The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: denial of service of mincore

Synthesis of the vulnerability 

A local attacker can generate a denial of service by locking pages in mincore().
Vulnerable software: Debian, Fedora, Linux, Mandriva Linux, openSUSE, RHEL, ESX.
Severity of this announce: 1/4.
Creation date: 20/12/2006.
Références of this computer vulnerability: BID-21663, CERTA-2008-AVI-380, CVE-2006-4814, DSA-1304-1, DSA-1503-1, FEDORA-2007-058, MDKSA-2007:040, MDKSA-2007:060, RHSA-2007:0014-01, RHSA-2008:0211-01, RHSA-2008:0787-01, RHSA-2009:0001-01, SUSE-SA:2007:018, VIGILANCE-VUL-6415, VMSA-2008-00011, VMSA-2008-00011.1, VMSA-2008-00011.2.

Description of the vulnerability 

The mincore() function indicates if pages of a file are in the core memory.
  int mincore(void *start, size_t length, unsigned char *vec);
Kernel sets vec: each byte contains a boolean indicating if page is in core or not.

This vec array is copied in mincore_vma(), with copy_to_user(), whereas a read only access is granted in sys_mincore() by down_read(...mmap_sem).

A local attacker can therefore lock the copy and thus set memory areas as readonly.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability alert impacts software or systems such as Debian, Fedora, Linux, Mandriva Linux, openSUSE, RHEL, ESX.

Our Vigil@nce team determined that the severity of this computer threat alert is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this security vulnerability.

Solutions for this threat 

Linux kernel: version 2.6.19.2.
Version 2.6.19.2 is corrected:
  http://www.kernel.org/

Linux kernel: version 2.6.18.8.
Version 2.6.18.8 is corrected:
  http://www.kernel.org/

Linux kernel: version 2.6.16.38.
Version 2.6.16.38 is corrected:
  http://www.kernel.org/

Linux kernel: version 2.4.34.
Version 2.4.34 is corrected:
  http://www.kernel.org/

Linux kernel: version 2.4.33.6.
Version 2.4.33.6 is corrected:
  http://kernel.org/

Debian 3.1: new kernel-2.4.27 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/k/kernel-*_2.4.27-10sarge7

Debian 3.1: new kernel 2.6.8 packages.
New packages are available:
  kernel-build-2.6.8-4*_2.6.8-15sarge7

Fedora Core 6: new kernel 2.6.19 packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
fd6b77b0a61d59aa912e00230d72af7aba466359 SRPMS/kernel-2.6.19-1.2895.fc6.src.rpm
fd6b77b0a61d59aa912e00230d72af7aba466359 noarch/kernel-2.6.19-1.2895.fc6.src.rpm
e74776b531b8c33c9713748a1a6f92b474361910 ppc/kernel-2.6.19-1.2895.fc6.ppc.rpm
2a6b920cee55f90a42037b774ff4a9186941dc5a ppc/kernel-headers-2.6.19-1.2895.fc6.ppc.rpm
07f0a6a54f4cd43504fdcb9d4809fb5dd70b59d1 ppc/debug/kernel-smp-debuginfo-2.6.19-1.2895.fc6.ppc.rpm
6198853bfa2cb96c14088299a901f460a1d589f1 ppc/kernel-devel-2.6.19-1.2895.fc6.ppc.rpm
118e6344aa3e9641b41787cf93083dd576dfafa2 ppc/kernel-smp-2.6.19-1.2895.fc6.ppc.rpm
33a5c617815526acbb2928543f03e3692caeaeaf ppc/debug/kernel-debuginfo-2.6.19-1.2895.fc6.ppc.rpm
297f92ddcad41278e77b86364361555804b98386 ppc/debug/kernel-debuginfo-common-2.6.19-1.2895.fc6.ppc.rpm
f98bc2ebd8440a35fac0c666d9f48f3cae210cb8 ppc/kernel-smp-devel-2.6.19-1.2895.fc6.ppc.rpm
bfc68c107179553a043acabfab0bc08f37fe5db6 ppc/kernel-doc-2.6.19-1.2895.fc6.noarch.rpm
dd5ae151436e55c8b48577e8a5ff1d3e07ea79d2 x86_64/debug/kernel-debuginfo-common-2.6.19-1.2895.fc6.x86_64.rpm
9b5650fa4828f92af7855b98d84c155d1ce75125 x86_64/debug/kernel-debug-debuginfo-2.6.19-1.2895.fc6.x86_64.rpm
18cf2e1b486371a4aa25b7af4c45114bb1f40996 x86_64/kernel-2.6.19-1.2895.fc6.x86_64.rpm
f1b1ea02c2d3ee9c718d80d88812ff5d23d4ffe5 x86_64/kernel-kdump-devel-2.6.19-1.2895.fc6.x86_64.rpm
8bf315c9a35916f75a27c41b3a37305408e558ea x86_64/debug/kernel-xen-debuginfo-2.6.19-1.2895.fc6.x86_64.rpm
3a6df000c573580765ab9804999ff2eaa2c942a2 x86_64/kernel-debug-devel-2.6.19-1.2895.fc6.x86_64.rpm
26e9ebd4330ae66db747a741ec5663f8d6a4fa62 x86_64/kernel-devel-2.6.19-1.2895.fc6.x86_64.rpm
a47c2efdf0ee7c215c7886ac2988c225b0de9171 x86_64/kernel-xen-2.6.19-1.2895.fc6.x86_64.rpm
a40906c0008bb038ec2beec7004197f99487ff74 x86_64/debug/kernel-kdump-debuginfo-2.6.19-1.2895.fc6.x86_64.rpm
e74af709f3ab58a4a8a326aa35b334decf447616 x86_64/kernel-kdump-2.6.19-1.2895.fc6.x86_64.rpm
a61d5e9d1d427fde7f02a57a8a92bc373c41c897 x86_64/kernel-debug-2.6.19-1.2895.fc6.x86_64.rpm
47b1d629729c652dab689d0b7a0ca4078478b5b4 x86_64/kernel-headers-2.6.19-1.2895.fc6.x86_64.rpm
cf72f668f99326fb5d9ce448ad6d8dcf5067637d x86_64/debug/kernel-debuginfo-2.6.19-1.2895.fc6.x86_64.rpm
737d4e94f904cabe2babe3168af732cba3ee4883 x86_64/kernel-xen-devel-2.6.19-1.2895.fc6.x86_64.rpm
bfc68c107179553a043acabfab0bc08f37fe5db6 x86_64/kernel-doc-2.6.19-1.2895.fc6.noarch.rpm
c26f9e70d17e9667dfc499f36038327a5923d41b i386/kernel-headers-2.6.19-1.2895.fc6.i386.rpm
63884e443e5a0b8bb5b46b9aa5b71457c2d83e24 i386/kernel-devel-2.6.19-1.2895.fc6.i586.rpm
e5a6bd3ded87b40b8b7cbb74e1e0f343bfd1990c i386/kernel-2.6.19-1.2895.fc6.i586.rpm
7130878b835613a10e9605199a3abdc15652df16 i386/debug/kernel-debuginfo-2.6.19-1.2895.fc6.i586.rpm
9d3a8a2dec284e0fee3c4253222eef2e72722689 i386/debug/kernel-debuginfo-common-2.6.19-1.2895.fc6.i586.rpm
8e8a35047a422386ca5547d0ee96108dfc78d93b i386/debug/kernel-debuginfo-2.6.19-1.2895.fc6.i686.rpm
3be46dcb6868fbd10be2eb8baef27ad29e530c24 i386/kernel-xen-2.6.19-1.2895.fc6.i686.rpm
ee5c2d182fdce4c134e0b2cc63c1ebd0115665c5 i386/kernel-PAE-devel-2.6.19-1.2895.fc6.i686.rpm
89417c82fa6f6b89722e62401f76f5444ef7c9ff i386/kernel-PAE-debug-devel-2.6.19-1.2895.fc6.i686.rpm
1c6ad7f7b7ad285a2347410d2be3ec02d1f6b92f i386/kernel-kdump-2.6.19-1.2895.fc6.i686.rpm
ac3f4154c14389def03bca73a20de27358ee9cc6 i386/debug/kernel-kdump-debuginfo-2.6.19-1.2895.fc6.i686.rpm
1624eb7c92c8aac2f0fcab4ba9cd866068287ecf i386/kernel-debug-2.6.19-1.2895.fc6.i686.rpm
2c7f9045c119fab9b4330176c8fb6d81858230eb i386/kernel-2.6.19-1.2895.fc6.i686.rpm
658c8146a304dae8ee00b01efefba369dfdc5ebb i386/kernel-PAE-2.6.19-1.2895.fc6.i686.rpm
f47697850cea459989435cc6de1f74be0826a9fd i386/debug/kernel-debuginfo-common-2.6.19-1.2895.fc6.i686.rpm
66d4fad9c9bab0cba0006d7990da46b2154ca4e5 i386/kernel-PAE-debug-2.6.19-1.2895.fc6.i686.rpm
ec55f0ac68fe330ba8974c373d15846ab13842ab i386/kernel-debug-devel-2.6.19-1.2895.fc6.i686.rpm
ac53d1106d772217eeed1f88f505954d0c6d7f0d i386/kernel-devel-2.6.19-1.2895.fc6.i686.rpm
cb9190f9183c8cc28e41c180ad75b2ca628d327a i386/debug/kernel-PAE-debuginfo-2.6.19-1.2895.fc6.i686.rpm
817a09978e745007f918f9a874e0a547571dc33d i386/kernel-kdump-devel-2.6.19-1.2895.fc6.i686.rpm
98b5793f2458dd0b3a3b6e06b8e6c72fe75f8379 i386/debug/kernel-xen-debuginfo-2.6.19-1.2895.fc6.i686.rpm
f6122445a2f18632fa704e47e7667a172abdf22a i386/kernel-xen-devel-2.6.19-1.2895.fc6.i686.rpm
d0fc25dc9cdb20de5734430df8596aed68480612 i386/debug/kernel-PAE-debug-debuginfo-2.6.19-1.2895.fc6.i686.rpm
48426f4d35088e66dbcff67dfd027302f5c1fcba i386/debug/kernel-debug-debuginfo-2.6.19-1.2895.fc6.i686.rpm
bfc68c107179553a043acabfab0bc08f37fe5db6 i386/kernel-doc-2.6.19-1.2895.fc6.noarch.rpm

Mandriva 2006.0, Corporate 4: new kernel packages.
New packages are available:
 
 Mandriva Linux 2006.0:
 b7c0334ecb73bb3b14173ef4dcdfa51b 2006.0/i586/kernel-2.6.12.31mdk-1-1mdk.i586.rpm
 8307e34d54134ab5cb41833d1b9d7742 2006.0/i586/kernel-BOOT-2.6.12.31mdk-1-1mdk.i586.rpm
 d329fdf03e99dfa15b08bb7c2791ed37 2006.0/i586/kernel-doc-2.6.12.31mdk-1-1mdk.i586.rpm
 3cf6a4198f43493932ea8251d4ee82dc 2006.0/i586/kernel-i586-up-1GB-2.6.12.31mdk-1-1mdk.i586.rpm
 c03817495740a0e9b1420f0991baf47f 2006.0/i586/kernel-i686-up-4GB-2.6.12.31mdk-1-1mdk.i586.rpm
 3e96d0ad0b5637d62db5233ca2df7d47 2006.0/i586/kernel-smp-2.6.12.31mdk-1-1mdk.i586.rpm
 65e1e7c5c155045d52474444870b13d3 2006.0/i586/kernel-source-2.6.12.31mdk-1-1mdk.i586.rpm
 9b62d79a9503c6f0db71166409c48c39 2006.0/i586/kernel-source-stripped-2.6.12.31mdk-1-1mdk.i586.rpm
 553faeda754e6007c592aa5ba5c48ea0 2006.0/i586/kernel-xbox-2.6.12.31mdk-1-1mdk.i586.rpm
 4ee72a08f25d24ee409fdab7c8ec4f17 2006.0/i586/kernel-xen0-2.6.12.31mdk-1-1mdk.i586.rpm
 53304c8f505a4cbac0ac9a2ff01b379b 2006.0/i586/kernel-xenU-2.6.12.31mdk-1-1mdk.i586.rpm
 d7a287562aed00fbc8167aa55bbb3bb9 2006.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm
 Mandriva Linux 2006.0/X86_64:
 08d9bfee92615f6bd8b3f71b2756fdaf 2006.0/x86_64/kernel-2.6.12.31mdk-1-1mdk.x86_64.rpm
 a750f3e67d9a0d6b07711e08f22e647b 2006.0/x86_64/kernel-BOOT-2.6.12.31mdk-1-1mdk.x86_64.rpm
 20196c168b6bc40f5bebd3ea2c5c82f6 2006.0/x86_64/kernel-doc-2.6.12.31mdk-1-1mdk.x86_64.rpm
 d65bd5fd54715215d957d2fa412cbe79 2006.0/x86_64/kernel-smp-2.6.12.31mdk-1-1mdk.x86_64.rpm
 164d4bb97970b852c88a872a70240e55 2006.0/x86_64/kernel-source-2.6.12.31mdk-1-1mdk.x86_64.rpm
 af11e7ddade582c262d9281c965c25d8 2006.0/x86_64/kernel-source-stripped-2.6.12.31mdk-1-1mdk.x86_64.rpm
 53cdf75192bc3a626ad68f9dfd90769d 2006.0/x86_64/kernel-xen0-2.6.12.31mdk-1-1mdk.x86_64.rpm
 c9299e6bf5fc41af71fbd03ebd80b151 2006.0/x86_64/kernel-xenU-2.6.12.31mdk-1-1mdk.x86_64.rpm
 d7a287562aed00fbc8167aa55bbb3bb9 2006.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm
 Corporate 4.0:
 71a9ce7e6ad36f939ae4585a5446e2ce corporate/4.0/i586/kernel-2.6.12.31mdk-1-1mdk.i586.rpm
 b3682d92693d4d7481540b2412128ee3 corporate/4.0/i586/kernel-BOOT-2.6.12.31mdk-1-1mdk.i586.rpm
 375a99017c6032af0fbf53c6e2ac0f9e corporate/4.0/i586/kernel-doc-2.6.12.31mdk-1-1mdk.i586.rpm
 7ef9e2dce86995c5054f0f81587bae14 corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.31mdk-1-1mdk.i586.rpm
 8e4861bfc6150a73f331010b242505f5 corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.31mdk-1-1mdk.i586.rpm
 fc5b1a7d5b45e9b6f94d1b75a2b252cd corporate/4.0/i586/kernel-smp-2.6.12.31mdk-1-1mdk.i586.rpm
 f616f5a779f3be6febf27506deea96ca corporate/4.0/i586/kernel-source-2.6.12.31mdk-1-1mdk.i586.rpm
 2bc31f06ab60d5f5c09b522ba275c35e corporate/4.0/i586/kernel-source-stripped-2.6.12.31mdk-1-1mdk.i586.rpm
 c450285103a7742c8505cce505b6cb30 corporate/4.0/i586/kernel-xbox-2.6.12.31mdk-1-1mdk.i586.rpm
 16b35579daacc6bef494c140e0332910 corporate/4.0/i586/kernel-xen0-2.6.12.31mdk-1-1mdk.i586.rpm
 957962b563ad39490ac49ee1f328d2d3 corporate/4.0/i586/kernel-xenU-2.6.12.31mdk-1-1mdk.i586.rpm
 20b9766dbaf813ba017fe3884771a80b corporate/4.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm
 Corporate 4.0/X86_64:
 8bdd8e4d2d3ab03ff666b7588ec011f6 corporate/4.0/x86_64/kernel-2.6.12.31mdk-1-1mdk.x86_64.rpm
 7e3081d6804343fcc51a2ce06836081e corporate/4.0/x86_64/kernel-BOOT-2.6.12.31mdk-1-1mdk.x86_64.rpm
 bb6a57a5ad26361394ff00db94f8f5e3 corporate/4.0/x86_64/kernel-doc-2.6.12.31mdk-1-1mdk.x86_64.rpm
 9aae4c3ce22091d4ca787a41a11231ff corporate/4.0/x86_64/kernel-smp-2.6.12.31mdk-1-1mdk.x86_64.rpm
 8ce06bd6a4144757828d29d83a690827 corporate/4.0/x86_64/kernel-source-2.6.12.31mdk-1-1mdk.x86_64.rpm
 70757f12ac8d99d5881a4c6becbd2503 corporate/4.0/x86_64/kernel-source-stripped-2.6.12.31mdk-1-1mdk.x86_64.rpm
 d3e1f96967bf0a5351d51ede84f078ca corporate/4.0/x86_64/kernel-xen0-2.6.12.31mdk-1-1mdk.x86_64.rpm
 6931563b47316f8572f0cd4cb0ebd3e1 corporate/4.0/x86_64/kernel-xenU-2.6.12.31mdk-1-1mdk.x86_64.rpm
 20b9766dbaf813ba017fe3884771a80b corporate/4.0/SRPMS/kernel-2.6.12.31mdk-1-1mdk.src.rpm

Mandriva: new kernel packages.
New packages are available:
 
 Mandriva Linux 2007.0:
 ad34fe5a73feafdd8e69b504ebf93946 2007.0/i586/kernel-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 d9e55a7e4f1008da15c67d1287956969 2007.0/i586/kernel-doc-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 a9c50df979df9e3689873978436bd16f 2007.0/i586/kernel-enterprise-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 f533abc7ea70bd3faaa9e6b28a99ab28 2007.0/i586/kernel-legacy-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 b8ff79d0ab16056f2d254e9d679984f7 2007.0/i586/kernel-source-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 850dbb1496700b2f93ef37e4540164cc 2007.0/i586/kernel-source-stripped-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 6e5109401747d368e768bb7ccce1c6e3 2007.0/i586/kernel-xen0-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 0982fc7135735d78b4805c2af67ffe19 2007.0/i586/kernel-xenU-2.6.17.10mdv-1-1mdv2007.0.i586.rpm
 2cfb0d90ab5aea99bacf8a721552554b 2007.0/SRPMS/kernel-2.6.17.10mdv-1-1mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 8228636d0969cdb0de42baeab61ece09 2007.0/x86_64/kernel-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 935eb44188aa2784386dd8bcc93dfd78 2007.0/x86_64/kernel-doc-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 9abb549acacc17385051ceebcb3331fe 2007.0/x86_64/kernel-source-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 7e3667b9f28f3214669f831955ef059d 2007.0/x86_64/kernel-source-stripped-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 648ae5f919580ce2df42f6a522aba7c9 2007.0/x86_64/kernel-xen0-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 0ad1d27a9232f5f7cf8ae218bef5a618 2007.0/x86_64/kernel-xenU-2.6.17.10mdv-1-1mdv2007.0.x86_64.rpm
 2cfb0d90ab5aea99bacf8a721552554b 2007.0/SRPMS/kernel-2.6.17.10mdv-1-1mdv2007.0.src.rpm

RHEL 2.1: new kernel ia64 packages.
New packages are available:
  kernel-2.4.18-e.67

RHEL 2.1: new kernel packages.
New packages are available:
  kernel-2.4.9-e.74

RHEL 3: new kernel packages (07/05/2008).
New packages are available:
Red Hat Enterprise Linux version 3: kernel-2.4.21-57.EL

RHEL 4: new kernel packages.
New packages are available:
Red Hat Enterprise Linux version 4: kernel-2.6.9-42.0.8.EL

SUSE 10.1: new kernel packages.
New packages are available:
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-*-2.6.16.27-0.9.i586.rpm

VMware ESX: patch for samba and vmnix.
A patch is available:
ESX 3.5
http://download3.vmware.com/software/esx/ESX350-200806218-UG.zip
http://kb.vmware.com/kb/1005931
http://download3.vmware.com/software/esx/ESX350-200806201-UG.zip
http://kb.vmware.com/kb/1005894
ESX 3.0.3 build 104629
http://www.vmware.com/support/vi3/doc/releasenotes_esx303.html
ESX 3.0.2 patch ESX-1006029
http://download3.vmware.com/software/vi/ESX-1006029.tgz
http://kb.vmware.com/kb/1006029
ESX 3.0.1 patch ESX-1006028
http://download3.vmware.com/software/vi/ESX-1006028.tgz
http://kb.vmware.com/kb/1006028
ESX 2.5.5 Upgrade Patch 10
http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz
http://vmware.com/support/esx25/doc/esx-255-200810-patch.html
ESX 2.5.4 Upgrade Patch 21
http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz
http://vmware.com/support/esx25/doc/esx-254-200810-patch.html
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a software vulnerabilities database. The technology watch team tracks security threats targeting the computer system.