漏洞信息详情
Linux Kernel ISO9660文件系统缓冲区溢出漏洞
- CNNVD编号:CNNVD-200406-002
- 危害等级: 中危
- CVE编号: CVE-2004-0109
- 漏洞类型: 边界条件错误
- 发布时间: 2004-04-15
- 威胁类型: 本地
- 更新时间: 2007-01-24
- 厂 商: linux
- 漏洞来源: zen-parse※ zen-par...
漏洞简介
Linux是一款开放源代码操作系统。 Linux内核没有对存储在ISO9660文件系统上的符号连接进行正确的长度检查,本地攻击者可以利用这个漏洞获得root用户权限。 ISO9660文件系统上的符号连接由\'\'Rock Ridge\'\'扩展到标准格式支持,通过在恶意构建ISO文件系统,当内核在执行目录列表及尝试通过畸形符号连接访问文件时触发。几个相关的受影响函数如下: fs/isofs/rock.c: rock_ridge_symlink_readpage() fs/isofs/rock.c: get_symlink_chunk() 由于没有对符号连接长度进行正确检查而触发内存错误。精心构建记录数据可能以root用户权限执行任意指令。
漏洞公告
厂商补丁: Debian ------ Debian已经为此发布了相应补丁:
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.dsc
Size/MD5 checksum: 690 222d67d058984eef34ef3af56ad82720
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.diff.gz
Size/MD5 checksum: 41918 dce13eeca598d548e390a72fed76728f
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17.orig.tar.gz
Size/MD5 checksum: 29445154 d5de2a4dc49e32c37e557ef856d5d132
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6.dsc
Size/MD5 checksum: 805 2076a7b98736825eb39bf5bc8eba23d2
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6.tar.gz
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody3_all.deb
Size/MD5 checksum: 1720294 3b6e8a510996bebd066d1cda8bac41eb
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3_all.deb
Size/MD5 checksum: 23880582 542792a28d1fc90844f9b51abe84f90e
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6_all.deb
Size/MD5 checksum: 1149360 9e6755113b2f9aa136cb7a661ff17953
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody6_mips.deb
Size/MD5 checksum: 3475460 5fd4b0778c297c49009ece259b417f22
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody6_mips.deb
Size/MD5 checksum: 2042058 a15d8dad4f6d3a0ca8f32bca87a153b3
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody6_mips.deb
Size/MD5 checksum: 2042102 f9cc1ae2e4d53f0a017a842580823a34
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody6_mipsel.deb
Size/MD5 checksum: 3474878 26731e041b80cfeb5bc609cf6f2b20a1
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody6_mipsel.deb
Size/MD5 checksum: 2197528 b2cefc4f87ee78a1c146a4e428b2d44c
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody6_mipsel.deb
Size/MD5 checksum: 2193620 0cf8429a531c6eb29cdc34b4e343d9ac
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody6_mipsel.deb
Size/MD5 checksum: 15394 7f2ad07ae6daa9de0db7d45cdc83ee59
Source archives:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2.dsc
Size/MD5 checksum: 672 9860f430fe435100c103a42c7b5dbc66
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2.diff.gz
Size/MD5 checksum: 47625 cc802c42472c637de501dde07df7cec8
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz
Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4.dsc
Size/MD5 checksum: 792 a21174ff774b45160cf3f714ea1ec226
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4.tar.gz
Size/MD5 checksum: 1032076 96e1ae069ef39afbdae505edc6f11375
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody2_all.deb
Size/MD5 checksum: 1783144 deaa1a0705f5f334ebbc60734b6bc2c7
http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2_all.deb
Size/MD5 checksum: 25895130 f42c8c0b27e644d024e33738a5c87863
http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4_all.deb
Size/MD5 checksum: 1032600 c7ec4194385c7e
参考网址
来源: ENGARDE 名称: ESA-20040428-004 链接:http://www.linuxsecurity.com/advisories/engarde_advisory-4285.HTML 来源: REDHAT 名称: RHSA-2004:166 链接:http://rhn.redhat.com/errata/RHSA-2004-166.HTML 来源: TRUSTIX 名称: 2004-0020 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=108213675028441&w=2 来源: SGI 名称: 20040405-01-U 链接:ftp://patches.sgi.com/support/free/security/advisories/20040405-01-U.asc 来源: XF 名称: linux-iso9660-bo(15866) 链接:http://xforce.iss.net/xforce/xfdb/15866 来源: TURBO 名称: TLSA-2004-14 链接:http://www.turbolinux.com/security/2004/TLSA-2004-14.txt 来源: BID 名称: 10141 链接:http://www.securityfocus.com/bid/10141 来源: REDHAT 名称: RHSA-2004:183 链接:http://www.redhat.com/support/errata/RHSA-2004-183.HTML 来源: REDHAT 名称: RHSA-2004:106 链接:http://www.redhat.com/support/errata/RHSA-2004-106.HTML 来源: REDHAT 名称: RHSA-2004:105 链接:http://www.redhat.com/support/errata/RHSA-2004-105.HTML 来源: SUSE 名称: SuSE-SA:2004:009 链接:http://www.novell.com/linux/security/advisories/2004_09_kernel.HTML 来源: www.idefense.com 链接:http://www.idefense.com/application/poi/display?id=101&type=vulnerabilities 来源: DEBIAN 名称: DSA-495 链接:http://www.debian.org/security/2004/dsa-495 来源: DEBIAN 名称: DSA-491 链接:http://www.debian.org/security/2004/dsa-491 来源: DEBIAN 名称: DSA-489 链接:http://www.debian.org/security/2004/dsa-489 来源: DEBIAN 名称: DSA-482 链接:http://www.debian.org/security/2004/dsa-482 来源: DEBIAN 名称: DSA-481 链接:http://www.debian.org/security/2004/dsa-481 来源: DEBIAN 名称: DSA-480 链接:http://www.debian.org/security/2004/dsa-480 来源: DEBIAN 名称: DSA-479 链接:http://www.debian.org/security/2004/dsa-479 来源: CIAC 名称: O-127 链接:http://www.ciac.org/ciac/bulletins/o-127.sHTML 来源: CIAC 名称: O-121 链接:http://www.ciac.org/ciac/bulletins/o-121.sHTML 来源: GENTOO 名称: GLSA-200407-02 链接:http://security.gentoo.org/glsa/glsa-200407-02.xml 来源: SECUNIA 名称: 12003 链接:http://secunia.com/advisories/12003 来源: SECUNIA 名称: 11986 链接:http://secunia.com/advisories/11986 来源: SECUNIA 名称: 11891 链接:http://secunia.com/advisories/11891 来源: SECUNIA 名称: 11861 链接:http://secunia.com/advisories/11861 来源: SECUNIA 名称: 11626 链接:http://secunia.com/advisories/11626 来源: SECUNIA 名称: 11518 链接:http://secunia.com/advisories/11518 来源: SECUNIA 名称: 11494 链接:http://secunia.com/advisories/11494 来源: SECUNIA 名称: 11486 链接:http://secunia.com/advisories/11486 来源: SECUNIA 名称: 11470 链接:http://secunia.com/advisories/11470 来源: SECUNIA 名称: 11469 链接:http://secunia.com/advisories/11469 来源: SECUNIA 名称: 11464 链接:http://secunia.com/advisories/11464 来源: SECUNIA 名称: 11373 链接:http://secunia.com/advisories/11373 来源: SECUNIA 名称: 11362 链接:http://secunia.com/advisories/11362 来源: SECUNIA 名称: 11361 链接:http://secunia.com/advisories/11361 来源: OVAL 名称: oval:org.mitre.oval:def:10733 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10733 来源: CONECTIVA 名称: CLA-2004:846 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 来源: SGI 名称: 20040504-01-U 链接:ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc 来源: MANDRAKE 名称: MDKSA-2004:029 链接:http://www.mandriva.com/security/advisories?name=MDKSA-2004:029 来源: US Government Resource: oval:org.mitre.oval:def:940 名称: oval:org.mitre.oval:def:940 链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:940
受影响实体
- Linux Linux_kernel:2.6.0
- Linux Linux_kernel:2.4.0
- Linux Linux_kernel:2.5.0
补丁
暂无
评论