[USN-1661-1] Linux kernel vulnerability
Kristian Erik Hermansen
kristian.hermansen at gmail.com
Tue Dec 11 17:38:55 UTC 2012
OK. This may be a dumb question, but I thought IPv6 did away with
fragmentation precisely to prevent such security issues. What happened here?
On Dec 10, 2012 8:53 PM, "John Johansen" <john.johansen at canonical.com>
wrote:
> ==========================================================================
> Ubuntu Security Notice USN-1661-1
> December 11, 2012
>
> linux vulnerability
> ==========================================================================
>
> A security issue affects these releases of Ubuntu and its derivatives:
>
> - Ubuntu 10.04 LTS
>
> Summary:
>
> The system's firewall could be bypassed by a remote attacker.
>
> Software Description:
> - linux: Linux kernel
>
> Details:
>
> Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
> fragments in ipv6. A remote attacker could exploit this flaw to bypass
> firewalls and initial new network connections that should have been blocked
> by the firewall.
>
> Update instructions:
>
> The problem can be corrected by updating your system to the following
> package versions:
>
> Ubuntu 10.04 LTS:
> linux-image-2.6.32-45-386 2.6.32-45.101
> linux-image-2.6.32-45-generic 2.6.32-45.101
> linux-image-2.6.32-45-generic-pae 2.6.32-45.101
> linux-image-2.6.32-45-ia64 2.6.32-45.101
> linux-image-2.6.32-45-lpia 2.6.32-45.101
> linux-image-2.6.32-45-powerpc 2.6.32-45.101
> linux-image-2.6.32-45-powerpc-smp 2.6.32-45.101
> linux-image-2.6.32-45-powerpc64-smp 2.6.32-45.101
> linux-image-2.6.32-45-preempt 2.6.32-45.101
> linux-image-2.6.32-45-server 2.6.32-45.101
> linux-image-2.6.32-45-sparc64 2.6.32-45.101
> linux-image-2.6.32-45-sparc64-smp 2.6.32-45.101
> linux-image-2.6.32-45-versatile 2.6.32-45.101
> linux-image-2.6.32-45-virtual 2.6.32-45.101
>
> After a standard system update you need to reboot your computer to make
> all the necessary changes.
>
> References:
> http://www.ubuntu.com/usn/usn-1661-1
> CVE-2012-4444
>
> Package Information:
> https://launchpad.net/ubuntu/+source/linux/2.6.32-45.101
>
>
> --
> ubuntu-security-announce mailing list
> ubuntu-security-announce at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20121211/f988f9a6/attachment.html>
More information about the ubuntu-users
mailing list