CERT-In Advisory CIAD-2008-06
Linux Kernel VFS and IPv6 jumbogram packets vulnerabilities
Original issue date:
January 28, 2008
Severity Rating: High
Systems Affected
Overview
Multiple vulnerabilities have been reported in Linux Kernel which could be exploited by attackers to bypass security restrictions and run denial of service attack.
Description
1. Linux Kernel VFS File Permissions Bypass Vulnerability (CVE-2008-0001)
A vulnerability has been reported in VFS(Virtual File System) in the Linux Kernel due to an error in the “"may_open()" [fs/namei.c] function which performs the test of access mode by using the flag variable instead of the acc_mode variable. This vulnerability could be exploited by local attackers to bypass file permissions and gain unauthorized access to certain files or remove directories.
2. Denial of Service vulnerability in Linux Kernel
(CVE-2008-0352)
A vulnerability has been reported in Linux kernel due to an error while processing IPv6 jumbogram packets. This vulnerability could be exploited by remote attackers by sending specially crafted IPv6 packets containing a malformed jumbo payload to cause a denial of service attack.
Solution
Apply appropriate path as provided by vendors.
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.14
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.2
Vendor Information kernel
http://www.kernel.org
References
FrSIRT
http://www.frsirt.com/english/advisories/2008/0151
SecurityFocus
http://www.securityfocus.com/bid/27280
Secunia
http://secunia.com/advisories/28485
X-Force
http://xforce.iss.net/xforce/xfdb/39643
CVE-Name
CVE -2008-0001
CVE-2008-0352
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
