Linux kernel 'mempolicy.c' 本地拒绝服务漏洞

CNNVD-ID编号	CNNVD-200603-210
CVE编号	CVE-2006-0557
发布时间	2006-03-12
更新时间	2006-03-17
漏洞类型	输入验证
漏洞来源	The vendor disclosed this issue.
危险等级	中危
威胁类型	本地
厂商	linux

漏洞介绍

Linux kernel 2.6.16及其早期版本的mempolicy.c中的sys_mbind，在为get_nodes函数进行某种计算之前，没有对maxnod变量作清洁检查，从而产生不明影响和攻击向量。

漏洞补丁

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：

Linux kernel 2.6 -test6

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test4

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test2

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test11

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test9-CVS

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test3

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 .10

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test5

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test1

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test7

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test9

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6 -test8

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6.1 -rc1

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6.1 -rc2

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6.10 rc2

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

Linux kernel 2.6.11

Linux patch-2.6.15.5.bz2

http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.15.5.bz2

SuSE Intel-536ep-4.69-10.6.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/Intel-536ep-4.69- 10.6.i586.rpm

SuSE kernel-bigsmp-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-2.6 .11.4-21.12.i586.rpm

SuSE kernel-bigsmp-nongpl-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-non gpl-2.6.11.4-21.12.i586.rpm

SuSE kernel-default-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-2. 6.11.4-21.12.i586.rpm

SuSE kernel-default-nongpl-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-no ngpl-2.6.11.4-21.12.i586.rpm

SuSE kernel-smp-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-2.6.11 .4-21.12.i586.rpm

SuSE kernel-smp-nongpl-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-nongpl -2.6.11.4-21.12.i586.rpm

SuSE kernel-source-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-source-2.6 .11.4-21.12.i586.rpm

SuSE kernel-syms-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-syms-2.6.1 1.4-21.12.i586.rpm

SuSE kernel-um-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-2.6.11. 4-21.12.i586.rpm

SuSE kernel-um-nongpl-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-nongpl- 2.6.11.4-21.12.i586.rpm

SuSE kernel-xen-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-2.6.11 .4-21.12.i586.rpm

SuSE kernel-xen-nongpl-2.6.11.4-21.12.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-nongpl -2.6.11.4-21.12.i586.rpm

SuSE ltmodem-8.31a10-7.6.i586.rpm

SUSE LINUX 9.3:

ftp://ftp.suse

参考网址

来源: BID

名称: 16924

链接：http://www.securityfocus.com/bid/16924
来源: www.kernel.org

链接：http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=636f13c174dd7c84a437d3c3e8fa66f03f7fda63
来源: www.kernel.org

链接：http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=636f13c174dd7c84a437d3c3e8fa66f03f7fda63
来源: SECTRACK

名称: 1015752

链接：http://securitytracker.com/id?1015752
来源: lkml.org

链接：http://lkml.org/lkml/2006/2/27/355
来源: bugzilla.redhat.com

链接：https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=184510
来源: XF

名称: linux-get-nodes-dos(25204)

链接：http://xforce.iss.net/xforce/xfdb/25204
来源: UBUNTU

名称: USN-281-1

链接：http://www.ubuntulinux.org/support/documentation/usn/usn-281-1
来源: OSVDB

名称: 23895

链接：http://www.osvdb.org/23895
来源: SUSE

名称: SUSE-SA:2006:028

链接：http://www.novell.com/linux/security/advisories/2006-05-31.html
来源: MANDRIVA

名称: MDKSA-2006:059

链接：http://www.mandriva.com/security/advisories?name=MDKSA-2006:059
来源: VUPEN

名称: ADV-2006-2554

链接：http://www.frsirt.com/english/advisories/2006/2554
来源: DEBIAN

名称: DSA-1103

链接：http://www.debian.org/security/2006/dsa-1103
来源: SECUNIA

名称: 20914

链接：http://secunia.com/advisories/20914
来源: SECUNIA

名称: 20398

链接：http://secunia.com/advisories/20398
来源: SECUNIA

名称: 19955

链接：http://secunia.com/advisories/19955

受影响实体

信息来源

http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200603-210

行业资讯-文章归档问答-问答归档