rPSA-2007-0084-1 kernel



rPath Security Advisory: 2007-0084-1
Published: 2007-05-01
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Versions:
kernel=/conary.rpath.com@rpl:devel//1/2.6.19.7-0.4-1

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
https://issues.rpath.com/browse/RPL-1309
https://issues.rpath.com/browse/RPL-1310

Description:
Previous versions of the kernel package are vulnerable to one
local user Denial of Service attack in which local users can
trigger a kernel stack overflow using the netlink layer, and to one
remote Denial of Service attack in which if IPv6 routing has been
configured, a remote user can cause the system to use all available
network bandwidth by sending a specially-crafted IPv6 packet.

In addition, several issues have been resolved that caused some
systems to have difficulty booting: attempting to initialize the
Intel random number generator caused some recent systems to hang
during boot, and NUMA capability was also causing some systems to
hang during boot and so has been disabled on x86, where it is
generally not needed.

A system reboot is required to resolve these issues.



Relevant Pages

  • [Full-disclosure] rPSA-2007-0084-1 kernel
    ... rPath Security Advisory: 2007-0084-1 ... Remote Deterministic Denial of Service ... Previous versions of the kernel package are vulnerable to one ... local user Denial of Service attack in which local users can ...
    (Full-Disclosure)
  • Re: On classifying attacks
    ... A remote exploit requires that a local user run an ... double-clicked does not have a vulnerability. ... This is no different than if I handed you a disk, ... Would you call this a remote ...
    (Bugtraq)
  • How to bypass Remote Control Request when shadow in Server 2008
    ... All the above is for Server 2003, not Server 2008 which represents a change in Microsoft's thinking. ... Full Control with user's permission ... Is there any way at all with Windows Server 2008's remote desktop (or other ... need the local user and the remote user to interoperate in the same session, ...
    (microsoft.public.windows.server.general)
  • Re: On classifying attacks
    ... >> But is this a remote exploit? ... > unless a local user runs an executable. ... > This should be classified as a remote vulnerability. ... local users make a decision to trust something (data in this case, ...
    (Bugtraq)
  • Re: On classifying attacks
    ... A remote exploit requires that a local user run an ... Running code is required, because it is the very running ... Maybe so, however with the case of the BIND attack, the vulnerability in ... locally running code is being exploited by a remote attacker via the ...
    (Bugtraq)