绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

Linux Kernel sock.c SO_BSDCOMPAT选项信息泄露漏洞

发布日期：2009-02-20
更新日期：2009-02-23

受影响系统：

Linux kernel 2.6.x

不受影响系统：

Linux kernel 2.6.28.6

描述：

BUGTRAQ  ID: 33846
CVE(CAN) ID: CVE-2009-0676

Linux Kernel是开放源码操作系统Linux所使用的内核。

在Linux Kernel的net/core/sock.c文件的sock_getsockopt()函数中，如果设置了SO_BSDCOMPA选项的话optval v.val就会被错误的初始化并直接返回给用户域，导致信息泄露。

<*来源：Clement Lecigne

  链接：https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=486305
        http://www.debian.org/security/2009/dsa-1749
*>

测试方法：

警告

以下程序(方法)可能带有攻击性，仅供安全研究与教学之用。使用者风险自负！

https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=486305

建议：

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1749-1）以及相应补丁:
DSA-1749-1：New Linux 2.6.26 packages fix several vulnerabilities
链接：http://www.debian.org/security/2009/dsa-1749

补丁下载：
Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-13lenny2.diff.gz
Size/MD5 checksum:  7582454 57f388d55f402654ff834b30b22aadef
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-13lenny2.dsc
Size/MD5 checksum:     5777 6bc12d58cd44d1965c3407ea2b1d9e77

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-1_2.6.26-13lenny2_all.deb
Size/MD5 checksum:   117120 d801fa4d8fe73c8e8cbaa751e90e65e8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum:  2119816 9d47a407a3776ff118fa001a296637b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum:  1791570 b4d9768d893217fab73ae97671a67b0f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum:  4839432 7cbd07be5f1151314956fb140222f4fe
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum:   101012 1390d6893523763bcdaf6fa027e00df8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-13lenny2_all.deb
Size/MD5 checksum: 49373366 fd387b044907eb8790ec5de77c6fbd99

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-alpha-smp_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   359408 f2114f6b9993649ff7c68377a415720d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-alpha-smp_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 29037748 d3eb6a17a81b069aadf0e6337b5ed175
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:  3537284 07f52b2c33e58815bf1b0cb23e8ab685
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   100690 2f461b903298324fd2800f0b6d280247
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   735136 5a96b37d713b08aca2f1e76d3ed1e7e4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-alpha-generic_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   359332 33dc1ad2de67839f782c6a26d3e99b15
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-alpha-legacy_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   358560 0d25cf1164f05ea74b9ae73ded1ce138
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-alpha_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum:   100710 8f5925ca09d3bea0db33553cf0b3327c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-alpha-generic_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 28340606 4ef401665201b527218aa8bab99881c1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-alpha-legacy_2.6.26-13lenny2_alpha.deb
Size/MD5 checksum: 28319388 1eebddb5b7a6380d75b0b018ab77d1b3

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-xen-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   384486 ec589dcb03b4d6c99e0fe73eae1d0a89
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum: 20898920 514e992547bcb32c27f23d854078369b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-openvz-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum: 21061346 14f95ff082d72e8e7e3dcba866629065
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-openvz_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:  3848196 f892a258a15542ebfd32a3076431e7d1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   758938 d170123856cdd9f640030e9894dac632
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-vserver_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:  3827752 dbc6d06a99a7dac64261be7fb9486bfc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-xen-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:  1798532 073bfaeee8ffcf352edf6ed4b6de9a08
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-1-xen-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   100666 61ba1753bc05bf1c25637329986c7932
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum: 20925582 420b5ea13af5ba149ee50b8a315f10ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-1-xen-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum: 19294988 41ab6b69c93d6d830b8b9ffaf208e425
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:  3791534 86cb2b581089e86285bab62dd5576f86
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   100680 148324b2b5468c3777ab4fa4ca1680df
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-xen_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:  3932422 e08966d7aa505df718c2b4d779e5c5ba
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   389866 c69115fe9306f5eeaf85d1390e34ae86
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   388788 2cb3e462c96b4301605e69ffc2bff4f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   100716 b694e83baec747d58e90a37039d41763
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-openvz-amd64_2.6.26-13lenny2_amd64.deb
Size/MD5 checksum:   394994 119e85aadee68e89f951ce716a5b3123

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-footbridge_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   344188 e40ec8b9cf763fbd6acc9a7de8ef6b2f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   100582 bfee3dfbd4444fa1864036d42cc93df6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-orion5x_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   351748 2b507b15473afe44df64d5ccc157791a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-orion5x_2.6.26-13lenny2_arm.deb
Size/MD5 checksum: 11167860 de74faea715aaee2755e86d42e45df21
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-ixp4xx_2.6.26-13lenny2_arm.deb
Size/MD5 checksum: 11466532 d6f8aefa3f0e4a5995fff64b20a05ba4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-iop32x_2.6.26-13lenny2_arm.deb
Size/MD5 checksum: 12187796 3b1c8e55a0f023d83ea73734cf2db0ff
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-arm_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   100610 2068fc765ec5998132fa23dcd2326f81
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-ixp4xx_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   354788 24c8c94f6c7fcff346503556c6209fac
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-iop32x_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   358316 cf42ed4467f4636cd514dd7f53bd4f06
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:   741708 4239c4ddffc168020fe070ce4ae42362
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-footbridge_2.6.26-13lenny2_arm.deb
Size/MD5 checksum: 10236258 13bab8504d1c26a35c79b406b8fc7529
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_arm.deb
Size/MD5 checksum:  4129136 8c7bc759f2a1632fd4bacca8735b1de7

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:  4125704 34432a73f81ca9c120d4f4aecbb5d078
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   100702 5cb91fed45e9083452ef4209939826c5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-orion5x_2.6.26-13lenny2_armel.deb
Size/MD5 checksum: 11127614 bd27327e8b3433a0c9b733f681fa0bcd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-ixp4xx_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   355828 c7d7298975cdbc980726c18b8ace5552
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-versatile_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:  9404458 65d4104e8e98d22221a645e1dc527b58
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-iop32x_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   358548 8fedf72706f88e3a35cfa2503951da53
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-ixp4xx_2.6.26-13lenny2_armel.deb
Size/MD5 checksum: 11432578 4c793a13130137db2c39dc417d7eb91a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   741378 c481b5aaf58a2de7b6ce41839ff365ec
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-armel_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   100734 0a8304621d58a6376e211a118efd6df9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-iop32x_2.6.26-13lenny2_armel.deb
Size/MD5 checksum: 12147690 3ae6a14fd310eefc18271736597ca223
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-orion5x_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   352876 eafdf84b0f693435d626112ee426ccb1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-versatile_2.6.26-13lenny2_armel.deb
Size/MD5 checksum:   328610 2d485d81ccab49e1d7793bdef13a46f2

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-parisc64_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum: 16935920 6d13045e0b12d2371a64b33ce30b6e38
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-parisc-smp_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum: 16198412 f2e96f20c6c0961cb6d473d05dbfc3cf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-hppa_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   100716 992c365939a00d758b2132b1b38d5cd2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   752478 b590e2c61c0c5e759b1ef59d91524623
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-parisc64-smp_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum: 17488560 0094ffeb1fcbdc65bec66a4810e0be8a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:  3587486 1548dcf7f2f7cd53e03559cd4dc8045e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-parisc64_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   292034 ed3e849087da2acaf689ad18c7378407
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-parisc_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum: 15608878 13b6885d3174d6b2a517584303417521
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-parisc-smp_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   292900 854458ca3fc90965c94054b9139b41ca
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   100692 0e49837f52ff7a22be6985c5ec5039be
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-parisc_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   291258 fd32dcf3ee713e1b7bcd9523ea011547
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-parisc64-smp_2.6.26-13lenny2_hppa.deb
Size/MD5 checksum:   293418 18fa10ffb774ab15ea71af159da4d3dd

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-686-bigmem_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20388130 6ebd096d2843719770894cf44ac15b9b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-openvz-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   404488 8a5e77df63044b5bdb1f8f7a3f42a7d4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-686-bigmem_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20362130 784721fb557989325586e4d780f66082
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-amd64_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   387174 557ce7e8f0d1f92e8348912b0bee8573
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   398560 707e13aadffb7fd24ca154838ff32064
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-686-bigmem_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   397744 adb185b12dcb09e4e08b68dc24b9ec98
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-xen-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   385026 44387ad960bc5403e856c4e58aeacbc1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   100568 c7585ec7af4240a2ea70eadc11b294d9
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-1-xen-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   100562 80c4d273b16b73278ca07e0362096ab3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-xen_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:  3932472 ca20b333ee42443cf01f0ca0b5fd1749
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-686-bigmem_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   397958 fb6e3a3258135e001333789f2caaf1f4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-1-xen-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 18060354 de8643dc84eb94af0fa1f4c20b5c8f43
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   756434 c91c4fc0d4621ed38633a959e31eafc7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-xen-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:  1585752 bf72cc1851c7637c9d10ce19e1d0e95e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-openvz_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:  3850580 c64877c1681a1603636d488bace7efce
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20251438 8aff20c68f11679878926151f2a13ce1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-amd64_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20884304 8f798106a4b65bb5352b28b1d4f22631
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   397218 b5f23ef6f9ba1cf809046249f84760b5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-i386_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   100618 ed74be7795fa9421975e00c027077c0e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-486_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:   397248 c3dc9d344927b1cd3a2b86b450fb0579
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20270484 1e09b4af4766bd891b1245924f59699e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-486_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20212758 b5b9c8ce939c2fb8a33ca99499c7255d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:  3792102 d587a4cb2790c63904c6aa0992c235c1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-openvz-686_2.6.26-13lenny2_i386.deb
Size/MD5 checksum: 20524538 432fc891e5e861a71289335fe5fdd927
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-vserver_2.6.26-13lenny2_i386.deb
Size/MD5 checksum:  3827226 bed45339a0753fbbdd36031c770eb3e4

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-itanium_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum: 34068326 b27cb8efeca382d34cfb905084380cc0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-mckinley_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   356424 e83b53a46e3d7cbf9d56ebcea6b6fcea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   100570 69e2bc66133f6dd1da57f8fee5028e67
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-mckinley_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum: 34250170 109a07d1dbaae34f3c8d779bac39c980
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-itanium_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   354794 37fb81b45f4a1a993daf851804911581
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-mckinley_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum: 34176526 619321793ed714d480c875fbac22a227
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-ia64_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   100606 a36c463bf27e1d9d323ec07d2aa34a65
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-itanium_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum: 33995932 3b1615bf92e0770444197b6a5619116d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:  3717600 8abb16a4724080eeb65fefea0604add3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-itanium_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   354208 7f58a3fab7a63b05862116d486313c77
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   756170 85d062a9d6ce206cae33b61a02bc12bb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-vserver_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:  3753402 1b84e2b361e66c0d1726b9e9e9c69a55
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-mckinley_2.6.26-13lenny2_ia64.deb
Size/MD5 checksum:   354938 a51e7dd92f8f23263c13ae7425b3c0be

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:  3956146 e137e10b540dcfdd342831dd9375cc09
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-4kc-malta_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   347970 934922596d04edb47bc23dbe86d03051
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   100578 3d574653bdce5f93b858615e5ac90413
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-sb1-bcm91250a_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 19990578 e53e9d9d291e1b6e315b49086783505c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-r5k-ip32_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 15683128 91d6994a6cb8a604f0d758cdcd831443
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-mips_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   100628 e92940cbee96e371e0e488bd7d45d2d5
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-sb1a-bcm91480b_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   291790 988851c7b39981eccba10691b3bc6005
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-r4k-ip22_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   251428 12c62a9f54cf5fbba1946fd3da08ff39
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-5kc-malta_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 29175140 7f01b2468f1dd1c932ac700da6f655dd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-r4k-ip22_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 11425960 1f14f31d47d465292eb92d498d9cf024
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-sb1-bcm91250a_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   292372 c6a43a5470ea33b1db6d59954f6d2e2f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-sb1a-bcm91480b_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 19982212 97e7fa658462e982e865b77cc1b884e3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-r5k-ip32_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   275558 a90b7c316db36895e7782ae5c6303519
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-4kc-malta_2.6.26-13lenny2_mips.deb
Size/MD5 checksum: 23314832 14867a92d5142c0ca59f4ca25bc509ba
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   751788 f923d34e1493ab302aa1cef96f5a76ea
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-5kc-malta_2.6.26-13lenny2_mips.deb
Size/MD5 checksum:   347264 090c66958d6b79b8849b3182737835eb

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-5kc-malta_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum: 28232344 6dce2b56e7ca29a6eb3e87ef0b172365
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-sb1a-bcm91480b_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum: 19367502 a4c11d0004261e29de4ac4cf662795fd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-mipsel_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   100740 068848ab87ed111d4c19e0d5053dace2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-r5k-cobalt_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   284480 04e32302cfb38441046d19b6ff8d524d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-sb1a-bcm91480b_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   288908 c750c63a1743fb2ffe013dbe3006dae1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-r5k-cobalt_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum: 14876318 5da2813673b251e955cf9da33d8299d8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   736256 38cf4bdce3d8218faa8319d4b11af81e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-sb1-bcm91250a_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   289388 3d20bc6ddc838b30a5074a5ef3f3ff4b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-5kc-malta_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   343064 d68eed9acea6eeb7912ed4a0fa6043cf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-sb1-bcm91250a_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum: 19380782 1cfddadbde5c6eedd1cf2d0336ab5a1b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-4kc-malta_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum: 22767252 382c5dfc0d862a1a01b6cbd3a2c130c6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-4kc-malta_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   343836 94c4c48161066836b85dd120e46e4c6e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:   100692 9a54e78790c22ecf8a635b4b611c74d6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_mipsel.deb
Size/MD5 checksum:  3884246 a7e02c6dc2b37da40138a86161bebbaf

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   100694 124e595c1db7de1065e5cf23e811ff7f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all-powerpc_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   100730 0f4829650838d82811f3e62e25e9de6a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-powerpc64_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   363744 f6961e0c7cb557b12068f0ebb5a3d6b8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-powerpc-smp_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   354956 951d6558231983c9b1be645c8cf96ffa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-powerpc_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum: 22992862 ba9afa2d7128564d6b2d5fcb02a640fa
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-powerpc64_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum: 23295112 b4f45978a7b565087b2146740409d723
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   737192 e06b4fd4fb58ddedc976b1c973c22c96
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-powerpc_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   354380 e096b54de7b17f481057afccea2d45a8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:  3771432 9aba629e50cf1566a94899bf865e6c57
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-powerpc_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   356106 fc8965e71ebc2b87be8aede9cbf6c2a8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-powerpc64_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum: 23244470 6cb850f9582d091c926d9020e0cadda1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-powerpc64_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:   362352 4431d782cbb3f9f8d5d274a42a5573af
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-common-vserver_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum:  3803836 a2fdf7846ed073e7bf3198a55c7d372e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-powerpc_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum: 23422286 2730b7a99f751f7fb9932cc9e6723cb8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-powerpc-smp_2.6.26-13lenny2_powerpc.deb
Size/MD5 checksum: 23393024 a8568338080f5f5be2956778b27d20e8

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-vserver-s390x_2.6.26-13lenny2_s390.deb
Size/MD5 checksum:  7827212 1a5af98f62e42522799931c43075b5b4
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-vserver-s390x_2.6.26-13lenny2_s390.deb
Size/MD5 checksum:   224768 6e6b2b68c37631ae29a944422a5100c9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-s390_2.6.26-13lenny2_s390.deb
Size/MD5 checksum:   222558 3736d9f7c3303291ec09f786bd98a7bb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-1-s390_2.6.26-13lenny2_s390.deb
Size/MD5 checksum:  7477888 add4801a8418ab9854d7812d6af89260
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-1-all_2.6.26-13lenny2_s390.deb
Size/MD5 checksum:   100682 067cee9ff62051af29277b4f5

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

Linux
-----
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.28.6.bz2

浏览次数：4554
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客