漏洞信息详情
linux内核SYSFS sysfs/file.c 本地拒绝服务漏洞
- CNNVD编号:CNNVD-200604-057
- 危害等级: 低危
- CVE编号: CVE-2006-1055
- 漏洞类型: 设计错误
- 发布时间: 2006-04-05
- 威胁类型: 本地
- 更新时间: 2006-04-05
- 厂 商: linux
- 漏洞来源: This issue was dis...
漏洞简介
linux内核2.6.12到2.6.17-rc1之前版本的sysfs/file.c文件的file_write_buffer函数在请求大小为PAGE_SIZE或更大的缓存时没有清零结束一个缓存,那可能允许本地用户通过一个越界的读操作发起拒绝服务攻击(会导致崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Trustix Secure Linux 2.2
Trustix clamav-0.88.1-1tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix clamav-devel-0.88.1-1tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-cli-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-curl-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-devel-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-domxml-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-exif-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-fcgi-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-gd-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-imap-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-ldap-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-mhash-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-mysql-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-pgsql-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix php4-test-4.4.2-2tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Linux kernel 2.6.13
SuSE Intel-536ep-4.69-14.5.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/Intel-536ep-4.69 -14.5.i586.rpm
SuSE kernel-bigsmp-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-2. 6.13-15.10.i586.rpm
SuSE kernel-bigsmp-nongpl-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-no ngpl-2.6.13-15.10.i586.rpm
SuSE kernel-default-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-2 .6.13-15.10.i586.rpm
SuSE kernel-default-nongpl-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-n ongpl-2.6.13-15.10.i586.rpm
SuSE kernel-smp-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-2.6.1 3-15.10.i586.rpm
SuSE kernel-smp-nongpl-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-nongp l-2.6.13-15.10.i586.rpm
SuSE kernel-source-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-source-2. 6.13-15.10.i586.rpm
SuSE kernel-syms-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-syms-2.6. 13-15.10.i586.rpm
SuSE kernel-um-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-2.6.13 -15.10.i586.rpm
SuSE kernel-um-nongpl-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-nongpl -2.6.13-15.10.i586.rpm
SuSE kernel-xen-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-2.6.1 3-15.10.i586.rpm
SuSE kernel-xen-nongpl-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-nongp l-2.6.13-15.10.i586.rpm
SuSE um-host-kernel-2.6.13-15.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/um-host-kernel-2 .6.13-15.10.i586.rpm
Linux kernel 2.6.15
RedHat kernel-2.6.16-1.2096_FC5.i586.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat kernel-2.6.16-1.2096_FC5.i686.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat kernel-2.6.16-1.2096_FC5.ppc.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
RedHat kernel-2.6.16-1.2096_FC5.x86_64.rpm
Fedora Core 5
http://download.fedora.redhat.com/pub/fedora/linux/
参考网址
来源: www.kernel.org
链接:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=6e0dd741a89be35defa05bd79f4211c5a2762825;hp=597a7679dd83691be2f3a53e1f3f915b4a7f6eba
来源: www.kernel.org
链接:http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6e0dd741a89be35defa05bd79f4211c5a2762825
来源: XF
名称: linux-fillwritebuffer-dos(25693)
链接:http://xforce.iss.net/xforce/xfdb/25693
来源: UBUNTU
名称: USN-281-1
链接:http://www.ubuntulinux.org/support/documentation/usn/usn-281-1
来源: UBUNTU
名称: USN-302-1
链接:http://www.ubuntu.com/usn/usn-302-1
来源: TRUSTIX
名称: 2006-0020
链接:http://www.trustix.org/errata/2006/0020
来源: BID
名称: 17402
链接:http://www.securityfocus.com/bid/17402
来源: OSVDB
名称: 24443
链接:http://www.osvdb.org/24443
来源: SUSE
名称: SUSE-SA:2006:028
链接:http://www.novell.com/linux/security/advisories/2006-05-31.HTML
来源: VUPEN
名称: ADV-2006-1475
链接:http://www.frsirt.com/english/advisories/2006/1475
来源: VUPEN
名称: ADV-2006-1273
链接:http://www.frsirt.com/english/advisories/2006/1273
来源: SECUNIA
名称: 20716
链接:http://secunia.com/advisories/20716
来源: SECUNIA
名称: 20398
链接:http://secunia.com/advisories/20398
来源: SECUNIA
名称: 19955
链接:http://secunia.com/advisories/19955
来源: SECUNIA
名称: 19735
链接:http://secunia.com/advisories/19735
来源: SECUNIA
名称: 19495
链接:http://secunia.com/advisories/19495
来源: FEDORA
名称: FEDORA-2006-423
链接:http://lwn.net/Alerts/180820/
受影响实体
- Linux Linux_kernel:2.6.17
- Linux Linux_kernel:2.6.16:Rc1
- Linux Linux_kernel:2.6.15:Rc7
- Linux Linux_kernel:2.6.15:Rc6
- Linux Linux_kernel:2.6.15:Rc5
补丁
暂无
评论