rPSA-2006-0130-1 kernel



rPath Security Advisory: 2006-0130-1
Published: 2006-07-17
Products: rPath Linux 1
Rating: Critical
Exposure Level Classification:
Local Root Deterministic Privilege Escalation
Updated Versions:
kernel=/conary.rpath.com@rpl:devel//1/2.6.16.26-0.1-1

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3626
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2936
https://issues.rpath.com/browse/RPL-510
https://issues.rpath.com/browse/RPL-507

Description:
In previous versions of the kernel package, a local root privilege
escalation and a separate denial of service vulnerability are known
to exist.

The local root privilege escalation allows any local user to use
the /proc/self/environ file to reliably subvert the root user.
The local root privilege escalation has a known and publically
available exploit in current active use.

The denial of service applies if the ftdi_sio module that drives
a usb-serial hardware device is loaded, in which case any user
allowed to access the device can consume all the memory on the
system by producing data faster than the device can consume it,
either as an intentional attack or unintentionally, leading to a
denial of service.

A system reboot is required to resolve these vulnerabilities.
rPath recommends that you update your systems immediately.



Relevant Pages

  • [Full-disclosure] rPSA-2006-0130-1 kernel
    ... Products: rPath Linux 1 ... Local Root Deterministic Privilege Escalation ... system by producing data faster than the device can consume it, ...
    (Full-Disclosure)
  • [Full-disclosure] rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11&
    ... Products: rPath Linux 1 ... Local Root Deterministic Privilege Escalation ... Previous versions of the xorg-x11 package contain a vulnerability ... to modify permissions on arbitrary files, ...
    (Full-Disclosure)
  • [Full-disclosure] rPSA-2007-0161-1 dovecot
    ... Products: rPath Linux 1 ... Exposure Level Classification: ... Remote User Deterministic Privilege Escalation ... Previous versions of the dovecot package are vulnerable to a ...
    (Full-Disclosure)
  • rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11
    ... Products: rPath Linux 1 ... Local Root Deterministic Privilege Escalation ... Previous versions of the xorg-x11 package contain a vulnerability ... to modify permissions on arbitrary files, ...
    (Bugtraq)
  • rPSA-2007-0161-1 dovecot
    ... Products: rPath Linux 1 ... Exposure Level Classification: ... Remote User Deterministic Privilege Escalation ... Previous versions of the dovecot package are vulnerable to a ...
    (Bugtraq)