[问题]我的更新里有一个linux-image-2.6.20-16-386 的内核 长度为28.4M

[wind185]

如题
你们有没有这个！

[xhy]

我没有

[szwzj]

我的也有，不过没更新上去，我手动更新上去了，

[bzzjh]

我有
一直没去更新
怕出问题

[BigSnake.NET]

===========================================================
Ubuntu Security Notice USN-510-1 August 31, 2007
linux-source-2.6.20 vulnerabilities
CVE-2007-2525, CVE-2007-2875, CVE-2007-2876, CVE-2007-2878,
CVE-2007-3104, CVE-2007-3105, CVE-2007-3513, CVE-2007-3642,
CVE-2007-3843, CVE-2007-3848, CVE-2007-3851, CVE-2007-4308
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
linux-image-2.6.20-16-386 2.6.20-16.31
linux-image-2.6.20-16-generic 2.6.20-16.31
linux-image-2.6.20-16-hppa32 2.6.20-16.31
linux-image-2.6.20-16-hppa64 2.6.20-16.31
linux-image-2.6.20-16-itanium 2.6.20-16.31
linux-image-2.6.20-16-lowlatency 2.6.20-16.31
linux-image-2.6.20-16-mckinley 2.6.20-16.31
linux-image-2.6.20-16-powerpc 2.6.20-16.31
linux-image-2.6.20-16-powerpc-smp 2.6.20-16.31
linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.31
linux-image-2.6.20-16-server 2.6.20-16.31
linux-image-2.6.20-16-server-bigiron 2.6.20-16.31
linux-image-2.6.20-16-sparc64 2.6.20-16.31
linux-image-2.6.20-16-sparc64-smp 2.6.20-16.31

After a standard system upgrade you need to reboot your computer to
affect the necessary changes.

Details follow:

A flaw was discovered in the PPP over Ethernet implementation. Local
attackers could manipulate ioctls and cause kernel memory consumption
leading to a denial of service. (CVE-2007-2525)

An integer underflow was discovered in the cpuset filesystem. If mounted,
local attackers could obtain kernel memory using large file offsets while
reading the tasks file. This could disclose sensitive data. (CVE-2007-2875)

Vilmos Nebehaj discovered that the SCTP netfilter code did not correctly
validate certain states. A remote attacker could send a specially crafted
packet causing a denial of service. (CVE-2007-2876)

Luca Tettamanti discovered a flaw in the VFAT compat ioctls on 64-bit
systems. A local attacker could corrupt a kernel_dirent struct and cause
a denial of service. (CVE-2007-2878)

A flaw in the sysfs_readdir function allowed a local user to cause a
denial of service by dereferencing a NULL pointer. (CVE-2007-3104)

A buffer overflow was discovered in the random number generator. In
environments with granular assignment of root privileges, a local attacker
could gain additional privileges. (CVE-2007-3105)

A flaw was discovered in the usblcd driver. A local attacker could cause
large amounts of kernel memory consumption, leading to a denial of service.
(CVE-2007-3513)

Zhongling Wen discovered that the h323 conntrack handler did not correctly
handle certain bitfields. A remote attacker could send a specially crafted
packet and cause a denial of service. (CVE-2007-3642)

A flaw was discovered in the CIFS mount security checking. Remote
attackers could spoof CIFS network traffic, which could lead a client
to trust the connection. (CVE-2007-3843)

It was discovered that certain setuid-root processes did not correctly
reset process death signal handlers. A local user could manipulate this
to send signals to processes they would not normally have access to.
(CVE-2007-3848)

The Direct Rendering Manager for the i915 driver could be made to write
to arbitrary memory locations. An attacker with access to a running X11
session could send a specially crafted buffer and gain root privileges.
(CVE-2007-3851)

It was discovered that the aacraid SCSI driver did not correctly check
permissions on certain ioctls. A local attacker could cause a denial
of service or gain privileges. (CVE-2007-4308)


Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/ ... 31.diff.gz
Size/MD5: 1577853 d02fd4ba44af531c4eb5c8035fbe3a3f
http://security.ubuntu.com/ubuntu/pool/ ... -16.31.dsc
Size/MD5: 2472 b5489267cd7642fc1af25f1a4fb2aa4a
http://security.ubuntu.com/ubuntu/pool/ ... rig.tar.gz
Size/MD5: 62174876 f19203b2488d943a640abe8f3cd20f57

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/ ... 31_all.deb
Size/MD5: 4877040 3c8035f595205bf4ac22cc20acdd6794
http://security.ubuntu.com/ubuntu/pool/ ... 31_all.deb
Size/MD5: 84870 94e07da627c80ce5b54db4f6eb59812b
http://security.ubuntu.com/ubuntu/pool/ ... 31_all.deb
Size/MD5: 47822126 598e49bbe0381668e0b471dcb580563f

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 24494 b980d0baa6f45bd2d9c6ea3b71491996
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 202070 30b2f790562a3b5ffc8f6baf54cf5def
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 39354 0933702198ce478aa4b1842c8b12ac8d
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 50910 9b7df5269dd71693804155d712008929
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 187502 faf88d2629336c2da3949e4018474771
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 34906 27ab0c4687f3982b121851f2f875e491
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 644422 46b3463556bff461e1b781c381e9ca1c
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 174704 9c94e0c3af584b38143b1672ae1b0b0f
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 76424 b53a41dd02648eacb54debe890388be5
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 57886 f2d1733f4b960c624f14589a36ec5ebb
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 140014 10367ad74fa4252b5d0d080a254938d9
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 277466 3b3731edab4901d7234fbea7f6c7974e
http://security.ubuntu.com/ubuntu/pool/ ... amd64.udeb
Size/MD5: 1905414 b7a3da16e9217bae2d90fd2fbf66235c
http://security.ubuntu.com/ubuntu/pool/ ... _amd64.deb
Size/MD5: 857546 37ed6063fb5c8f4dbfba9ab6dd5736da
http://security.ubuntu.com/ubuntu/pool/ ... _amd64.deb
Size/MD5: 857378 31446d9184e0346b56680b8321a20734