| 2009-08-14 15:28:43 |
Mike Green |
bug |
|
|
added bug |
| 2009-08-14 16:24:17 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
Mitigated, at least against this particular posted exploit, via creating /etc/modprobe.d/mitigate-2692:
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
Mitigated, at least against this particular posted exploit, via creating /etc/modprobe.d/mitigate-2692.conf:
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true |
|
| 2009-08-14 16:24:48 |
Kees Cook |
bug task added |
|
linux (Ubuntu) |
|
| 2009-08-14 16:25:13 |
Kees Cook |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=516949 |
|
| 2009-08-14 16:25:13 |
Kees Cook |
bug task added |
|
linux (Fedora) |
|
| 2009-08-14 16:25:54 |
Kees Cook |
visibility |
private |
public |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux (Ubuntu Dapper) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux-source-2.6.15 (Ubuntu Dapper) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux (Ubuntu Hardy) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux-source-2.6.15 (Ubuntu Hardy) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux (Ubuntu Jaunty) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux-source-2.6.15 (Ubuntu Jaunty) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux (Ubuntu Karmic) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux-source-2.6.15 (Ubuntu Karmic) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux (Ubuntu Intrepid) |
|
| 2009-08-14 16:26:00 |
Kees Cook |
bug task added |
|
linux-source-2.6.15 (Ubuntu Intrepid) |
|
| 2009-08-14 16:28:18 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Dapper): status |
New |
Triaged |
|
| 2009-08-14 16:28:21 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Hardy): status |
New |
Invalid |
|
| 2009-08-14 16:28:25 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Jaunty): status |
New |
Invalid |
|
| 2009-08-14 16:28:31 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Karmic): status |
New |
Invalid |
|
| 2009-08-14 16:28:36 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Intrepid): status |
New |
Invalid |
|
| 2009-08-14 16:28:43 |
Kees Cook |
linux (Ubuntu Dapper): importance |
Undecided |
Medium |
|
| 2009-08-14 16:28:46 |
Kees Cook |
linux (Ubuntu Hardy): importance |
Undecided |
Medium |
|
| 2009-08-14 16:28:50 |
Kees Cook |
linux (Ubuntu Karmic): importance |
Undecided |
Medium |
|
| 2009-08-14 16:28:54 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Intrepid): importance |
Undecided |
Medium |
|
| 2009-08-14 16:28:56 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Dapper): importance |
Undecided |
Medium |
|
| 2009-08-14 16:29:02 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Karmic): importance |
Undecided |
Medium |
|
| 2009-08-14 16:29:06 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Hardy): importance |
Undecided |
Medium |
|
| 2009-08-14 16:29:11 |
Kees Cook |
linux (Ubuntu Hardy): status |
New |
Triaged |
|
| 2009-08-14 16:29:16 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Jaunty): importance |
Undecided |
Medium |
|
| 2009-08-14 16:29:23 |
Kees Cook |
linux (Ubuntu Karmic): status |
New |
Triaged |
|
| 2009-08-14 16:29:26 |
Kees Cook |
linux (Ubuntu Jaunty): status |
New |
Triaged |
|
| 2009-08-14 16:29:32 |
Kees Cook |
linux (Ubuntu Jaunty): importance |
Undecided |
Medium |
|
| 2009-08-14 16:29:34 |
Kees Cook |
linux (Ubuntu Dapper): status |
New |
Invalid |
|
| 2009-08-14 16:29:55 |
Kees Cook |
linux (Ubuntu Intrepid): importance |
Undecided |
Medium |
|
| 2009-08-14 16:30:01 |
Kees Cook |
linux (Ubuntu Intrepid): status |
New |
Triaged |
|
| 2009-08-14 16:33:59 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Hardy): importance |
Medium |
Undecided |
|
| 2009-08-14 16:34:03 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Jaunty): importance |
Medium |
Undecided |
|
| 2009-08-14 16:34:11 |
Kees Cook |
linux (Ubuntu Dapper): importance |
Medium |
Undecided |
|
| 2009-08-14 16:34:15 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Intrepid): importance |
Medium |
Undecided |
|
| 2009-08-14 16:34:30 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Karmic): importance |
Medium |
Undecided |
|
| 2009-08-14 16:52:19 |
Bug Watch Updater |
linux (Fedora): status |
Unknown |
Confirmed |
|
| 2009-08-14 17:17:16 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
Mitigated, at least against this particular posted exploit, via creating /etc/modprobe.d/mitigate-2692.conf:
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
Mitigated, at least against this particular posted exploit, via creating /etc/modprobe.d/mitigate-2692.conf:
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
|
|
| 2009-08-14 17:34:06 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
Mitigated, at least against this particular posted exploit, via creating /etc/modprobe.d/mitigate-2692.conf:
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
|
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
On dapper, the follow can work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx appletalk rfcomm l2cap bluetooth |
|
| 2009-08-14 17:36:25 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
I ran the exploit on a fully updated dapper server installation and got root from a normal user account.
On dapper, the follow can work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx appletalk rfcomm l2cap bluetooth |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx appletalk rfcomm l2cap bluetooth |
|
| 2009-08-14 17:41:49 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx appletalk rfcomm l2cap bluetooth |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx ipv6 appletalk rfcomm l2cap bluetooth |
|
| 2009-08-14 21:09:47 |
Kees Cook |
description |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx ipv6 appletalk rfcomm l2cap bluetooth |
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
WORK-AROUND:
Ubuntu 8.04 and later have a default setting of 65536 in /proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your value is 0, please purge the "wine" and "dosemu" packages, and reset the value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu 6.06 (Dapper), the following configuration will work around the issue (note this disables IPv6):
sudo -s
cat > /etc/modprobe.d/mitigate-2692.conf << EOM
install ppp_generic /bin/true
install pppoe /bin/true
install pppox /bin/true
install slhc /bin/true
install bluetooth /bin/true
install ipv6 /bin/true
install irda /bin/true
install ax25 /bin/true
install x25 /bin/true
install ipx /bin/true
install appletalk /bin/true
EOM
/etc/init.d/bluez-utils stop
rmmod pppoe pppox ppp_generic slhc ax25 x25 irda crc_ccitt ipx ipv6 appletalk rfcomm l2cap bluetooth |
|
| 2009-08-14 22:21:29 |
mneagul |
removed subscriber mneagul |
|
|
|
| 2009-08-15 15:50:39 |
Kees Cook |
cve linked |
|
2009-1895 |
|
| 2009-08-15 15:51:51 |
Kees Cook |
cve unlinked |
2009-1895 |
|
|
| 2009-08-18 11:41:27 |
Xaweryz |
cve linked |
|
2009-2692 |
|
| 2009-08-18 22:31:54 |
Kees Cook |
cve linked |
|
2009-1895 |
|
| 2009-08-19 05:38:13 |
Kees Cook |
linux (Ubuntu Hardy): status |
Triaged |
Fix Released |
|
| 2009-08-19 05:38:17 |
Kees Cook |
linux (Ubuntu Intrepid): status |
Triaged |
Fix Released |
|
| 2009-08-19 05:38:24 |
Kees Cook |
linux (Ubuntu Jaunty): status |
Triaged |
Fix Released |
|
| 2009-08-19 05:38:28 |
Kees Cook |
linux-source-2.6.15 (Ubuntu Dapper): status |
Triaged |
Fix Released |
|
| 2009-08-19 05:48:07 |
Kees Cook |
linux (Ubuntu Karmic): status |
Triaged |
Fix Released |
|
| 2009-08-21 14:51:29 |
Roman Plessl |
removed subscriber Roman Plessl |
|
|
|
| 2011-04-12 08:03:52 |
Paul Elliott |
removed subscriber Paul Elliott |
|
|
|
| 2011-10-19 16:44:35 |
Jamie Strandboge |
removed subscriber Ubuntu Security Team |
|
|
|
| 2016-01-18 15:37:41 |
Brownout |
removed subscriber Brownout |
|
|
|
| 2017-10-27 12:13:26 |
Bug Watch Updater |
linux (Fedora): status |
Confirmed |
Fix Released |
|
| 2017-10-27 12:13:26 |
Bug Watch Updater |
linux (Fedora): importance |
Unknown |
High |
|
| 2017-10-27 12:13:32 |
Bug Watch Updater |
cve linked |
|
2009-2962 |
|
| 2017-10-27 12:13:32 |
Bug Watch Updater |
bug watch added |
|
https://bugzilla.redhat.com/show_bug.cgi?id=518034 |
|
