Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
BID:13455
Info
Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
| Bugtraq ID: | 13455 |
| Class: | Design Error |
| CVE: |
CVE-2005-1369 |
| Remote: | No |
| Local: | Yes |
| Published: | May 02 2005 12:00AM |
| Updated: | Jul 12 2009 02:06PM |
| Credit: | Announced in the kernel 2.6.11.8 changelog. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Redhat Fedora Core3 Mandriva Linux Mandrake 10.2 x86_64 Mandriva Linux Mandrake 10.2 Linux kernel 2.6.11 .7 |
| Not Vulnerable: |
Linux kernel 2.6.11 .8 |
Discussion
Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
The Linux kernel it87 and via686a drivers create an insecure file that could allow a local user to cause a denial of service condition. This occurs because the created file's permissions allow both read and write.
This issue was reported to affect kernel version 2.6.11.7; earlier versions may also be affected.
The Linux kernel it87 and via686a drivers create an insecure file that could allow a local user to cause a denial of service condition. This occurs because the created file's permissions allow both read and write.
This issue was reported to affect kernel version 2.6.11.7; earlier versions may also be affected.
Exploit / POC
Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
Solution:
This issue has been addressed in kernel version 2.6.11.8:
Ubuntu Linux has released advisory USN-131-1 to address this, and other issues. Please see the referenced advisory for further information.
RedHat Fedora Linux has released advisory FEDORA-2005-392 addressing this issue for Fedora Core 3. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
Linux kernel 2.6.11 .7
Solution:
This issue has been addressed in kernel version 2.6.11.8:
Ubuntu Linux has released advisory USN-131-1 to address this, and other issues. Please see the referenced advisory for further information.
RedHat Fedora Linux has released advisory FEDORA-2005-392 addressing this issue for Fedora Core 3. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
Mandriva Linux has released advisory MDKSA-2005:110 addressing this issue. Please see the referenced advisory for further information.
Linux kernel 2.6.11 .7
-
Linux patch-2.6.11.8.bz2
http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.8.bz2
References
Linux Kernel it87 and via686a Drivers Insecure File Creation Denial of Service Vulnerability
References:
References:
- Summary of changes from v2.6.11.7 to v2.6.11.8 (Linux Kernel)