(SmoothWall Issues Fix) Linux Kernel Real-time Clock Routines May Leak Kernel Data to User Applications
|
|
SecurityTracker Alert ID: 1008679 |
|
SecurityTracker URL: http://securitytracker.com/id/1008679
|
|
CVE Reference:
CVE-2003-0984
(Links to External Site)
|
Date: Jan 12 2004
|
Impact:
Disclosure of authentication information, Disclosure of system information, Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2.0
|
Description:
A vulnerability was reported in the Linux 2.4 kernel in the real-time clock routines. A local user may be able to view leaked kernel data.
In December 2003, it was reported that real time clock routines in the Linux kernel do not properly initialize memory structures. As a result, a local user may be able to access the routines to view kernel stack data.
|
Impact:
A local user may be able to view some kernel data.
|
Solution:
The vendor has released a fix (SmoothWall Express 2.0 fixes 1), available at:
http://smoothwall.org/p/2.0-fixes1.html
|
Vendor URL: smoothwall.org/security/advisories/SWP-2004.001.html (Links to External Site)
|
Cause:
State error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Mon, 12 Jan 2004 20:38:26 +0000
Subject: SmoothWall Project Security Advisory SWP-2004:001
|
-------------------------------------------------------------
SmoothWall Project Security Advisory SWP-2004:001
-------------------------------------------------------------
Summary: Updates for SmoothWall Express to correct
local vulnerabilities in Linux kernel.
Importance: Critical
Issue: Possible local vulnerabilities
CVE Names: CAN-2003-0961, CAN-2003-0984, CAN-2003-0985
Released: 2004-01-12
SW-specific: no
Affected Products:
SmoothWall Express 2.0 (as shipped)
The products shown must be updated to the fix level as
shown above before applying any updates mentioned in this
advisory.
-------------------------------------------------------------
Description
-------------------------------------------------------------
Critical security vulnerabilities have been found in the
Linux kernel in the following areas:
- Locally exploitable vulnerabilities in memory management
code (do_brk(), mremap system calls)
- Improper structure initialisation in real time clock (RTC)
routines can result in leaked kernel data to user space
These vulnerabilities can result in privilege escalation or
unwanted availability of sensitive information.
-------------------------------------------------------------
Corrective Actions
-------------------------------------------------------------
You should download and install the required update for
your product(s). The updates can be downloaded from the
web links below, along with installation instructions and
any further caveats or updates.
SmoothWall Express 2.0 fixes 1
- http://smoothwall.org/p/2.0-fixes1.html
-------------------------------------------------------------
Further Information
-------------------------------------------------------------
CVE Candidate CAN-2003-0961
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961
CVE Candidate CAN-2003-0984
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984
CVE Candidate CAN-2003-0985
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
CERT(r) VU Note (do_brk())
- http://www.kb.cert.org/vuls/id/301156
CERT(r) VU Note (memory deallocation)
- http://www.kb.cert.org/vuls/id/935264
Linux Kernel do_brk() Lacks Argument Bound Checking
- http://isec.pl/vulnerabilities/isec-0012-do_brk.txt
Linux Kernel RTC Memory Leak
- http://xforce.iss.net/xforce/xfdb/13943
Linux Kernel do_mremap Local Privilege Escalation
- http://isec.pl/vulnerabilities/isec-0013-mremap.txt
Linux Kernel 2.4.23 Changelog
- http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.23
Linux Kernel 2.4.24 Changelog
- http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24
|
|
