Vendor Status Note JVNCIAC-Q-204

Linux のカーネルに複数の脆弱性

概要

Linux のカーネルにバッファオーバーフローなどの複数の脆弱性があります。

想定される影響

サービス運用妨害 (DoS) 攻撃をはじめとした様々な影響を受ける可能性があります。

ベンダ情報

ベンダリンク更新日
DebianDebian セキュリティ警告 DSA-1067
kernel-source-2.4.16 -- several vulnerabilities
参考情報

  1. ISS X-Force Database: linux-rtc-memory-leak(13943)
    Linux kernel RTC memory link
  2. ISS X-Force Database: linux-panic-bo(15953)
    Linux Kernel panic function buffer overflow
  3. ISS X-Force Database: linux-dofork-memory-leak(16002)
    Linux Kernel do_fork memory leak
  4. ISS X-Force Database: linux-fsave-frstor-dos(16412)
    Linux Kernel fsave and frstor denial of service
  5. ISS X-Force Database: linux-ia64-info-disclosure(16644)
    Linux kernel ia64 information disclosure
  6. ISS X-Force Database: linux-ia64-dos(16661)
    Linux kernel ia64 denial of service
  7. ISS X-Force Database: linux-usb-gain-privileges(16931)
    Linux Kernel USB allows elevated privileges
  8. ISS X-Force Database: linux-elf-setuid-gain-privileges(18025)
    Linux Kernel ELF setuid allows elevated privileges
  9. ISS X-Force Database: linux-smb-response-dos(18134)
    Linux kernel SMB response denial of service
  10. ISS X-Force Database: linux-smbprocreadxdata-dos(18135)
    Linux kernel smb_proc_readX_data denial of service
  11. ISS X-Force Database: linux-smbreceivetrans2-dos(18136)
    Linux kernel smb_receive_trans2 denial of service
  12. ISS X-Force Database: linux-smbrecvtrans2-memory-leak(18137)
    Linux kernel smb_recv_trans2 memory leak
  13. ISS X-Force Database: linux-afunix-race-condition(18230)
    Linux kernel AF_UNIX race condition
  14. ISS X-Force Database: linux-aout-binary-dos(18290)
    Linux kernel a.out binary denial of service
  15. ISS X-Force Database: linux-ioedgeport-bo(18433)
    Linux Kernel io_edgeport driver integer overflow
  16. ISS X-Force Database: linux-scmsend-dos(18483)
    Linux Kernel scm_send denial of service
  17. ISS X-Force Database: linux-vcresize-dos(18523)
    Linux kernel vc_resize denial of service
  18. ISS X-Force Database: linux-ipoptionsget-memory-leak(18524)
    Linux kernel ip_options_get memory leak
  19. ISS X-Force Database: linux-loadelfbinary-dos(18687)
    Linux kernel load_elf_binary denial of service
  20. ISS X-Force Database: linux-uselib-gain-privileges(18800)
    Linux kernel uselib gain privileges
  21. ISS X-Force Database: linux-moxa-bo(18821)
    Linux kernel MOXA serial driver buffer overflow
  22. ISS X-Force Database: linux-fault-handler-gain-privileges(18849)
    Linux kernel SMP page fault handler gain privileges
  23. ISS X-Force Database: linux-vma-gain-privileges(18886)
    Linux kernel overlapping VMA gain privileges
  24. ISS X-Force Database: linux-codapioctl-bo(18989)
    Linux Kernel coda_pioctl function buffer overflow
  25. ISS X-Force Database: linux-kernel-ppp-dos(19710)
    Linux Kernel PPP server denial of service
JPCERT 緊急報告
JPCERT REPORTJPCERT-WR-2006-2001 ( 2006-05-31 )
CIAC BulletinQ-204 Linux Kernel Vulnerabilties ( 2006-05-22 )
CVE2004-0427 [CVE+] XF16002
2005-0489 [CVE+]
2004-0394 [CVE+] XF15953
2004-0447 [CVE+] XF16661
2004-0554 [CVE+] XF16412
2004-0565 [CVE+] XF16644
2004-0685 [CVE+] XF16931
2005-0001 [CVE+] XF18849
2004-0883 [CVE+] XF18134,XF18135,XF18136
2004-0949 [CVE+] XF18137
2004-1016 [CVE+] XF18483
2004-1333 [CVE+] XF18523
2004-0997 [CVE+]
2004-1335 [CVE+] XF18524
2004-1017 [CVE+] XF18433
2005-0124 [CVE+] XF18989
2005-0528 [CVE+]
2003-0984 [CVE+] XF13943
2004-1070 [CVE+] XF18025
2004-1071 [CVE+] XF18025
2004-1072 [CVE+] XF18025
2004-1073 [CVE+] XF18025
2004-1074 [CVE+] XF18290
2004-0138 [CVE+]
2004-1068 [CVE+] XF18230
2004-1234 [CVE+] XF18687
2005-0003 [CVE+] XF18886
2004-1235 [CVE+] XF18800
2005-0504 [CVE+] XF18821
2005-0384 [CVE+] XF19710
2005-0135 [CVE+]
PGP署名JVNCIAC-Q-204.html.sig
登録日7:57 2006/06/04
更新日7:57 2006/06/04

Copyright(C) 2002-2009 Keio Univ. All rights reserved.