사이트 내 전체검색
리눅스 커널 Time_Out_Leases PrintK 로컬 서비스 거부 취약점
로빈아빠
https://cmd.kr/server/793 URL이 복사되었습니다.

본문

Bugtraq ID:  15627 
Class:  Design Error 
CVE:  CVE-2005-3857 
Remote:  No 
Local:  Yes 
Published:  Nov 29 2005 12:00AM 
Updated:  Dec 09 2005 08:49PM 
Credit:  This issue was reported to the vendor by Avi Kivity. 
Vulnerable:  Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
RedHat Fedora Core4
Linux kernel 2.6.15 -rc2
Linux kernel 2.6.15 -rc1
Linux kernel 2.6.14 .2
Linux kernel 2.6.14 .1
Linux kernel 2.6.14 -rc4
Linux kernel 2.6.14 -rc3
Linux kernel 2.6.14 -rc2
Linux kernel 2.6.14 -rc1
Linux kernel 2.6.14
Linux kernel 2.6.13 .4
Linux kernel 2.6.13 .3
Linux kernel 2.6.13 .2
Linux kernel 2.6.13 .1
Linux kernel 2.6.13 -rc7
Linux kernel 2.6.13 -rc6
Linux kernel 2.6.13 -rc4
Linux kernel 2.6.13 -rc1
Linux kernel 2.6.13
Linux kernel 2.6.12 .5
Linux kernel 2.6.12 .4
Linux kernel 2.6.12 .3
Linux kernel 2.6.12 .2
Linux kernel 2.6.12 .1
Linux kernel 2.6.12 -rc5
Linux kernel 2.6.12 -rc4
Linux kernel 2.6.12 -rc1
Linux kernel 2.6.11 .8
Linux kernel 2.6.11 .7
Linux kernel 2.6.11 .6
Linux kernel 2.6.11 .5
Linux kernel 2.6.11 .12
Linux kernel 2.6.11 .11
Linux kernel 2.6.11 -rc4
Linux kernel 2.6.11 -rc3
Linux kernel 2.6.11 -rc2
Linux kernel 2.6.11
+ RedHat Fedora Core4
Linux kernel 2.6.10 rc2
Linux kernel 2.6.10
+ RedHat Fedora Core2
+ RedHat Fedora Core3
+ Trustix Secure Linux 3.0
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
Linux kernel 2.6.9
Linux kernel 2.6.8 rc3
Linux kernel 2.6.8 rc2
Linux kernel 2.6.8 rc1
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ppc
Linux kernel 2.6.8
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.2 x86_64
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ppc
Linux kernel 2.6.7 rc1
Linux kernel 2.6.7
Linux kernel 2.6.6 rc1
Linux kernel 2.6.6
Linux kernel 2.6.5
+ S.u.S.E. Linux Enterprise Server 9
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1 x86_64
Linux kernel 2.6.4
Linux kernel 2.6.3
Linux kernel 2.6.2
Linux kernel 2.6.1 -rc2
Linux kernel 2.6.1 -rc1
Linux kernel 2.6.1
Linux kernel 2.6 .10
Linux kernel 2.6 -test9-CVS
Linux kernel 2.6 -test9
Linux kernel 2.6 -test8
Linux kernel 2.6 -test7
Linux kernel 2.6 -test6
Linux kernel 2.6 -test5
Linux kernel 2.6 -test4
Linux kernel 2.6 -test3
Linux kernel 2.6 -test2
Linux kernel 2.6 -test11
Linux kernel 2.6 -test10
Linux kernel 2.6 -test1
Linux kernel 2.6


Not Vulnerable:  Linux kernel 2.6.15 -rc3


세부설명
========
리눅스 커널은 로컬 서비스 거부 취약점을 가지고 있다.

이 문제는 수많은 파일 잠금 기간을 얻는 것에 의한 과도한 커널 로그 메모리의 낭비에 의해 발생되어진다. 기간이 종료되면, 이벤트가 기록되어 지고, 커널 메모리는 소비되어질 것이다.

이 문제는 로컬 공격자들의 과도한 커널 메모리 낭비를 허용하고, 결국 메모리-고갈 상태와 합법적인 사용자들에 대한 서비스 거부를 발생시킨다.

2.6.15-rc3 이전의 커널 버젼은 이 문제에 대한 취약점을 가지고 있다.

해결책
========
RedHat은 ReadHat Fedora Core 4의 패치와 함께 권고안 FEDORA-2005-1104를 발표했다. 더 많은 정보에 대해서는 첨부된 권고들을 보기 바란다.

Trustix Secure Linux는 여러 문제에 대한 패치와 함께 권고안 TSLSA-2005-0070을 발표했다. 더 많은 정보에 대해서는 첨부된 권고들을 보기 바란다.

리눅스 커널 2.6.15-rc3 버젼은 이 문제에 대해 발표했다.:


Linux kernel 2.6 -test6

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test11

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test9-CVS

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 .10

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test5

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test7

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test9

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test8

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6 -test10

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.1 -rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.1 -rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.10 rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.10

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .6

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .12

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 -rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .5

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 -rc3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 -rc4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .11

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .7

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.11 .8

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 .4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 .3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 .1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 .5

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 -rc4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 .2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 -rc5

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.12 -rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 -rc4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 .3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 -rc7

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 -rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 .2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 .4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 -rc6

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.13 .1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14 -rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14 -rc3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14 -rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14 -rc4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.14 .1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.15 -rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.15 -rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.4

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.5

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.6 rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.6

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.7 rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.7

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.8 rc3

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.8 rc2

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.8 rc1

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.8

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2


Linux kernel 2.6.9

Linux Patch patch-2.6.15-rc3.bz2
http://kernel.org/pub/linux/kernel/v2.6/testing/patch-2.6.15-rc3.bz2

레퍼런스
========
권고:
Fedora Core 4 Update: kernel-2.6.14-1.1644_FC4 (RedHat )
- http://www.securityfocus.com/advisories/9777
multi (Trustix )
- http://www.securityfocus.com/advisories/9835

레퍼런스:
[PATCH] VFS: local denial-of-service with file leases (Linux Kernel)
- http://linux.bkbits.net:8080/linux-2.6/cset@437a05c4iitlvmAoQbx7eisMxOEosw
Linux Kernel 2.6.15-rc3 ChangeLog (Linux Kernel)
- http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.15-rc3
local denial-of-service with file leases (Avi Kivity)
- http://marc.theaimsgroup.com/?l=linux-kernel&m=113164207114517&w=2

댓글목록

등록된 댓글이 없습니다.

1,139 (19/23P)

Search

Copyright © Cmd 명령어 3.17.181.122