7 Comments

Kerapuhan 10 kernel di ubuntu 6.06, 8.04, 8.10, 9.04, dan 9.10

Secara sengaja saya mencari berita terbaru tentang ubuntu dan ternyata Canonical telah mengumumkan pada hari ini (5-2-2010) tentang ketersediaan security update kernel linux baru khususnya ubuntu dari distribusi: 6.06 LTS (Dapper Drake), 8.04 LTS (Hardy Heron), 8.10 (Intrepid Ibex), 9.04 (Jaunty Jackalope) dan 9.10 (Karmic Koala). Update ini juga berlaku untuk kubuntu, edubuntu, dan xubuntu yang memperbaiki 10 bidang security (lihat tabel dibawah) yang telah ditemukan dalam linux kernel packages oleh berbagai hackers. Oleh karena itu sangat disarankan untuk mengupdate sistem anda secepatnya.

The following Linux kernel vulnerabilities were discovered:

1. The EXT4 and HFS filesystems failed to check various disk structures. Because of this, a remote attacker could trick a user into mounting a specially devised filesystem and could crash the affected system or gain root (system administrator) privileges. The issue was discovered by Amerigo Wang and Eric Sesterhenn and affects all the aforementioned Ubuntu systems.

2. FUSE (Filesystem in Userspace) failed to check various requests. Because of this, a local attacker that had access to FUSE mounts could crash the affected system or gain root (system administrator) privileges. The issue affects only Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04 systems.

3. KVM failed to decode various guest instructions. This could lead to a DoS attack and crash the affected system, by triggering “high scheduling latency” in the host. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

4. The OHCI firewire driver failed to handle various ioctls. Because of this, a local attacker could crash the affected system or gain root (system administrator) privileges. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

5. The Linux kernel failed to handle O_ASYNC on locked files. Because of this, a local attacker could gain root (system administrator) privileges. The issue was discovered by Tavis Ormandy and affects only Ubuntu 9.04 and 9.10 systems.

6. The e1000e and e1000 network drivers for Eee PCs failed to check Ethernet frames’ size. Because of this, a local attacker on the LAN could crash the affected system or gain root (system administrator) privileges by sending specially devised traffic. The issue was discovered by Neil Horman and Eugene Teo, and affects all Ubuntu systems.

7. Random contents of kernel memory could be shown by “print-fatal-signals” reporting. This could lead to loss of privacy. The issue affects only Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

8. IPv6 failed to handle jumbo frames. This could lead to a DoS attack and crash the affected system. The issue was discovered by Olli Jarva and Tuomo Untinen, and affects only Ubuntu 9.04 and 9.10 systems.

9. The rules of bridging netfilter could be modified by regular users. This could lead to a DoS attack, by fracturing the network traffic. The issue was discovered by Florian Westphal and affects all Ubuntu systems.

10. Linux kernel memory could be leaked by various mremap operations. This could lead to a DoS attack, by consuming the entire available memory. The issue was discovered by Al Viro and affects all Ubuntu systems.

Kerentanan kernel linux diatas dapat diperbaiki jika anda mengupdate sistem menurut spesifikasi package dibawah ini:

• untuk Ubuntu 6.06 LTS, update kernel package jadi linux-image-2.6.15-55.82.

• untuk Ubuntu 8.04 LTS, update kernel package jadi linux-image-2.6.24-27.65.

• untuk Ubuntu 8.10, update kernel package jadi linux-image-2.6.27-17.45.

• untuk Ubuntu 9.04, update kernel package jadi linux-image-2.6.28-18.59.

• untuk Ubuntu 9.10, update kernel package jadi linux-image-2.6.31-19.56.

jangan lupa reboot komputer anda setelah update kernel! untuk mengetahui versi kernel, ketik sudo dpkg -l linux-image-2.6.31-19-generic di terminal (contoh ini hanya untuk ubuntu 9.10 saja)

PERHATIKAN: karena tidak dapat merubah ABI, disebabkan oleh package kernel mempunyai versi baru, terpaksa anda harus reinstall atau recompile semua third-party kernel module yang telah anda install. Terlebih lagi, jika anda menggunakan linux-restricted-module-packages, anda harus mengupdate agar bisa sesuai dengan kernel linux baru.

7 comments on “Kerapuhan 10 kernel di ubuntu 6.06, 8.04, 8.10, 9.04, dan 9.10

  1. wah… makasih informasinya

  2. sy juga baru update td pagi🙂
    thanks infonya

  3. manteb infonya bROoo..😀

  4. nice info… sangat bermanfaat nih

  5. kok perintah sudo dpkg -l linux-image-2.6.31-19-generic gak bisa jalan ya?

    • Km pake ubuntu versi apa dl?kalo perintah itu untuk karmic tapi yang lain menyesuaikan kernelnya saja. ato mungkin kalo copas ada spasi yang ikut terpaste.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: