274384 22a5f1bbcdea0543ccab87bf35e2b0ae <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 3394088 3a84135fbc74c45d4b725add41f3c7b5 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 274824 d75a7ae583f4dc2f689a361c66995274 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 3418196 57a52cd8359988c8536c542e36335bef <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 274928 4ef9ee65a61c3069fa5e1ec26daf0fc4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 16909236 af6e7ff6e6cbb016bf6ff224c8819706 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 16946162 cef425d442bcd009feadbd75b5f67b01 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 1650400 31a44d5fe186084528c494aeb6bf4e57 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 1682468 d5661572d7f608177e6a808d6eea7fd3 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 15348084 7f6ef2c74aad2a8e7bdaff7f10ec1ce2 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 15364328 a459d8f359ccb91592e04efc63a218c8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 53410 7984a6fbe17ddded4c4b195eeec275da <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-18etch1_amd64.deb</a> Size/MD5 checksum: 53424 572285472f4fd6d85daa5b942f592f57 <a href=http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_amd64.deb</a> Size/MD5 checksum: 5959872 ef2a13197b89ccb3e66a9a142717364c ARM architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 3409656 ce344f82d018ccc34a92e5a780245b2e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 53434 ec61a5e5165024f292b137635926f08a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 53476 47162b2a03a9ad055977aa4d27cd740a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 233036 132b09dfa75cbb20423f3bb6c275594b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 233220 d5215cbb53b9c184cebfc5dc72893ccb <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 238610 59e6e33844d825f74d82f8dba48cb1e8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 198024 8c36716f4c60229367a105b7e4325212 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 203280 11631f48347e60f5af0158cdc1f8075d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 7565524 a2a286b0690c23f4ec56c856fcff80d4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 7923878 1d9b28341eae31755932c159b5892ef8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 8869840 16111d3e7373c7d15eb288378bcc2a8b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 4585922 14cf94060a4f6c42937b1ebda0280d0a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch1_arm.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-18etch1_arm.deb</a> Size/MD5 checksum: 5008784 72c61e5a9f0c087187a8d55f95c66d04 HP Precision architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 2966804 9878c4fc905f44cb03698d72cb577621 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 53416 267f86fe61fb423690cec3c837f1028a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 53442 764739999cea691ce14279402b23b8d7 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 190454 12789846b0987044824d2da63bdcf9f5 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 191232 d8163b5e52fff76ec436bb313a6c033b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 191024 9271b455d26056b166b1ca07ca4424ef <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 191626 59bc531ddc818f74b1477896cdf156cd <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 10500128 ff5b25972c384606f947f177429a7a5c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 10943960 f05d34a5dd6f432d857d1bc79d996f39 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 11352084 ad8ae1755cbf880f19c7ab679b037aea <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch1_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-18etch1_hppa.deb</a> Size/MD5 checksum: 11757822 a32096a8070842fda4ea19a64e1e9fed Intel IA-32 architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 3225042 4218e0f0e5c5fe639d3f2c19e85ae688 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 285462 eea7c9d02758a2a28b326041a858a3d0 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 282480 87f961c91c166aea7eb1cf1f5c79c6a3 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 282854 df89a9f4d1e7ce9f8ac8ab9604f4a8aa <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 53420 4abb1004d25c2895562ec803f5b6b9ac <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 53478 3bde467e3fd60b4cdd8f3ab6b4820e53 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 274154 10dda65c9444d16293f7ce3010059d13 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 283276 24c807eccc8b14e48ce58f6c1cfaf8b0 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 3111440 e3a2ed1994c5388e4adcf5da39107104 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 281034 2601cd40d0e4de13b40e295fbba6857a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 281192 028f100550c07558c8657ee12236e555 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 3206820 da840b21564212553039e487a41c3e4a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 274194 d208d7319b225265a9cd8a7cde545a1c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 3230848 ce365b29e4885c42d2ac40f380fb49b4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 274398 7ef59e558b2fc9da773a6fd66e8df087 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16307210 1fbf35f84845b3b8cc9336827794a028 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16452102 df37f1243a791a6fa2cd2317bfd7ae1c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16528368 60e83ef38f8a96a61d4ca271a393a770 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16916628 dd59564026f36522ae510be3937fb07c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16585538 e7784fc3ebb5a4ddc7b0cb4ff0728736 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16498152 b2475f60454170db949b306a77805918 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 16628086 65db69728829d1c1921e65af1aa2b449 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 1298914 46e398fa8d60075c456e6f95b60b46bd <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 1326272 a047520d88897840b5697fb8c5232a99 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 14370222 f8fffe8f30b2422723063fb8121656ab <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 14382584 30bca3849a67bd23ded608771fa4f7b4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 53406 89ec585789ffdd7c48daffbf7a3dd439 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-18etch1_i386.deb</a> Size/MD5 checksum: 53422 a7438e4cae438b3f7ecd073a33c41c0b <a href=http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_i386.deb</a> Size/MD5 checksum: 5503064 f19755f1460aadb94f355e4b601e90e5 <a href=http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1_i386.deb target=_blank>http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.18etch1_i386.deb</a> Size/MD5 checksum: 25585940 1d2290c410d6d56c0e698f217ddb1dc6 Intel IA-64 architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 3081188 d437965a91ae9ac56952997e2d33ad0b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 53420 2033b801dd14b62f8be443121002d527 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 53440 e6b5b2bf1103a890c0ea905122dd024e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 254800 c0b112b2a6e1530acc82951eb49518f9 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 254700 8d8700caa62359fc3e47f1053e035e77 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 28013704 f83e98bc516b724786d9e85450a0ec2f <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-18etch1_ia64.deb</a> Size/MD5 checksum: 28180622 892500c8c8c370071071dcdf21e0a58c Big endian MIPS architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 3412428 d0abc1f68c5dcf86d12dd89b636744e3 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 53428 ed744a8af5a2d4aa5f4d1efdcb34ac88 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 53480 b6231a763d53c20905d4ad4be7c9199e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 153598 241098dc798f9daadf5cb7540e0c722d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 162206 2995b5d456a77a73dddac23bb93579cf <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 166464 4cfee28543a7d5d87dc97e81b3ee4e7f <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 186236 e0ea496e319ba5a6bb96158dfb095dfb <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 185976 fef8110dd77f90dd9d20897a6ffce64a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 6125364 21b89e3ceb419401eba149c2071499af <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 8307650 67e035e6444f296510d4be8455a69321 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 9074780 efaa558418909d4dadf02726edf717e4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 15678520 ba084d91886dbb913a64dc39f9f0604e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mips.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mips.deb</a> Size/MD5 checksum: 15653180 83d666463b781dd56fb9b4ee75dc5aa3 Little endian MIPS architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 3349366 54ede4ebe4c475f818adbb9f9b557a82 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 53420 d846a319d6d7cdbf13c35d105915df6e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 53480 7e7bec6082a7ce3890521658d551d55c <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 149410 bc8196003bc11f0a3d0b369ca49d6147 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 155242 b448b722ed93eda5dc943d18eca1347d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 155274 8457b39ace9a0f22ebae206b16c1b4fe <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 177718 5a9aea936081ad389308b073d9f699c9 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 182328 5d4916cba7a5545f34725dbab6b5d66b <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 182032 fdbce00701e0fa314ea7581687ed2508 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 6027142 4552b40ffab584bf1a6b82c786f7a3f1 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 5940884 123504ffec96ffb497c0aa86bd96145d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 5925822 904ca2bf1f31df74032782aee24bfbe9 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 9862730 fb44861726c3dd6c49981962b0e75345 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 15052630 96c064be52760122fd78cedb106cdf5e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-18etch1_mipsel.deb</a> Size/MD5 checksum: 15028652 c265e988c734f5622e462ffaa955182d PowerPC architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 3391566 f6cf26bd757d1970043d1ea811eb6ea2 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 53424 d6b1b6643b60c2cf52de77fbfaa73322 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 53472 7d38034c2ed8b6e413460726456b0511 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 250524 784f7accc7ecc32e4611e98d9c187764 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 228658 2ae8d9ad2112a8d72198fcf2e9cc51c0 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 251470 06c84ff8ae37d7dbc3a97f77c14b22d1 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 251880 ff0b77479f8c25db4fc98eec75d00949 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 245396 58eb019d0d2d1220103dda9dc402f46a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 3413854 236195a1d6538e9f645ba5ef1844da28 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 252636 0704bb1ab645a919ef95ec8c44cd69df <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 252980 c3ce872d9cc422d67173864e9aed8d22 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 16625424 28d1539a85a973cda7805c21d443f2fb <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 15156612 e938711b4fedaf5697062624bca57979 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 16966834 7e8d5e72abac6e1a01f4f33ca9067e5a <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 18292932 80f17d2e9f76624a6314a91406222e82 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 16401030 2a725fce0170558aa49d3c1774616877 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 17016116 9a74fc1f8f195991606ca3368b778ce4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-18etch1_powerpc.deb</a> Size/MD5 checksum: 18347202 a5e5c517ce29c949d8fcf7da33a6cf54 <a href=http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.18etch1_powerpc.deb</a> Size/MD5 checksum: 3366334 479ac86885e04760b92b512e171e7eb0 IBM S/390 architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 2942294 5001340969644792fc29d3747a4797f8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 53418 aabcb9e7514f03258c0316b3b2ef45f3 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 53436 46ce3c7f73df4137cdb772470b68a5a7 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 142562 00777b961f7edd8e6188bff95eddb485 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 142998 679ee41aff912fa8ef11a6ff635b3081 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 2965340 8dc36dfb19566dd1d33f6772f3d989ce <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 143856 9c1af4e31e728c477b1a2ff2bd2e5584 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 5401206 d90ae8bb83a230e16c5caf4ec4587429 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 1437980 030e11553c2b6713e63b55b1431b2ac5 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 5619132 83aac920b1b9de8e5811ce9af5005744 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-18etch1_s390.deb</a> Size/MD5 checksum: 5661404 97c3bae25cf2e1f52620293ea821e884 Sun Sparc architecture: <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 3167368 79420add5efa5e0a629e153441d0973d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 53412 7498e949bbf468adf1a738d9428cc5ec <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 53444 4120e1f2e95b06b45d8d99ae0c90ffd4 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 164418 7da5dd792865b08f2422e67d3f24c2d9 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 193702 8bfb928e318e553063e358aa6e143895 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 194110 e2a814379afab4316b779b58b1d56c7d <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 3189710 fa05c7cc8aafef2b9c0d9a10eca9314e <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 194634 c296eeb3746d0c544e993ab3b0c0d2e8 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 6410380 b78a7576b56b3bfebbece6bbbd9681da <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 10389804 98197dd18310d2c3df4d3f35709fd133 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 10647366 201188cd730d7e8bd1867f7a138d0ef6 <a href=http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-18etch1_sparc.deb</a> Size/MD5 checksum: 10690824 b4e60ee25ff43212b942ab92ba19c43c 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.24.2.tar.gz target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.24.2.tar.gz</a> RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2008:0129-01)以及相应补丁: RHSA-2008:0129-01:Important: kernel security update 链接:<a href=https://www.redhat.com/support/errata/RHSA-2008-0129.html target=_blank>https://www.redhat.com/support/errata/RHSA-2008-0129.html</a> |
| id | SSV:2922 |
| last seen | 2017-11-19 |
| modified | 2008-02-22 |
| published | 2008-02-22 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-2922 |
| title | Linux Kernel vmsplice_to_pipe()本地权限提升漏洞 |
Statements
| contributor | Mark J Cox |
| lastmodified | 2008-02-13 |
| organization | Red Hat |
| statement | This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4. Updated kernel packages are available to correct this issue for Red Hat Enterprise Linux 5: https://rhn.redhat.com/errata/RHSA-2008-0129.html |
References
- http://marc.info/?l=linux-kernel&m=120264773202422&w=2
- http://marc.info/?l=linux-kernel&m=120263652322197&w=2
- http://marc.info/?l=linux-kernel&m=120264520431307&w=2
- http://marc.info/?l=linux-kernel&m=120266328220808&w=2
- http://marc.info/?l=linux-kernel&m=120266353621139&w=2
- http://wiki.rpath.com/Advisories:rPSA-2008-0052
- http://www.debian.org/security/2008/dsa-1494
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00254.html
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00255.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:043
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:044
- http://www.redhat.com/support/errata/RHSA-2008-0129.html
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00005.html
- http://www.ubuntu.com/usn/usn-577-1
- http://www.securityfocus.com/bid/27704
- http://secunia.com/advisories/28835
- http://secunia.com/advisories/28858
- http://secunia.com/advisories/28875
- http://secunia.com/advisories/28896
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0052
- https://bugzilla.redhat.com/show_bug.cgi?id=432229
- https://bugzilla.redhat.com/show_bug.cgi?id=432517
- https://issues.rpath.com/browse/RPL-2237
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00270.html
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00485.html
- http://securitytracker.com/id?1019393
- http://secunia.com/advisories/28889
- http://secunia.com/advisories/28912
- http://secunia.com/advisories/28925
- http://secunia.com/advisories/28933
- http://secunia.com/advisories/28937
- http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00002.html
- http://www.securityfocus.com/bid/27801
- http://secunia.com/advisories/29245
- http://secunia.com/advisories/30818
- http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00006.html
- http://www.vupen.com/english/advisories/2008/0487/references
- https://www.exploit-db.com/exploits/5092
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11358
- http://www.securityfocus.com/archive/1/488009/100/0/threaded