HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-32
Multiple Vulnerabilities in Linux Kernel

Original issue date: June 11, 2007

Severity Rating: Medium

Systems Affected

  • Linux Kernel version 2.6.21.3 and prior
  • Linux Kernel version 2.6.20.12 and prior

Overview

Multiple vulnerabilities have been reported in Linux kernel which could be exploited by local/remote attacker to cause loss of sensitive information from kernel memory and Denial of Service attack on the affected system.

Description

1. Linux kernel NULL-pointer dereference Vulnerability ( CVE-2007-2453 )

A NULL-pointer dereference vulnerability exists within netfilter while handling new SCTP ( Stream C Control Transfer Protocol) connections with unknown chunk types. This vulnerability could be exploited by remote attacker to crash the kernel by sending malicious packets.

2 . Linux kernel "cpuset_task_read()" function Information Leak Vulnerability ( CVE-2007-2875 )

A buffer underflow vulnerability has been reported in Linux kernel due to error in "cpuset_task_read()" function in /kernel/cpuset.c. The function is responsible for supplying user-land processes with data when they read from the /dev/cpuset/tasks file. This could be exploited by malicious attacker to read portions of kernel memory which may disclose sensitive information.

3. Linux kernel "extract_buf()" and "random_ioctl()" function Vulnerabilty ( CVE-2007-2876 )

A vulnerability has been reported in Linux kernel due to an error in the "extract_buf()" and "random_ioctl()" function while generating random numbers. This vulnerability could be exploited by attackers to bypass security restrictions.

Solution

Upgrade to Kernel 2.6.21.4 or 2.6.20.13:
http://www.kernel.org

Vendor Information
Kernel
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4

References

Security Focus
http://www.securityfocus.com/bid/24376

Secunia
http://secunia.com/advisories/25594/

FrSirt
http://www.frsirt.com/english/advisories/2007/2105


CVE Name
CVE-2007-2453
CVE-2007-2875
CVE-2007-2876

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003