Vulnerabilities > CVE-2008-1673 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2008-5308.NASL description Update to kernel 2.6.25.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. Bugs fixed: 447518 - Call to capget() overflows buffers 448056 - applesmc filling log file 450191 - DMA mode disabled for DVD drive, reverts to PIO4 439197 - thinkpad x61t crash when undocking 445761 - MacBook4,1 keyboard and trackpad do not work properly 447812 - Netlink messages from last seen 2020-06-01 modified 2020-06-02 plugin id 33182 published 2008-06-16 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33182 title Fedora 9 : kernel-2.6.25.6-55.fc9 (2008-5308) NASL family SuSE Local Security Checks NASL id SUSE_11_0_KERNEL-080822.NASL description The openSUSE 11.0 kernel was updated to 2.6.25.16. It fixes various stability bugs and also security bugs. CVE-2008-1673: Fixed the range checking in the ASN.1 decoder in NAT for SNMP and CIFS, which could have been used by a remote attacker to crash the machine. CVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 40009 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40009 title openSUSE Security Update : kernel (kernel-171) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1592.NASL description Two vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1673 Wei Wang from McAfee reported a potential heap overflow in the ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem. Exploitation of this issue may lead to arbitrary code execution. This issue is not believed to be exploitable with the pre-built kernel images provided by Debian, but it might be an issue for custom images built from the Debian-provided source package. - CVE-2008-2358 Brandon Edwards of McAfee Avert labs discovered an issue in the DCCP subsystem. Due to missing feature length checks it is possible to cause an overflow that may result in remote arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 33173 published 2008-06-16 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33173 title Debian DSA-1592-1 : linux-2.6 - heap overflow NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5700.NASL description The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes. CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack. CVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile. CVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. CVE-2008-3525: Added missing capability checks in sbni_ioctl(). CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. CVE-2008-3276: An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. An attacker may leverage this vulnerability to trigger a kernel panic on a victim last seen 2020-06-01 modified 2020-06-02 plugin id 34457 published 2008-10-21 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34457 title openSUSE 10 Security Update : kernel (kernel-5700) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5566.NASL description This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbni_ioctl(). (CVE-2008-3525) - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598) - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673) - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. (CVE-2008-3272) - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. (CVE-2008-3275) - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931) - Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. (CVE-2008-2812) last seen 2020-06-01 modified 2020-06-02 plugin id 34331 published 2008-10-02 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34331 title SuSE 10 Security Update : the Linux Kernel (x86) (ZYPP Patch Number 5566) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-113.NASL description A vulnerability was discovered and corrected in the Linux 2.6 kernel : The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate last seen 2020-06-01 modified 2020-06-02 plugin id 36625 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/36625 title Mandriva Linux Security Advisory : kernel (MDVSA-2008:113) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5608.NASL description This update of the SUSE Linux Enterprise 10 Service Pack 1 kernel contains lots of bugfixes and several security fixes : - Added missing capability checks in sbni_ioctl(). (CVE-2008-3525) - On AMD64 some string operations could leak kernel information into userspace. (CVE-2008-0598) - Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. (CVE-2008-1673) - Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. (CVE-2008-3272) - Fixed a memory leak when looking up deleted directories which could be used to run the system out of memory. (CVE-2008-3275) - The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. (CVE-2008-2931) - Various NULL ptr checks have been added to the tty ops functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. (CVE-2008-2812) last seen 2020-06-01 modified 2020-06-02 plugin id 59131 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59131 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5608) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5565.NASL description This kernel security update fixes lots of bugs and some last seen 2020-06-01 modified 2020-06-02 plugin id 41534 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/41534 title SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5565) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5473.NASL description This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally. This kernel update fixes the following security problems : - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372) - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. (CVE-2008-1673) - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812) - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931) Additionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages. OCFS2 has been upgraded to the 1.4.1 release : - Endian fixes - Use slab caches for DLM objects - Export DLM state info to debugfs - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes - Error handling fix in ocfs2_start_walk_page_trans() - Cleanup lockres printing - Allow merging of extents - Fix to allow changing permissions of symlinks - Merged local fixes upstream (no code change) last seen 2020-06-01 modified 2020-06-02 plugin id 41533 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41533 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5473) NASL family Fedora Local Security Checks NASL id FEDORA_2008-5454.NASL description Update to kernel 2.6.25.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. Bugs fixed: 224005 - pata_pcmcia fails 326411 - Freeze On Boot w/ Audigy PCMCIA 450332 - F8 - System Lockup after kernel 2.6.25.4-10 450499 - kernel-2.6.25.4-10.fc8 breaks setkey -m tunnel options in ipsec 450501 - User Mode Linux (UML) broken on Fedora 9 (and now F8, too) Additional bugs fixed: F9#447518 - Call to capget() overflows buffers F9#450191 - DMA mode disabled for DVD drive, reverts to PIO4 F9#439197 - thinkpad x61t crash when undocking F9#447812 - Netlink messages from last seen 2020-06-01 modified 2020-06-02 plugin id 33234 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33234 title Fedora 8 : kernel-2.6.25.6-27.fc8 (2008-5454) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-625-1.NASL description Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2007-6282) Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712) Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598) Jan Kratochvil discovered that PTRACE did not correctly handle certain calls when running under 64bit kernels. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-1615) Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT did not correctly handle certain length values. Remote attackers could exploit this to execute arbitrary code or crash the system. (CVE-2008-1673) Paul Marks discovered that the SIT interfaces did not correctly manage allocated memory. A remote attacker could exploit this to fill all available memory, leading to a denial of service. (CVE-2008-2136) David Miller and Jan Lieskovsky discovered that the Sparc kernel did not correctly range-check memory regions allocated with mmap. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2137) The sys_utimensat system call did not correctly check file permissions in certain situations. A local attacker could exploit this to modify the file times of arbitrary files which could lead to a denial of service. (CVE-2008-2148) Brandon Edwards discovered that the DCCP system in the kernel did not correctly check feature lengths. A remote attacker could exploit this to execute arbitrary code. (CVE-2008-2358) A race condition was discovered between ptrace and utrace in the kernel. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-2365) The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729) The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750) Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33531 published 2008-07-17 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33531 title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5751.NASL description This kernel update fixes various bugs and also several security issues : CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service (crash) attack. CVE-2008-3833: The generic_file_splice_write function in fs/splice.c in the Linux kernel does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by splicing into an inode in order to create an executable file in a setgid directory. CVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. CVE-2008-4302: fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a denial of service (kernel BUG and system crash), as demonstrated by the fio I/O tool. CVE-2008-3528: The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile. CVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. CVE-2008-3525: Added missing capability checks in sbni_ioctl(). CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which could be used to leak information from the kernel. CVE-2008-2931: The do_change_type function in fs/namespace.c did not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. CVE-2008-2812: Various NULL ptr checks have been added to tty op functions, which might have been used by local attackers to execute code. We think that this affects only devices openable by root, so the impact is limited. CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and SNMP NAT netfilter modules. CVE-2008-3527: arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 did not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions. last seen 2020-06-01 modified 2020-06-02 plugin id 34755 published 2008-11-12 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34755 title openSUSE 10 Security Update : kernel (kernel-5751) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5477.NASL description This is a respin of the previous kernel update, which got retracted due to an IDE-CDROM regression, where any IDE CDROM access would hang or crash the system. Only this problem was fixed additionally. This kernel update fixes the following security problems : - On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine. (CVE-2008-1615) - Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking. (CVE-2008-1669) - Fixed a resource starvation problem in the handling of ZERO mmap pages. (CVE-2008-2372) - The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. (CVE-2008-1673) - Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though. (CVE-2008-2812) - A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory. (CVE-2008-2931) Additionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages. OCFS2 has been upgraded to the 1.4.1 release : - Endian fixes - Use slab caches for DLM objects - Export DLM state info to debugfs - Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes - Error handling fix in ocfs2_start_walk_page_trans() - Cleanup lockres printing - Allow merging of extents - Fix to allow changing permissions of symlinks - Merged local fixes upstream (no code change) last seen 2020-06-01 modified 2020-06-02 plugin id 59129 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59129 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5477) NASL family SuSE Local Security Checks NASL id SUSE_KERNEL-5605.NASL description This kernel security update fixes lots of bugs and some last seen 2020-06-01 modified 2020-06-02 plugin id 59130 published 2012-05-17 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59130 title SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5605)
Seebug
bulletinFamily exploit description BUGTRAQ ID: 29589 CVE(CAN) ID: CVE-2008-1673 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的cifs和ip_nat_snmp_basic模块中的ASN.1 BER解码器没有正确地计算缓冲区大小,如果远程攻击者向有漏洞的系统发送了特制的BER编码数据的话,就可以触发缓冲区溢出,导致拒绝服务或执行任意指令。 Linux kernel 2.6.x Linux kernel 2.4.x Debian ------ Debian已经为此发布了一个安全公告(DSA-1592-2)以及相应补丁: DSA-1592-2:New Linux 2.6.18 packages fix overflow conditions 链接:<a href=http://www.debian.org/security/2008/dsa-1592 target=_blank>http://www.debian.org/security/2008/dsa-1592</a> Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5-git1.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5-git1.bz2</a> <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> id SSV:3393 last seen 2017-11-19 modified 2008-06-11 published 2008-06-11 reporter Root title Linux Kernel BER解码缓冲区溢出漏洞 bulletinFamily exploit description CVE-2008-1673 The Linux Kernel is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 S.u.S.E. SUSE Linux Enterprise Server 10 SP2 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP2 S.u.S.E. SUSE Linux Enterprise 10 SP2 DEBUGINFO S.u.S.E. SLE SDK 10 SP2 rPath rPath Linux 2 rPath rPath Linux 1 rPath Appliance Platform Linux Service 1 RedHat Fedora 9 0 RedHat Fedora 8 0 MandrakeSoft Linux Mandrake 2008.1 x86_64 MandrakeSoft Linux Mandrake 2008.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Linux kernel 2.6.25 Linux kernel 2.6.25 Linux kernel 2.6.24 .2 Linux kernel 2.6.24 .1 Linux kernel 2.6.24 -rc5 Linux kernel 2.6.24 -rc4 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .7 Linux kernel 2.6.23 .6 Linux kernel 2.6.23 .5 Linux kernel 2.6.23 .4 Linux kernel 2.6.23 .3 Linux kernel 2.6.23 .2 Linux kernel 2.6.23 -rc2 Linux kernel 2.6.23 -rc1 Linux kernel 2.6.23 Linux kernel 2.6.22 7 Linux kernel 2.6.22 1 Linux kernel 2.6.22 .8 Linux kernel 2.6.22 .6 Linux kernel 2.6.22 .5 Linux kernel 2.6.22 .4 Linux kernel 2.6.22 .3 Linux kernel 2.6.22 .17 Linux kernel 2.6.22 .16 Linux kernel 2.6.22 .15 Linux kernel 2.6.22 .14 Linux kernel 2.6.22 .13 Linux kernel 2.6.22 .12 Linux kernel 2.6.22 .11 Linux kernel 2.6.22 Linux kernel 2.6.22 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7 Linux kernel 2.6.21 .6 Linux kernel 2.6.21 .2 Linux kernel 2.6.21 .1 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.21 Linux kernel 2.6.20 .9 Linux kernel 2.6.20 .8 Linux kernel 2.6.20 .5 Linux kernel 2.6.20 .4 Linux kernel 2.6.20 .15 Linux kernel 2.6.20 Linux kernel 2.6.20 Linux kernel 2.6.19 1 Linux kernel 2.6.19 .2 Linux kernel 2.6.19 .1 Linux kernel 2.6.19 -rc4 Linux kernel 2.6.19 -rc3 Linux kernel 2.6.19 -rc2 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.19 -rc1 Linux kernel 2.6.19 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.18 .4 Linux kernel 2.6.18 .3 Linux kernel 2.6.18 .1 Linux kernel 2.6.18 Linux kernel 2.6.17 .8 Linux kernel 2.6.17 .7 Linux kernel 2.6.17 .6 Linux kernel 2.6.17 .5 Linux kernel 2.6.17 .3 Linux kernel 2.6.17 .2 Linux kernel 2.6.17 .14 Linux kernel 2.6.17 .13 Linux kernel 2.6.17 .12 Linux kernel 2.6.17 .11 Linux kernel 2.6.17 .10 Linux kernel 2.6.17 .1 Linux kernel 2.6.17 -rc5 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.17 Linux kernel 2.6.16 27 Linux kernel 2.6.16 13 Linux kernel 2.6.16 .9 Linux kernel 2.6.16 .7 Linux kernel 2.6.16 .23 Linux kernel 2.6.16 .19 Linux kernel 2.6.16 .12 Linux kernel 2.6.16 .11 Linux kernel 2.6.16 .1 Linux kernel 2.6.16 -rc1 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.16 Linux kernel 2.6.15 .4 Linux kernel 2.6.15 .3 Linux kernel 2.6.15 .2 Linux kernel 2.6.15 .1 Linux kernel 2.6.15 -rc3 Linux kernel 2.6.15 -rc2 Linux kernel 2.6.15 -rc1 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 Linux kernel 2.6.15 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.14 .5 Linux kernel 2.6.14 .4 Linux kernel 2.6.14 .3 Linux kernel 2.6.14 .2 Linux kernel 2.6.14 .1 Linux kernel 2.6.14 -rc4 Linux kernel 2.6.14 -rc3 Linux kernel 2.6.14 -rc2 Linux kernel 2.6.14 -rc1 Linux kernel 2.6.14 Linux kernel 2.6.14 Linux kernel 2.6.13 .4 Linux kernel 2.6.13 .3 Linux kernel 2.6.13 .2 Linux kernel 2.6.13 .1 Linux kernel 2.6.13 -rc7 Linux kernel 2.6.13 -rc6 Linux kernel 2.6.13 -rc4 Linux kernel 2.6.13 -rc1 Linux kernel 2.6.13 Linux kernel 2.6.13 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.12 .6 Linux kernel 2.6.12 .5 Linux kernel 2.6.12 .4 Linux kernel 2.6.12 .3 Linux kernel 2.6.12 .22 Linux kernel 2.6.12 .2 Linux kernel 2.6.12 .12 Linux kernel 2.6.12 .1 Linux kernel 2.6.12 -rc5 Linux kernel 2.6.12 -rc4 Linux kernel 2.6.12 -rc1 Linux kernel 2.6.12 Linux kernel 2.6.12 Linux kernel 2.6.11 .8 Linux kernel 2.6.11 .7 Linux kernel 2.6.11 .6 Linux kernel 2.6.11 .5 Linux kernel 2.6.11 .4 Linux kernel 2.6.11 .12 Linux kernel 2.6.11 .11 Linux kernel 2.6.11 -rc4 Linux kernel 2.6.11 -rc3 Linux kernel 2.6.11 -rc2 Linux kernel 2.6.11 Linux kernel 2.6.11 Linux kernel 2.6.10 rc2 Linux kernel 2.6.10 Linux kernel 2.6.10 Linux kernel 2.6.2 Linux kernel 2.6.1 -rc2 Linux kernel 2.6.1 -rc1 Linux kernel 2.6.1 Linux kernel 2.6 .10 Linux kernel 2.6 -test9-CVS Linux kernel 2.6 -test9 Linux kernel 2.6 -test8 Linux kernel 2.6 -test7 Linux kernel 2.6 -test6 Linux kernel 2.6 -test5 Linux kernel 2.6 -test4 Linux kernel 2.6 -test3 Linux kernel 2.6 -test2 Linux kernel 2.6 -test11 Linux kernel 2.6 -test10 Linux kernel 2.6 -test1 Linux kernel 2.6 Linux kernel 2.4.36 5 Linux kernel 2.4.36 4 Linux kernel 2.4.36 1 Linux kernel 2.4.36 Linux kernel 2.4.35 3 Linux kernel 2.4.34 Linux kernel 2.4.34 Linux kernel 2.4.34 Linux kernel 2.4.33 2 Linux kernel 2.4.33 .7 Linux kernel 2.4.33 .6 Linux kernel 2.4.33 .6 Linux kernel 2.4.33 .5 Linux kernel 2.4.33 .4 Linux kernel 2.4.33 .3 Linux kernel 2.4.33 .3 Linux kernel 2.4.33 -pre1 Linux kernel 2.4.33 Linux kernel 2.4.33 Linux kernel 2.4.32 -pre2 Linux kernel 2.4.32 -pre1 Linux kernel 2.4.32 Linux kernel 2.4.31 -pre1 Linux kernel 2.4.31 Linux kernel 2.4.30 rc3 Linux kernel 2.4.30 rc2 Linux kernel 2.4.30 Linux kernel 2.4.29 -rc2 Linux kernel 2.4.29 -rc1 Linux kernel 2.4.29 Linux kernel 2.4.28 Linux kernel 2.4.27 -pre5 Linux kernel 2.4.27 -pre4 Linux kernel 2.4.27 -pre3 Linux kernel 2.4.27 -pre2 Linux kernel 2.4.27 -pre1 Linux kernel 2.4.27 Linux kernel 2.4.26 Linux kernel 2.4.25 Linux kernel 2.4.24 -ow1 Linux kernel 2.4.24 Linux kernel 2.4.23 -pre9 Linux kernel 2.4.23 -ow2 Linux kernel 2.4.23 Linux kernel 2.4.22 Linux kernel 2.4.21 pre7 Linux kernel 2.4.21 pre4 Linux kernel 2.4.21 pre1 Linux kernel 2.4.21 + Conectiva Linux 9.0 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 + S.u.S.E. Linux Enterprise Server 8 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Linux kernel 2.4.20 Linux kernel 2.4.19 -pre6 Linux kernel 2.4.19 -pre5 Linux kernel 2.4.19 -pre4 Linux kernel 2.4.19 -pre3 Linux kernel 2.4.19 -pre2 Linux kernel 2.4.19 -pre1 Linux kernel 2.4.19 Linux kernel 2.4.18 pre-8 Linux kernel 2.4.18 pre-7 Linux kernel 2.4.18 pre-6 Linux kernel 2.4.18 pre-5 Linux kernel 2.4.18 pre-4 Linux kernel 2.4.18 pre-3 Linux kernel 2.4.18 pre-2 Linux kernel 2.4.18 pre-1 Linux kernel 2.4.18 x86 Linux kernel 2.4.18 Linux kernel 2.4.17 Linux kernel 2.4.16 Linux kernel 2.4.15 Linux kernel 2.4.14 Linux kernel 2.4.13 Linux kernel 2.4.12 + Conectiva Linux 7.0 Linux kernel 2.4.11 Linux kernel 2.4.10 + S.u.S.E. Linux 7.3 Linux kernel 2.4.3 Linux kernel 2.4.2 Linux kernel 2.4.1 Linux kernel 2.4 .0-test9 Linux kernel 2.4 .0-test8 Linux kernel 2.4 .0-test7 Linux kernel 2.4 .0-test6 Linux kernel 2.4 .0-test5 Linux kernel 2.4 .0-test4 Linux kernel 2.4 .0-test3 Linux kernel 2.4 .0-test2 Linux kernel 2.4 .0-test12 Linux kernel 2.4 .0-test11 Linux kernel 2.4 .0-test10 Linux kernel 2.4 .0-test1 Linux kernel 2.6.25.4 Linux kernel 2.6.25.3 Linux kernel 2.6.25.2 Linux kernel 2.6.25.1 Linux kernel 2.6.24.6 Linux kernel 2.6.24-rc2 Linux kernel 2.6.24-rc1 Linux kernel 2.6.23.14 Linux kernel 2.6.23.10 Linux kernel 2.6.23.1 Linux kernel 2.6.23.09 Linux kernel 2.6.22-rc7 Linux kernel 2.6.22-rc1 Linux kernel 2.6.21-RC6 Linux kernel 2.6.21-RC5 Linux kernel 2.6.21-RC4 Linux kernel 2.6.21-RC3 Linux kernel 2.6.21-RC3 Linux kernel 2.6.20.3 Linux kernel 2.6.20.2 Linux kernel 2.6.20.13 Linux kernel 2.6.20.11 Linux kernel 2.6.20.1 Linux kernel 2.6.20-rc2 Linux kernel 2.6.20-2 Linux kernel 2.6.18-8.1.8.el5 Linux kernel 2.6.18-53 Linux kernel 2.6.18 Linux kernel 2.6.15.5 Linux kernel 2.6.15.11 Linux kernel 2.6.15-27.48 Linux kernel 2.6.11.4 Linux kernel 2.4.34.6 Linux kernel 2.4.34.5 Linux kernel 2.4.34.3 Linux kernel 2.4.33.5 Linux kernel 2.4.33.4 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 The vendor has released an update to address this issue. Please see the references for more information. Linux kernel 2.6.20.2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.21-RC3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.25.3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.23.14 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.11.4 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.20-rc2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.22-rc1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.20-2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.20.3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.25.2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.23.09 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.15-27.48 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.24-rc1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.4 .0-test3 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4 .0-test11 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4 .0-test9 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.10 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.11 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.12 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.18 pre-2 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.18 pre-5 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.18 pre-1 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.19 -pre4 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.19 -pre3 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.21 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.21 pre7 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.23 -pre9 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.26 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.27 -pre2 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.27 -pre4 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.29 -rc2 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.30 rc3 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.31 -pre1 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.32 -pre2 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.32 -pre1 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.33 -pre1 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.33 .7 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.36 5 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.4.36 1 Linux patch-2.4.36.6.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.4/patch-2.4.36.6.bz2</a> Linux kernel 2.6 -test4 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6 -test9 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6 -test10 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.10 rc2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.11 -rc3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.11 .11 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.11 .7 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.12 .1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.12 -rc4 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.12 .22 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.12 .2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.13 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.14 .1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.15 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.15 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.15 -rc3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.15 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.16 .9 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.16 .1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.17 .13 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.17 .10 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.17 -rc5 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.19 -rc2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.19 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.20 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.21 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.22 .17 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.22 .4 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.22 .11 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.22 .12 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.23 -rc1 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.23 -rc2 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.24 -rc3 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.24 -rc5 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> Linux kernel 2.6.25 Linux patch-2.6.26-rc5-git1.bz2 <a href=http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5 target=_blank>http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.26-rc5</a> -git1.bz2 Linux linux-2.6.25.5.tar.bz2 <a href=http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2 target=_blank>http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.25.5.tar.bz2</a> id SSV:3896 last seen 2017-11-19 modified 2008-08-22 published 2008-08-22 reporter Root title Linux Kernel BER Decoding Remote Buffer Overflow Vulnerability
Statements
| contributor | Mark J Cox |
| lastmodified | 2009-09-08 |
| organization | Red Hat |
| statement | Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2, 3, 4, 5 or Red Hat Enterprise MRG. The but existed on Red Hat Enterprise Linux 3, 4, and 5. However, this is only a security issue if the SLOB or SLUB memory allocators were used (introduced in Linux kernel versions 2.6.16 and 2.6.22, respectively). All Red Hat Enterprise Linux and Red Hat Enterprise MRG kernels use the SLAB memory allocator, which in this case, cannot be exploited to allow arbitrary code execution. As a preventive measure, the underlying bug was addressed in Red Hat Enterprise Linux 3, 4, and 5, via the advisories RHSA-2008:0973, RHSA-2008:0508, and RHSA-2008:0519, respectively. |
References
- http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.36.6
- http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5
- https://bugzilla.redhat.com/show_bug.cgi?id=443962
- http://www.debian.org/security/2008/dsa-1592
- http://www.securityfocus.com/bid/29589
- http://secunia.com/advisories/30580
- http://www.securitytracker.com/id?1020210
- http://secunia.com/advisories/30000
- http://secunia.com/advisories/30658
- http://www.ubuntu.com/usn/usn-625-1
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0189
- http://secunia.com/advisories/30644
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:174
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00587.html
- http://secunia.com/advisories/31107
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:113
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html
- http://secunia.com/advisories/31836
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
- http://secunia.com/advisories/32759
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html
- http://secunia.com/advisories/32104
- http://secunia.com/advisories/32103
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html
- http://www.vupen.com/english/advisories/2008/1770
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html
- http://secunia.com/advisories/32370
- http://secunia.com/advisories/30982
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42921
- http://www.securityfocus.com/archive/1/493300/100/0/threaded
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ddb2c43594f22843e9f3153da151deaba1a834c5
- http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commit%3Bh=33afb8403f361919aa5c8fe1d0a4f5ddbfbbea3c