绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

Linux Kernel nfsd CAP_MKNOD绕过安全限制漏洞

发布日期：2009-03-23
更新日期：2009-03-24

受影响系统：

Linux kernel 2.6.x

描述：

BUGTRAQ  ID: 34205
CVE(CAN) ID: CVE-2009-1072

Linux Kernel是开放源码操作系统Linux所使用的内核。

Linux Kernel的nfsd线程在处理来自非root用户请求时没有丢弃CAP_MKNOD权限，这允许非特权客户端在以root_squash选项导出的文件系统上创建设备节点。

这个漏洞的起因是CAP_MKNOD允许用户在本地主机上执行vfs_mknod(...)函数，该函数会调用nfs模块中向NFS服务器发送请求的通讯函数，而nfsd在扮演为该用户的时候不会在nfsd_setuser(...)函数中丢弃CAP_MKNOD。

<*来源：Igor Zhbanov （izh1979@gmail.com）

  链接：http://secunia.com/advisories/34422/
        http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=76a67ec6fb79ff3570dcb5342142c16098299911
        http://thread.gmane.org/gmane.linux.kernel/805280
        https://www.redhat.com/support/errata/RHSA-2009-1106.html
        http://www.debian.org/security/2009/dsa-1800
*>

建议：

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1800-1）以及相应补丁:
DSA-1800-1：New Linux 2.6.26 packages fix several vulnerabilities
链接：http://www.debian.org/security/2009/dsa-1800

补丁下载：
Source archives:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny2.diff.gz
Size/MD5 checksum:  7329571 1bce8a02959ba560840a7ddf3c85d903
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz
Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny2.dsc
Size/MD5 checksum:     5777 5a7ff16752f5110837e60b4a5c8e9000
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2.dsc
Size/MD5 checksum:     1272 46e99e7c41b6ab88585e915a38834af2
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2.diff.gz
Size/MD5 checksum:    13274 692ffd3b2e648159d13941cffe052413
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um.orig.tar.gz
Size/MD5 checksum:    12566 58cd8b7f3a51b2272c9afc10b81551cc

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-15lenny2_all.deb
Size/MD5 checksum:   119468 9ad04974bda322d3bbef07498f30a9d6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-15lenny2_all.deb
Size/MD5 checksum:  1757514 bb327a7a975d8c99f17dfd155a2a72a2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-15lenny2_all.deb
Size/MD5 checksum:   104110 bdd9af9837d54a8fb50129861c97dc8f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-15lenny2_all.deb
Size/MD5 checksum: 48700438 49386b86f3c839ac6fcdb18bd8c29c04
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-15lenny2_all.deb
Size/MD5 checksum:  2261264 29b2eb0593f8a91f2d0ec226d273b9da
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-15lenny2_all.deb
Size/MD5 checksum:  4624712 dd7e6ff69cf56f23c60496ff73f7298b

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   751056 dafcb057c2a435bd9df498619e29e1a7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   369566 f56eadc0219fd2a2747b83ba4ab8eacb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum: 28444362 7550723b98c8449b38be12f9878d3778
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:  3608062 b9ef0cc9e5c6d91626182ae4dd6ba8e8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   369154 f93e3de04d17cbe97485014d90f3c28c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   369350 7f2fd6ba761701961161a47a96072689
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   103660 bdc8b2803a3e66f5359f256270d6f5ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum:   103676 ed05e6468ab11308e64166a3ee12e881
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-15lenny2_alpha.deb
Size/MD5 checksum: 29151222 870766e5b3f04cf9c035cbeac559938a

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   392188 0654ee97b3c916c94e101a28e62b7758
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:  3935410 078ccbf5fd16712f8bf5ff151de046c9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum: 20918522 69de946d1bfb38db74dd37dc11bb77a2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   392818 ab57bec86e9379a94a35e99751905d8b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:  3852298 9ac3894ba6a9c59c5c246b1cb515088f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   388042 76cc4730e19076a63e7a984581599e82
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   103642 96e6f166c99d1345c2532e6128d68b63
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum: 19288550 8e326e2bf136131abca1a3a60ddab9de
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   397950 666585c1b6514caac9513ee0e960e549
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   761832 88fe1a58c498c24ec8ccbe45ae862715
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   103686 fe41064607e75452828b8d9b7ee43e05
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:  3830612 ba30367c79415273f405f7badde67ef7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum: 20896590 733b6e160bd73635703449966f4014c2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum: 21074418 7bcb629b5c1ab7edd559cfd1518606eb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:  3794626 841fa07f11ebced3f6043398764203c2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:   103652 9d14ba4a406d5c2f54377e9ed9385291
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb
Size/MD5 checksum:  1799890 3fbde882e04f90712afab46ceb1d2e4f
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2_amd64.deb
Size/MD5 checksum:  5823978 d57d4ddc15c0c661db45766236aafd1f

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   357196 61cf0294a78ae1aa4980eadc186b02bf
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-15lenny2_arm.deb
Size/MD5 checksum: 11714240 6e461c880ce62f76fc2ae450df65ac7f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:  4135562 934da0c4113cf93379303d7c426b9ec0
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   345872 51a9ca83773967b4fca791ad7304e8b9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-15lenny2_arm.deb
Size/MD5 checksum: 11407528 01c0704554c7e5783af0bfe243583b2f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-15lenny2_arm.deb
Size/MD5 checksum: 10229940 7cdafb4746b99daf343615abd065b52c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   360706 c0553218a6dc212e6e262f2c5d4e95e9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   362878 063b38690d57b4bed42f47ae6669a205
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   103570 67283a7c868e3b020ea32df43305e6cb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   743442 f032b462f2ced0b29ef8fad467dc53e3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-15lenny2_arm.deb
Size/MD5 checksum:   103614 b834c333d52e174cfafa707c1cf6007f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-15lenny2_arm.deb
Size/MD5 checksum: 12429986 3e583ab23c35a27a13cb10cc0da581f0

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   362534 553b5d4a96face61b87a8e072f1f9ff8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:  4127498 168ff1a45080f3c4cba4a04d1b326b16
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-15lenny2_armel.deb
Size/MD5 checksum: 11682088 d75f73e9f4614bfb13de3c73b5b2ae9a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   744114 76f75b81436e3b3b387e8fd405535dca
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   334058 16bf2ddbe077aef886e30ecd08320792
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-15lenny2_armel.deb
Size/MD5 checksum: 12394862 3dcf9c71e56fbd49c1ac8088c2271a67
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   359142 f44a38848367e077d3ab10095695a1f9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   103698 b2db17336a565129e4cd858cfdbebdec
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:  9570956 c1202b4698c40d8ba708227cc463ba75
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   364206 28ac049650ad018de6f30b2f974c335e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-15lenny2_armel.deb
Size/MD5 checksum: 11370938 f1272a12e1fe6bdb4a1e75be8d205c08
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_armel.deb
Size/MD5 checksum:   103664 efcc623f3063eab822d32d3392659bb1

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   293774 11f697620d8e797204a9ee43c7e49e86
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   296078 103c08b6d81814a758e70381efbd00cb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum: 17469984 5bf0999276e32dcc44eae2f5dae41c43
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:  3596462 498f39403026997ec7e9bd0daa01ae05
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   103600 b5edaa5c335be330726ef6dbab25bcd8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum: 16925522 4c7ca20db89d33a0c050165a7ca41533
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   293006 b8543710d9d5eba22a4a1bc6128436d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   103574 35b0f4350ceb613d3790f054a720a2c7
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   294442 b6ffd162c317e0bd787a6f5db35af295
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum: 16202302 30d4723632168c7a4b1a2b0ebd993c6c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum:   755564 07bda4c6ddbf6a86ff2d37f5faa53a3b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-15lenny2_hppa.deb
Size/MD5 checksum: 15613120 13474e40e538a178556712045a1055c2

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   401964 67ca4a3a5e393d5dfc3d72b22c29ac24
http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2_i386.deb
Size/MD5 checksum:  5352762 0492fa26aacea1e90a2a8076f421736d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20260632 0903069efeb795506c5de03770992c4d
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   382028 04fdd8c04218b0adabedf7255de595dc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:  3715228 9a34e86a009de2cfce28c65486c435b1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   395624 e7f8a141fcce18b9175f988961560481
http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   103638 2e1729b6d848f742b6330e6d5a695a44
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20236806 82db8b2a80d62b4a09d33e83a88750ec
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   395790 b55d97b7a62538cc00f886ea8655e59a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   396078 58d4fb3d17f32ffdc57a17a3a0e2a647
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20142406 30711aa079af780c44aab9474c404917
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   746566 1044f2f109e75208c88397938b0a793f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   103652 404c334a0703eb5710593c6eade7c2f3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20117418 65608dc1c7f99ab38fcd30a1a4bb06da
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   396930 e589efc8e5b6a5c0649d1b4a9508b477
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20412848 43c86e53ac74b81cd167e59df620c6ae
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 17945358 6bf8a4efc2d3d2af2ed9873f0ed4a940
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:  1589190 20210ab586114583a1227b00e7ddf23c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   384234 86d3c745e0456a25f481c9585becd71f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:  3847862 8177698dda0696e378accfe9c3d3c44f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:  3747978 b25b6df842f713a7736448d91be804a3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   103700 05a3a356d68d4777ed08c8e88e234c17
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:   396910 3b1af51b193bbb723c20f3ff1063a9f6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20766900 c3d03294fd3777044a6fe908e77ca56e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-15lenny2_i386.deb
Size/MD5 checksum: 20082656 0a700ba7ed7bcf1c94cffe57722c8e77
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-15lenny2_i386.deb
Size/MD5 checksum:  3770904 2c20fd09d1b57aceb659b650d2a86c3e

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:  3683456 f8e33d2b49c0dc0f6daaa8c1c5aed6a1
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   352408 9087493ca55454b97152ebf3e12ac027
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum: 34097344 aad5d13c617ffaf5efc31bf3fee5bdbb
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   103650 61015b0fb2d786664d340caec9556cb3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   351716 9a1c3c31cedebd60ea0e71a983edbe24
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum: 34176080 7d8b2afa280521af629da3ef6a8dcf96
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum: 33920860 261eab4d401617b4e50d5e9c7fa9478c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   103682 e8ef7422829d57e214062770ee1516fd
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   351762 3c392c2f3ecc09b8794b9c08a6dda4d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   352368 f63441dda8bf0e1394d4e71531b5c3f6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum: 33988600 8fc3c10d5f376828d451263e2a5a0411
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:  3651316 fa72532376b07227d336484a5eb9b59c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_ia64.deb
Size/MD5 checksum:   745208 bbb6f3e7e0aa49a23b19b0995f458d2b

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 29180882 69a83b37e95628c4ca370f1c8ab6e101
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 19996594 09ab2685b1d53cd77b9554fbfafed256
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 19985912 7de8b500b44f9fc8249944de2146a251
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:  3959292 ccf258221f247d7d6524511d64336422
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   295336 877afd2f578bcfe254d01dbd437c72a3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 23319736 ab01e5fb78dc39389364a8284a9fafb8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r4k-ip22_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   255696 3208d45d1fa1d3bc56452e3715044bde
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   294846 4b8c8611ab3ced1936a21719d0db327e
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mips_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   103628 e305aec4b61ee60c5638c64cb85b5f89
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   103572 ac8b9df04d63b2e077590e82a8676e6c
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-ip32_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   280168 4462adb08ce8d26bf9856021b814d191
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   349818 e0e3ff2cb9251fca0729f347dfe5ecba
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r4k-ip22_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 11427614 ab6594b40bf0ce9a73c0891ba9706cc3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-ip32_2.6.26-15lenny2_mips.deb
Size/MD5 checksum: 15680942 6d69e713864dd57e7e5c52711ce65f8f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   350770 02fc7e97009a310eab609b34824f0198
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_mips.deb
Size/MD5 checksum:   754842 f4f4b879b7a9ff4efb024cf7c81e4c8e

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum: 22773614 2f02c916e762ec12aa5e6d940e6942ab
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   346140 f074d0b61aca2a022c1b23b2a9cb31d8
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   103708 7cbdf5c0f7d9091682225139e4019f4a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   739236 220a8b129147286703e70de980e70010
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum: 19378238 717d741afb1c4d6355bf2912e797b893
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum: 19385536 c743a80e3ab91e52603517987059d062
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   291996 72bd0ee79971f727a22e753de2a79dd2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:  3887460 24f9ebab57d2f336ab2965d75ced8d04
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   103656 7e5a9a9fe6b75f773f7109fdb29c67b2
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum: 14885136 b97b282ee0e13f36a0e7ec7ac90fd698
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   291628 97184eef6ab6f4aba03c5756cf817e77
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   346368 9f65a85c3a36a98971295da9eca49ced
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum:   287456 f836716afe5101b627b6d017ee2cf6e3
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-15lenny2_mipsel.deb
Size/MD5 checksum: 28242940 f848e64d548e0dc0655ff4a1e1efc263

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:  3852082 41b6543dcd37c140f2c468d7c7535eed
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum: 23112214 960c8cfb6b15c7cbaf6edd2d4aca9216
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   103666 e2fd64d5aa6c1f98956e62b4a0260d0f
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:  3886868 44038a1babafe461e01dc987d84edf9a
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum: 23389448 f1d0e1e6ed8b15a234c8023bc258149b
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   370398 90e589b7dd6b6a5a2a1e29c204b0ed68
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   370828 c556b7c5ed697ccf57eb6dee79279dfc
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   752742 e8fa3ee09312887d1d11f32d123a50d9
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   364504 91840865ed1ed6cc06f7e4141ee9caf6
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum: 23548478 943ab35bb29eb5f16b065f31d98b0f10
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   103692 f69df040dc9fdf8e78517698c15a5550
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   364426 9d91da2c31f69340de4f4fa30e5043ee
http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-15lenny2_powerpc.deb
Size/MD5 checksum:   362742 f5cc256d09740

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

Linux
-----
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=76a67ec6fb79ff3570dcb5342142c16098299911#patch1

RedHat
------
RedHat已经为此发布了一个安全公告（RHSA-2009:1106-01）以及相应补丁:
RHSA-2009:1106-01：Important: kernel security and bug fix update
链接：https://www.redhat.com/support/errata/RHSA-2009-1106.html

浏览次数：3773
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客