BID:13091

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

Info

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

Bugtraq ID:	13091
Class:	Boundary Condition Error
CVE:	CVE-2005-0867 CVE-2004-2302
Remote:	No
Local:	Yes
Published:	Mar 24 2005 12:00AM
Updated:	Jul 12 2009 12:56PM
Credit:	Alexander Nyberg is credited with the discovery of this issue.
Vulnerable:	Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux AS 4 Redhat Desktop 4.0 Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Linux kernel 2.6.11 .6 Linux kernel 2.6.11 .5 Linux kernel 2.6.11 + Redhat Fedora Core4 Linux kernel 2.6.10 + Redhat Fedora Core3 + Redhat Fedora Core2 + Trustix Secure Linux 3.0 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 Linux kernel 2.6.9 Linux kernel 2.6.8 rc3 Linux kernel 2.6.8 rc2 Linux kernel 2.6.8 rc1 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Linux kernel 2.6.8 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Linux kernel 2.6.7 rc1 Linux kernel 2.6.7 Linux kernel 2.6.6 rc1 Linux kernel 2.6.6 Linux kernel 2.6.5 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + S.u.S.E. Linux Personal 9.1 + SuSE Linux Enterprise Server 9 Linux kernel 2.6.4 Linux kernel 2.6.3 Linux kernel 2.6.2 Linux kernel 2.6.1 -rc2 Linux kernel 2.6.1 -rc1 Linux kernel 2.6.1 Linux kernel 2.6 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1

Not Vulnerable:

Discussion

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

A local integer overflow vulnerability affects the Linux kernel. This issue is due to a mismanagement of integer signedness by the affected '/sys' file system.

An attacker may leverage this issue to crash the affected computer or potentially run arbitrary code in the context of the superuser, facilitating privilege escalation.

Exploit / POC

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Solution / Fix

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

Solution:
SuSE has released advisory SUSE-SA:2005:018 along with fixes dealing with this issue. Please see the referenced advisory for more information.

Ubuntu Linux has released advisory USN-110-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.

RedHat has released advisory RHSA-2005:366-19 to address this, and other issues in RedHat Enterprise Linux 4, and RedHat Desktop 4 operating systems. Please see the referenced advisory for further information.

SUSE has released advisory SUSE-SA:2005:044 to address various issues. Please see the referenced advisory for more information.

Mandriva has released advisory MDKSA-2005:218 to address various issues affecting the Linux Kernel. Please see the referenced advisory for more information.

Mandriva has released advisory MDKSA-2005:219 to address various issues affecting the Linux Kernel in Mandrake Linux 10.1. Please see the referenced advisory for more information.

Debian GNU/Linux has released advisory DSA 922-1, along with fixes to address multiple kernel issues. Please see the referenced advisory for further information.

Linux kernel 2.6.3

Mandriva kernel-source-stripped-2.6.3-29mdk.x86_64.rpm
Corporate 3.0/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-2.6.3.29mdk-1-1mdk.x86_64.rpm
Corporate 3.0/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-enterprise-2.6.3.29mdk-1-1mdk.i586.rpm
Corporate 3.0:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.3.29mdk-1-1mdk.i586.rpm
Corporate 3.0:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.3.29mdk-1-1mdk.x86_64.rpm
Corporate 3.0/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-smp-2.6.3.29mdk-1-1mdk.i586.rpm
Corporate 3.0:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-source-2.6.3-29mdk.i586.rpm
Corporate 3.0:
http://www1.mandrivalinux.com/en/ftp.php3

Linux kernel 2.6.4

SuSE kernel-bigsmp-2.6.4-54.3.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6 .4-54.3.i586.patch.rpm

SuSE kernel-bigsmp-2.6.5-7.151.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6 .5-7.151.i586.rpm

SuSE kernel-default-2.6.5-7.151.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2. 6.5-7.151.i586.rpm

SuSE kernel-default-2.6.5-7.151.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-defaul t-2.6.5-7.151.x86_64.rpm

SuSE kernel-docs-2.6.5-7.151.noarch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/noarch/kernel-docs-2.6 .5-7.151.noarch.rpm

SuSE kernel-smp-2.6.5-7.151.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5- 7.151.i586.rpm

SuSE kernel-smp-2.6.5-7.151.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2. 6.5-7.151.x86_64.rpm

SuSE kernel-source-2.6.5-7.151.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6 .5-7.151.i586.rpm

SuSE kernel-source-2.6.5-7.151.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source -2.6.5-7.151.x86_64.rpm

SuSE kernel-syms-2.6.5-7.151.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-syms-2.6.5 -7.151.i586.rpm

SuSE kernel-syms-2.6.5-7.151.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-syms-2 .6.5-7.151.x86_64.rpm

SuSE ltmodem-2.6.2-38.14.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/ltmodem-2.6.2-38. 14.i586.rpm

Linux kernel 2.6.8 rc1

Mandriva kernel-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-2.6.8.1.26mdk-1-1mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-enterprise-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-i586-up-1GB-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-i686-up-64GB-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.8.1.26mdk-1-1mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-smp-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-smp-2.6.8.1.26mdk-1-1mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-source-2.6-2.6.8.1-26mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-source-2.6-2.6.8.1-26mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-source-stripped-2.6-2.6.8.1-26mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-source-stripped-2.6-2.6.8.1-26mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Ubuntu linux-doc-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-doc-2.6.8.1_2.6.8.1-16.14_all.deb

Ubuntu linux-headers-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb

Ubuntu linux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_amd64.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_i386.deb

Ubuntu linux-headers-2.6.8.1-5_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-headers-2.6.8.1-5_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-386_2.6.8.1-16.14_i386.deb

Ubuntu linux-image-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-686-smp_2.6.8.1-16.14_i386.deb

Ubuntu linux-image-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-686_2.6.8.1-16.14_i386.deb

Ubuntu linux-image-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-generic_2.6.8.1-16.14_amd64.deb

Ubuntu linux-image-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-k8-smp_2.6.8.1-16.14_amd64.deb

Ubuntu linux-image-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-k8_2.6.8.1-16.14_amd64.deb

Ubuntu linux-image-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-amd64-xeon_2.6.8.1-16.14_amd64.deb

Ubuntu linux-image-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-k7-smp_2.6.8.1-16.14_i386.deb

Ubuntu linux-image-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-k7_2.6.8.1-16.14_i386.deb

Ubuntu linux-image-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power3-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power3_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power4-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-power4_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-powerpc-smp_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-image-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-image-2.6.8.1-5-powerpc_2.6.8.1-16.14_powerpc.deb

Ubuntu linux-patch-debian-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-patch-debian-2.6.8.1_2.6.8.1-16.14_all.deb

Ubuntu linux-source-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-source-2.6.8.1_2.6.8.1-16.14_all.deb

Ubuntu linux-tree-2.6.8.1_2.6.8.1-16.14_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/lin ux-tree-2.6.8.1_2.6.8.1-16.14_all.deb

Linux kernel 2.6.8

Mandriva kernel-i586-up-1GB-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-i686-up-64GB-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-secure-2.6.8.1.26mdk-1-1mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-smp-2.6.8.1.26mdk-1-1mdk.i586.rpm
Mandriva Linux 10.1:
http://www1.mandrivalinux.com/en/ftp.php3

Mandriva kernel-smp-2.6.8.1.26mdk-1-1mdk.x86_64.rpm
Mandriva Linux 10.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3

SuSE Intel-536ep-4.69-5.6.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/Intel-536ep-4.69- 5.6.i586.rpm

SuSE kernel-bigsmp-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-bigsmp-2.6 .8-24.13.i586.rpm

SuSE kernel-default-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-default-2. 6.8-24.13.i586.rpm

SuSE kernel-default-2.6.8-24.13.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-default- 2.6.8-24.13.x86_64.rpm

SuSE kernel-docs-2.6.8-24.13.noarch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/noarch/kernel-docs-2.6 .8-24.13.noarch.rpm

SuSE kernel-smp-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-smp-2.6.8- 24.13.i586.rpm

SuSE kernel-smp-2.6.8-24.13.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-smp-2.6. 8-24.13.x86_64.rpm

SuSE kernel-source-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-source-2.6 .8-24.13.i586.rpm

SuSE kernel-syms-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-syms-2.6.8 -24.13.i586.rpm

SuSE kernel-syms-2.6.8-24.13.x86_64.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/kernel-syms-2.6 .8-24.13.x86_64.rpm

SuSE kernel-um-2.6.8-24.13.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/kernel-um-2.6.8-2 4.13.i586.rpm

SuSE ltmodem-8.31a8-6.6.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/ltmodem-8.31a8-6. 6.i586.rpm

References

Linux Kernel SYSFS_Write_File Local Integer Overflow Vulnerability

References:

RHSA-2005:366-19 - kernel security update (RedHat)