• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux O_DIRECT Direct Input/Output Information Leak Vulnerability

Solution:
Debian has released an advisory (DSA 423-1) that addresses the issue that is described in this BID for the IA-64 architecture. Further details regarding obtaining and applying fixes can be found in the referenced advisory.

SuSE has released an advisory (SuSE-SA:2003:049) to address this issue. Users are advised to apply appropriate fixes as soon as possible. Please see referenced advisory for further details regarding obtaining and applying fixes.

RedHat has released an advisory (RHSA-2003:025-20) containing fixes.

Mandrake Linux has released a new security advisory (MDKSA-2003:014) which contains fixes. Mandrake 9.0 users are advised to upgrade there kernel has soon as possible.

Debian has released advisory DSA 358-4 to address this issue.

Fixes:


Linux kernel 2.4.18

• Debian kernel-doc-2.4.18_2.4.18-13_all.deb
  http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/ke rnel-doc-2.4.18_2.4.18-13_all.deb


• Debian kernel-headers-2.4.18-1-586tsc_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1-586tsc_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-1-686-smp_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1-686-smp_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-1-686_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1-686_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-1-generic_2.4.18-10_alpha.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-a lpha/kernel-headers-2.4.18-1-generic_2.4.18-10_alpha.deb


• Debian kernel-headers-2.4.18-1-k6_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1-k6_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-1-k7_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1-k7_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-1-smp_2.4.18-10_alpha.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-a lpha/kernel-headers-2.4.18-1-smp_2.4.18-10_alpha.deb


• Debian kernel-headers-2.4.18-1_2.4.18-10_alpha.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-a lpha/kernel-headers-2.4.18-1_2.4.18-10_alpha.deb


• Debian kernel-headers-2.4.18-1_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-headers-2.4.18-1_2.4.18-11_i386.deb


• Debian kernel-headers-2.4.18-bf2.4_2.4.18-5woody4_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i38 6bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody4_i386.deb


• Debian kernel-image-2.4.18-1-386_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-386_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-586tsc_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-586tsc_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-686-smp_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-686-smp_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-686_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-686_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-generic_2.4.18-10_alpha.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-a lpha/kernel-image-2.4.18-1-generic_2.4.18-10_alpha.deb


• Debian kernel-image-2.4.18-1-k6_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-k6_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-k7_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-image-2.4.18-1-k7_2.4.18-11_i386.deb


• Debian kernel-image-2.4.18-1-smp_2.4.18-10_alpha.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-a lpha/kernel-image-2.4.18-1-smp_2.4.18-10_alpha.deb


• Debian kernel-image-2.4.18-bf2.4_2.4.18-5woody4_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i38 6bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody4_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-386_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-11_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-11_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-11_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-686_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-11_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-11_i386.deb


• Debian kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-11_i386.deb
  http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i 386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-11_i386.deb


• Debian kernel-source-2.4.18_2.4.18-13_all.deb
  http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/ke rnel-source-2.4.18_2.4.18-13_all.deb


• RedHat kernel-2.4.18-24.7.x.athlon.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.18-24.7.x.athlon. rpm


• RedHat kernel-2.4.18-24.7.x.athlon.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.18-24.7.x.athlon. rpm


• RedHat kernel-2.4.18-24.7.x.athlon.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.18-24.7.x.athlon. rpm


• RedHat kernel-2.4.18-24.7.x.i386.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm


• RedHat kernel-2.4.18-24.7.x.i386.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm


• RedHat kernel-2.4.18-24.7.x.i386.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm


• RedHat kernel-2.4.18-24.7.x.i586.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm


• RedHat kernel-2.4.18-24.7.x.i586.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm


• RedHat kernel-2.4.18-24.7.x.i586.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm


• RedHat kernel-2.4.18-24.7.x.i686.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm


• RedHat kernel-2.4.18-24.7.x.i686.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm


• RedHat kernel-2.4.18-24.7.x.i686.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm


• RedHat kernel-2.4.18-24.8.0.athlon.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.18-24.8.0.athlon. rpm


• RedHat kernel-2.4.18-24.8.0.i386.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.18-24.8.0.i386.rpm


• RedHat kernel-2.4.18-24.8.0.i586.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.18-24.8.0.i586.rpm


• RedHat kernel-2.4.18-24.8.0.i686.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.18-24.8.0.i686.rpm


• RedHat kernel-bigmem-2.4.18-24.7.x.i686.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i6 86.rpm


• RedHat kernel-bigmem-2.4.18-24.7.x.i686.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i6 86.rpm


• RedHat kernel-bigmem-2.4.18-24.7.x.i686.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i6 86.rpm


• RedHat kernel-bigmem-2.4.18-24.8.0.i686.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.18-24.8.0.i6 86.rpm


• RedHat kernel-BOOT-2.4.18-24.7.x.i386.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386 .rpm


• RedHat kernel-BOOT-2.4.18-24.7.x.i386.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386 .rpm


• RedHat kernel-BOOT-2.4.18-24.7.x.i386.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386 .rpm


• RedHat kernel-BOOT-2.4.18-24.8.0.i386.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.18-24.8.0.i386 .rpm


• RedHat kernel-debug-2.4.18-24.7.x.i686.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-debug-2.4.18-24.7.x.i68 6.rpm


• RedHat kernel-debug-2.4.18-24.7.x.i686.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-debug-2.4.18-24.7.x.i68 6.rpm


• RedHat kernel-debug-2.4.18-24.7.x.i686.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i686/kernel-debug-2.4.18-24.7.x.i68 6.rpm


• RedHat kernel-debug-2.4.18-24.8.0.i686.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i686/kernel-debug-2.4.18-24.8.0.i68 6.rpm


• RedHat kernel-doc-2.4.18-24.7.x.i386.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.18-24.7.x.i386. rpm


• RedHat kernel-doc-2.4.18-24.7.x.i386.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.18-24.7.x.i386. rpm


• RedHat kernel-doc-2.4.18-24.7.x.i386.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.18-24.7.x.i386. rpm


• RedHat kernel-doc-2.4.18-24.8.0.i386.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.18-24.8.0.i386. rpm


• RedHat kernel-smp-2.4.18-24.7.x.athlon.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.18-24.7.x.ath lon.rpm


• RedHat kernel-smp-2.4.18-24.7.x.athlon.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.18-24.7.x.ath lon.rpm


• RedHat kernel-smp-2.4.18-24.7.x.athlon.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.18-24.7.x.ath lon.rpm


• RedHat kernel-smp-2.4.18-24.7.x.i586.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.18-24.7.x.i586. rpm


• RedHat kernel-smp-2.4.18-24.7.x.i586.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.18-24.7.x.i586. rpm


• RedHat kernel-smp-2.4.18-24.7.x.i586.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.18-24.7.x.i586. rpm


• RedHat kernel-smp-2.4.18-24.7.x.i686.rpm
  RedHat 7.1
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.18-24.7.x.i686. rpm


• RedHat kernel-smp-2.4.18-24.7.x.i686.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.18-24.7.x.i686. rpm


• RedHat kernel-smp-2.4.18-24.7.x.i686.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.18-24.7.x.i686. rpm


• RedHat kernel-smp-2.4.18-24.8.0.athlon.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.18-24.8.0.ath lon.rpm


• RedHat kernel-smp-2.4.18-24.8.0.i586.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.18-24.8.0.i586. rpm


• RedHat kernel-smp-2.4.18-24.8.0.i686.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.18-24.8.0.i686. rpm


• RedHat kernel-source-2.4.18-24.7.x.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.18-24.7.x.i3 86.rpm


• RedHat kernel-source-2.4.18-24.7.x.i386.rpm
  RedHat 7.2
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.18-24.7.x.i3 86.rpm


• RedHat kernel-source-2.4.18-24.7.x.i386.rpm
  RedHat 7.3
  ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.18-24.7.x.i3 86.rpm


• RedHat kernel-source-2.4.18-24.8.0.i386.rpm
  RedHat 8.0
  ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.18-24.8.0.i3 86.rpm

Linux kernel 2.4.19

• Mandrake kernel-2.4.19.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-BOOT-2.4.19.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-doc-2.4.19-24mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-enterprise-2.4.19.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-secure-2.4.19.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-smp-2.4.19.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-source-2.4.19-24mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php