漏洞信息详情
Linux内核RNDIS_Query_Response远程缓冲区溢出漏洞
- CNNVD编号:CNNVD-200603-378
- 危害等级: 超危
- CVE编号: CVE-2006-1368
- 漏洞类型: 缓冲区溢出
- 发布时间: 2006-03-23
- 威胁类型: 远程
- 更新时间: 2006-03-24
- 厂 商: linux
- 漏洞来源: discovered this issue.');">Shaun Tancheff <>
漏洞简介
在Linux kernel 2.6.16之前版本的USB Gadget RNDIS实施中存在缓冲区溢出,远程攻击者通过以下途径可制造一个拒绝服务(kmalloc\'\'d内存崩溃):用于OID_GEN_SUPPORTED_LIST中的一个远程NDIS响应,它会造成只为回答数据而不为回答结构分配内存。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Linux kernel 2.6.15.5
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test6
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test4
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test2
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test11
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test9-CVS
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test3
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 .10
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test5
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test1
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test7
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test9
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test8
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6 -test10
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6.1 -rc1
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6.1 -rc2
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6.1
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6.10 rc2
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Linux kernel 2.6.10
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Ubuntu ide-modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb
Ubuntu 5.10:
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.12/ide- modules-2.6.12-10-amd64-generic-di_2.6.12-10.32_amd64.udeb
Linux kernel 2.6.11
Linux linux-2.6.16.tar.bz2
http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2
Mandriva drbd-utils-0.7.19-2.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva drbd-utils-0.7.19-2.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads
Mandriva drbd-utils-heartbeat-0.7.19-2.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva drbd-utils-heartbeat-0.7.19-2.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-2.6.12.23mdk-1-1mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-2.6.12.23mdk-1-1mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-BOOT-2.6.12.23mdk-1-1mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-BOOT-2.6.12.23mdk-1-1mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-i586-up-1GB-2.6.12.23mdk-1-1mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-i686-up-4GB-2.6.12.23mdk-1-1mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-smp-2.6.12.23mdk-1-1mdk.i586.rpm
Mandriva Linux 2006.0:
http://wwwnew.mandriva.com/en/downloads
Mandriva kernel-smp-2.6.12.23mdk-1-1mdk.x86_64.rpm
Mandriva Linux 2006.0/X86
参考网址
来源: UBUNTU
名称: USN-281-1
链接:http://www.ubuntulinux.org/support/documentation/usn/usn-281-1
来源: BID
名称: 17831
链接:http://www.securityfocus.com/bid/17831
来源: MANDRIVA
名称: MDKSA-2006:123
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:123
来源: www.kernel.org
链接:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16
来源: www.kernel.org
链接:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8763716bfe4d8a16bef28c9947cf9d799b1796a5
来源: VUPEN
名称: ADV-2006-2554
链接:http://www.frsirt.com/english/advisories/2006/2554
来源: VUPEN
名称: ADV-2006-1046
链接:http://www.frsirt.com/english/advisories/2006/1046
来源: DEBIAN
名称: DSA-1103
链接:http://www.debian.org/security/2006/dsa-1103
来源: DEBIAN
名称: DSA-1097
链接:http://www.debian.org/security/2006/dsa-1097
来源: SECUNIA
名称: 21045
链接:http://secunia.com/advisories/21045
来源: SECUNIA
名称: 20914
链接:http://secunia.com/advisories/20914
来源: SECUNIA
名称: 20671
链接:http://secunia.com/advisories/20671
来源: SECUNIA
名称: 19955
链接:http://secunia.com/advisories/19955
来源: SECUNIA
名称: 19330
链接:http://secunia.com/advisories/19330
来源: MANDRIVA
名称: MDKSA-2006:123
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:123
受影响实体
- Linux Linux_kernel:2.6.15
补丁
暂无
评论