Linux kernel VFAT IOCTLs denial of service

kernel-vfatioctls-dos (34669)

Low Risk

Description:

Linux kernel is vulnerable to a denial of service, caused by the improper handling of VFAT IOCTLs run on 64bit systems. A local attacker could exploit this vulnerability using unknown attack vectors to cause the system to crash.

Platforms Affected:

• Avaya, Application Enablement Services 4.0.1
• Avaya, Communication Manager 3.0
• Avaya, Communication Manager 3.0.1
• Avaya, Communication Manager 3.1
• Avaya, Communication Manager 3.1.1
• Avaya, Communication Manager 3.1.2
• Avaya, Communication Manager 3.1.3
• Avaya, Communication Manager 3.1.4
• Avaya, Communication Manager 4.0
• Avaya, Communication Manager 4.0.1
• Avaya, Communication Manager 4.0.3
• Avaya, Converged Communications Server 3.1.1
• Avaya, Converged Communications Server 3.1.2
• Avaya, Converged Communications Server 4.0
• Avaya, Intuity Audix LX 2.0
• Avaya, Message Networking 3.1
• Avaya, Message Storage Server 3.0
• Avaya, SIP Enablement Services 3.1.1
• Avaya, SIP Enablement Services 3.1.2
• Avaya, SIP Enablement Services 4.0
• Canonical, Ubuntu 6.06 LTS
• Canonical, Ubuntu 6.10
• Canonical, Ubuntu 7.04
• Debian, Debian Linux 4.0
• Linux, Kernel 2.6.0 test3
• Linux, Kernel 2.6.0 test4
• Linux, Kernel 2.6.0 test1
• Linux, Kernel 2.6.0 test11
• Linux, Kernel 2.6.0
• Linux, Kernel 2.6.0 test5
• Linux, Kernel 2.6.0 test10
• Linux, Kernel 2.6.0 test9
• Linux, Kernel 2.6.0 test8
• Linux, Kernel 2.6.0 test7
• Linux, Kernel 2.6.0 test6
• Linux, Kernel 2.6.0 test2
• Linux, Kernel 2.6.1
• Linux, Kernel 2.6.1 rc1
• Linux, Kernel 2.6.1 rc3
• Linux, Kernel 2.6.1 rc2
• Linux, Kernel 2.6.10 rc2
• Linux, Kernel 2.6.10 rc3
• Linux, Kernel 2.6.10 rc1
• Linux, Kernel 2.6.10
• Linux, Kernel 2.6.11 rc5
• Linux, Kernel 2.6.11 rc4
• Linux, Kernel 2.6.11 rc2
• Linux, Kernel 2.6.11 rc3
• Linux, Kernel 2.6.11
• Linux, Kernel 2.6.11 rc1
• Linux, Kernel 2.6.11.1
• Linux, Kernel 2.6.11.10
• Linux, Kernel 2.6.11.11
• Linux, Kernel 2.6.11.12
• Linux, Kernel 2.6.11.2
• Linux, Kernel 2.6.11.3
• Linux, Kernel 2.6.11.4
• Linux, Kernel 2.6.11.5
• Linux, Kernel 2.6.11.6
• Linux, Kernel 2.6.11.7
• Linux, Kernel 2.6.11.8
• Linux, Kernel 2.6.11.9
• Linux, Kernel 2.6.12 rc1
• Linux, Kernel 2.6.12 rc2
• Linux, Kernel 2.6.12 rc3
• Linux, Kernel 2.6.12 rc5
• Linux, Kernel 2.6.12 rc6
• Linux, Kernel 2.6.12
• Linux, Kernel 2.6.12 rc4
• Linux, Kernel 2.6.12.1
• Linux, Kernel 2.6.12.12
• Linux, Kernel 2.6.12.2
• Linux, Kernel 2.6.12.22
• Linux, Kernel 2.6.12.3
• Linux, Kernel 2.6.12.4
• Linux, Kernel 2.6.12.5
• Linux, Kernel 2.6.12.6
• Linux, Kernel 2.6.13 rc4
• Linux, Kernel 2.6.13 rc6
• Linux, Kernel 2.6.13 rc7
• Linux, Kernel 2.6.13
• Linux, Kernel 2.6.13 rc3
• Linux, Kernel 2.6.13 rc2
• Linux, Kernel 2.6.13 rc1
• Linux, Kernel 2.6.13 rc5
• Linux, Kernel 2.6.13.1
• Linux, Kernel 2.6.13.2
• Linux, Kernel 2.6.13.3
• Linux, Kernel 2.6.13.4
• Linux, Kernel 2.6.13.5
• Linux, Kernel 2.6.14 rc2
• Linux, Kernel 2.6.14 rc5
• Linux, Kernel 2.6.14 rc4
• Linux, Kernel 2.6.14 rc3
• Linux, Kernel 2.6.14 rc1
• Linux, Kernel 2.6.14
• Linux, Kernel 2.6.14.1
• Linux, Kernel 2.6.14.2
• Linux, Kernel 2.6.14.3
• Linux, Kernel 2.6.14.4
• Linux, Kernel 2.6.14.5
• Linux, Kernel 2.6.14.6
• Linux, Kernel 2.6.14.7
• Linux, Kernel 2.6.15 rc7
• Linux, Kernel 2.6.15 rc6
• Linux, Kernel 2.6.15 rc5
• Linux, Kernel 2.6.15 rc4
• Linux, Kernel 2.6.15 rc3
• Linux, Kernel 2.6.15 rc1
• Linux, Kernel 2.6.15 rc2
• Linux, Kernel 2.6.15
• Linux, Kernel 2.6.15.1
• Linux, Kernel 2.6.15.11
• Linux, Kernel 2.6.15.2
• Linux, Kernel 2.6.15.3
• Linux, Kernel 2.6.15.4
• Linux, Kernel 2.6.15.5
• Linux, Kernel 2.6.15.6
• Linux, Kernel 2.6.15.7
• Linux, Kernel 2.6.16 rc7
• Linux, Kernel 2.6.16 rc6
• Linux, Kernel 2.6.16 rc5
• Linux, Kernel 2.6.16 rc4
• Linux, Kernel 2.6.16 rc3
• Linux, Kernel 2.6.16
• Linux, Kernel 2.6.16.1
• Linux, Kernel 2.6.16.10
• Linux, Kernel 2.6.16.11
• Linux, Kernel 2.6.16.12
• Linux, Kernel 2.6.16.13
• Linux, Kernel 2.6.16.14
• Linux, Kernel 2.6.16.15
• Linux, Kernel 2.6.16.16
• Linux, Kernel 2.6.16.17
• Linux, Kernel 2.6.16.18
• Linux, Kernel 2.6.16.19
• Linux, Kernel 2.6.16.2
• Linux, Kernel 2.6.16.20
• Linux, Kernel 2.6.16.21
• Linux, Kernel 2.6.16.22
• Linux, Kernel 2.6.16.23
• Linux, Kernel 2.6.16.24
• Linux, Kernel 2.6.16.25
• Linux, Kernel 2.6.16.26
• Linux, Kernel 2.6.16.27
• Linux, Kernel 2.6.16.28
• Linux, Kernel 2.6.16.29
• Linux, Kernel 2.6.16.3
• Linux, Kernel 2.6.16.30
• Linux, Kernel 2.6.16.31
• Linux, Kernel 2.6.16.32
• Linux, Kernel 2.6.16.33
• Linux, Kernel 2.6.16.34
• Linux, Kernel 2.6.16.35
• Linux, Kernel 2.6.16.36
• Linux, Kernel 2.6.16.37
• Linux, Kernel 2.6.16.38
• Linux, Kernel 2.6.16.39
• Linux, Kernel 2.6.16.4
• Linux, Kernel 2.6.16.40
• Linux, Kernel 2.6.16.41
• Linux, Kernel 2.6.16.43
• Linux, Kernel 2.6.16.44
• Linux, Kernel 2.6.16.45
• Linux, Kernel 2.6.16.46
• Linux, Kernel 2.6.16.47
• Linux, Kernel 2.6.16.48
• Linux, Kernel 2.6.16.49
• Linux, Kernel 2.6.16.5
• Linux, Kernel 2.6.16.50
• Linux, Kernel 2.6.16.51
• Linux, Kernel 2.6.16.52
• Linux, Kernel 2.6.16.53
• Linux, Kernel 2.6.16.6
• Linux, Kernel 2.6.16.7
• Linux, Kernel 2.6.16.8
• Linux, Kernel 2.6.16.9
• Linux, Kernel 2.6.17 rc1
• Linux, Kernel 2.6.17
• Linux, Kernel 2.6.17 rc6
• Linux, Kernel 2.6.17 rc5
• Linux, Kernel 2.6.17 rc4
• Linux, Kernel 2.6.17 rc3
• Linux, Kernel 2.6.17 rc2
• Linux, Kernel 2.6.17.1
• Linux, Kernel 2.6.17.10
• Linux, Kernel 2.6.17.11
• Linux, Kernel 2.6.17.12
• Linux, Kernel 2.6.17.13
• Linux, Kernel 2.6.17.14
• Linux, Kernel 2.6.17.2
• Linux, Kernel 2.6.17.3
• Linux, Kernel 2.6.17.4
• Linux, Kernel 2.6.17.5
• Linux, Kernel 2.6.17.6
• Linux, Kernel 2.6.17.7
• Linux, Kernel 2.6.17.8
• Linux, Kernel 2.6.17.9
• Linux, Kernel 2.6.18 rc1
• Linux, Kernel 2.6.18 rc2
• Linux, Kernel 2.6.18
• Linux, Kernel 2.6.18 rc5
• Linux, Kernel 2.6.18 rc7
• Linux, Kernel 2.6.18 rc6
• Linux, Kernel 2.6.18 rc4
• Linux, Kernel 2.6.18 rc3
• Linux, Kernel 2.6.18.1
• Linux, Kernel 2.6.18.10
• Linux, Kernel 2.6.18.11
• Linux, Kernel 2.6.18.12
• Linux, Kernel 2.6.18.13
• Linux, Kernel 2.6.18.14
• Linux, Kernel 2.6.18.15
• Linux, Kernel 2.6.18.16
• Linux, Kernel 2.6.18.17
• Linux, Kernel 2.6.18.18
• Linux, Kernel 2.6.18.19
• Linux, Kernel 2.6.18.2
• Linux, Kernel 2.6.18.20
• Linux, Kernel 2.6.18.21
• Linux, Kernel 2.6.18.22
• Linux, Kernel 2.6.18.23
• Linux, Kernel 2.6.18.24
• Linux, Kernel 2.6.18.25
• Linux, Kernel 2.6.18.26
• Linux, Kernel 2.6.18.27
• Linux, Kernel 2.6.18.28
• Linux, Kernel 2.6.18.29
• Linux, Kernel 2.6.18.3
• Linux, Kernel 2.6.18.30
• Linux, Kernel 2.6.18.31
• Linux, Kernel 2.6.18.32
• Linux, Kernel 2.6.18.33
• Linux, Kernel 2.6.18.34
• Linux, Kernel 2.6.18.35
• Linux, Kernel 2.6.18.36
• Linux, Kernel 2.6.18.37
• Linux, Kernel 2.6.18.38
• Linux, Kernel 2.6.18.39
• Linux, Kernel 2.6.18.4
• Linux, Kernel 2.6.18.40
• Linux, Kernel 2.6.18.41
• Linux, Kernel 2.6.18.42
• Linux, Kernel 2.6.18.43
• Linux, Kernel 2.6.18.44
• Linux, Kernel 2.6.18.45
• Linux, Kernel 2.6.18.46
• Linux, Kernel 2.6.18.47
• Linux, Kernel 2.6.18.48
• Linux, Kernel 2.6.18.49
• Linux, Kernel 2.6.18.5
• Linux, Kernel 2.6.18.50
• Linux, Kernel 2.6.18.51
• Linux, Kernel 2.6.18.52
• Linux, Kernel 2.6.18.53
• Linux, Kernel 2.6.18.6
• Linux, Kernel 2.6.18.7
• Linux, Kernel 2.6.18.8
• Linux, Kernel 2.6.18.9
• Linux, Kernel 2.6.19 rc2
• Linux, Kernel 2.6.19 rc3
• Linux, Kernel 2.6.19 rc4
• Linux, Kernel 2.6.19 rc1
• Linux, Kernel 2.6.19.0
• Linux, Kernel 2.6.19.1
• Linux, Kernel 2.6.19.2
• Linux, Kernel 2.6.19.3
• Linux, Kernel 2.6.19.4
• Linux, Kernel 2.6.2
• Linux, Kernel 2.6.2 rc3
• Linux, Kernel 2.6.2 rc2
• Linux, Kernel 2.6.2 rc1
• Linux, Kernel 2.6.20
• Linux, Kernel 2.6.20 rc2
• Linux, Kernel 2.6.20.1
• Linux, Kernel 2.6.20.10
• Linux, Kernel 2.6.20.11
• Linux, Kernel 2.6.20.12
• Linux, Kernel 2.6.20.13
• Linux, Kernel 2.6.20.14
• Linux, Kernel 2.6.20.15
• Linux, Kernel 2.6.20.2
• Linux, Kernel 2.6.20.3
• Linux, Kernel 2.6.20.4
• Linux, Kernel 2.6.20.5
• Linux, Kernel 2.6.20.6
• Linux, Kernel 2.6.20.7
• Linux, Kernel 2.6.20.8
• Linux, Kernel 2.6.20.9
• Linux, Kernel 2.6.21 git4
• Linux, Kernel 2.6.21 git3
• Linux, Kernel 2.6.21 git7
• Linux, Kernel 2.6.21 git6
• Linux, Kernel 2.6.21 git5
• Linux, Kernel 2.6.21 rc3
• Linux, Kernel 2.6.21 rc4
• Linux, Kernel 2.6.21 rc5
• Linux, Kernel 2.6.21 rc6
• Linux, Kernel 2.6.21 rc7
• Linux, Kernel 2.6.21 git2
• Linux, Kernel 2.6.21 git1
• Linux, Kernel 2.6.21
• Linux, Kernel 2.6.21.1
• Linux, Kernel 2.6.3 rc1
• Linux, Kernel 2.6.3
• Linux, Kernel 2.6.3 rc4
• Linux, Kernel 2.6.3 rc3
• Linux, Kernel 2.6.3 rc2
• Linux, Kernel 2.6.4
• Linux, Kernel 2.6.4 rc3
• Linux, Kernel 2.6.4 rc2
• Linux, Kernel 2.6.4 rc1
• Linux, Kernel 2.6.5
• Linux, Kernel 2.6.5 rc3
• Linux, Kernel 2.6.5 rc2
• Linux, Kernel 2.6.5 rc1
• Linux, Kernel 2.6.6 rc1
• Linux, Kernel 2.6.6
• Linux, Kernel 2.6.6 rc3
• Linux, Kernel 2.6.6 rc2
• Linux, Kernel 2.6.7
• Linux, Kernel 2.6.7 rc3
• Linux, Kernel 2.6.7 rc2
• Linux, Kernel 2.6.7 rc1
• Linux, Kernel 2.6.8
• Linux, Kernel 2.6.8 rc4
• Linux, Kernel 2.6.8 rc3
• Linux, Kernel 2.6.8 rc2
• Linux, Kernel 2.6.8 rc1
• Linux, Kernel 2.6.8.1
• Linux, Kernel 2.6.9
• Linux, Kernel 2.6.9 rc4
• Linux, Kernel 2.6.9 rc3
• Linux, Kernel 2.6.9 rc2
• Linux, Kernel 2.6.9 rc1
• RedHat, Enterprise Linux 4 AS
• RedHat, Enterprise Linux 4 Desktop
• RedHat, Enterprise Linux 4 ES
• RedHat, Enterprise Linux 4 WS
• RedHat, Enterprise Linux 5
• RedHat, Enterprise Linux 5 Client Workstation
• RedHat, Enterprise Linux 5 Client

Remedy:

Upgrade to the latest version of the Linux kernel (2.6.21.2 or later), available from the Linux Kernel Archives Web site. See References.

For Ubuntu Linux (linux-source):
Refer to USN-489-1 for patch, upgrade, or suggested workaround information. See References.

For Ubuntu Linux (linux-source):
Refer to USN-510-1 for patch, upgrade, or suggested workaround information. See References.

For Red Hat Linux (kernel):
Refer to RHSA-2007:0705-2 for patch, upgrade, or suggested workaround information. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

Consequences:

Denial of Service

References:

• The Linux Kernel Archives, ChangeLog-2.6.21.2 at http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.2.
• ASA-2007-474: kernel security update (RHSA-2007-0939)
• BID-24134: Linux Kernel VFat Compat IOCTLS Local Denial of Service Vulnerability
• CVE-2007-2878: The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.
• DSA-1479: linux-2.6 -- several vulnerabilities
• FrSIRT/ADV-2007-2023: Linux Kernel fat_dir_ioctl() VFAT IOCTL Handling Local Denial of Service Vulnerability
• RHSA-2007-0705: Important: kernel security update
• RHSA-2007-0939: Important: kernel security update
• SA25505: Linux Kernel VFAT IOCTLs Denial of Service
• SA27747: Avaya Products Kernel Multiple Vulnerabilities
• USN-486-1: Linux kernel vulnerabilities
• USN-489-1: Linux kernel vulnerabilities
• USN-510-1: Linux kernel vulnerabilities

Reported:

May 23, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page