• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Linux Kernel Choose_New_Parent Local Denial of Service Vulnerability

Severity: MODERATE

Description:

The Linux kernel is prone to a local denial-of-service vulnerability. This issue is due to a design error in the 'choose_new_parent' function.

This issue is due to a debugging 'BUG' function improperly being called. The check that is in the vulnerable function is reportedly no longer valid. This issue may be triggered when a parent process dies, and the child process's parent process ID is set to a new ID.

This vulnerability allows local users to cause a kernel panic, denying further service to legitimate users.

This issue affects Linux kernel versions prior to 2.6.11.12.

Affected Products:

• Avaya S8300 CM 3.1
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 CM 3.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 CM 3.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• Avaya S8710 CM 3.1
• Avaya S8710 R2.0.0
• Avaya S8710 R2.0.1
• Debian Linux 3.1.0
• Debian Linux 3.1.0 alpha
• Debian Linux 3.1.0 amd64
• Debian Linux 3.1.0 arm
• Debian Linux 3.1.0 hppa
• Debian Linux 3.1.0 ia-32
• Debian Linux 3.1.0 ia-64
• Debian Linux 3.1.0 m68k
• Debian Linux 3.1.0 mips
• Debian Linux 3.1.0 mipsel
• Debian Linux 3.1.0 ppc
• Debian Linux 3.1.0 s/390
• Debian Linux 3.1.0 sparc
• Linux kernel 2.6.0
• Linux kernel 2.6.0 -test1
• Linux kernel 2.6.0 -test10
• Linux kernel 2.6.0 -test11
• Linux kernel 2.6.0 -test2
• Linux kernel 2.6.0 -test3
• Linux kernel 2.6.0 -test4
• Linux kernel 2.6.0 -test5
• Linux kernel 2.6.0 -test6
• Linux kernel 2.6.0 -test7
• Linux kernel 2.6.0 -test8
• Linux kernel 2.6.0 -test9
• Linux kernel 2.6.0 -test9-CVS
• Linux kernel 2.6.0 .10
• Linux kernel 2.6.1
• Linux kernel 2.6.1 -rc1
• Linux kernel 2.6.1 -rc2
• Linux kernel 2.6.10
• Linux kernel 2.6.10 rc2
• Linux kernel 2.6.11
• Linux kernel 2.6.11 -rc2
• Linux kernel 2.6.11 -rc3
• Linux kernel 2.6.11 -rc4
• Linux kernel 2.6.11 .11
• Linux kernel 2.6.11 .5
• Linux kernel 2.6.11 .6
• Linux kernel 2.6.11 .7
• Linux kernel 2.6.11 .8
• Linux kernel 2.6.2
• Linux kernel 2.6.3
• Linux kernel 2.6.4
• Linux kernel 2.6.5
• Linux kernel 2.6.6
• Linux kernel 2.6.6 rc1
• Linux kernel 2.6.7
• Linux kernel 2.6.7 rc1
• Linux kernel 2.6.8
• Linux kernel 2.6.8 rc1
• Linux kernel 2.6.8 rc2
• Linux kernel 2.6.8 rc3
• Linux kernel 2.6.9
• MandrakeSoft Corporate Server 3.0.0
• MandrakeSoft Corporate Server 3.0.0 x86_64
• MandrakeSoft Multi Network Firewall 2.0.0
• RedHat Desktop 4.0.0
• RedHat Enterprise Linux AS 4
• RedHat Enterprise Linux ES 4
• RedHat Enterprise Linux WS 4
• RedHat Fedora Core2
• RedHat Fedora Core3
• RedHat Fedora Core4
• S.u.S.E. Linux Enterprise Server 9
• S.u.S.E. Linux Personal 10.0.0 OSS
• S.u.S.E. Linux Personal 10.1
• S.u.S.E. Linux Personal 9.1.0
• S.u.S.E. Linux Personal 9.1.0 x86_64
• S.u.S.E. Linux Personal 9.2.0
• S.u.S.E. Linux Personal 9.2.0 x86_64
• S.u.S.E. Linux Personal 9.3.0
• S.u.S.E. Linux Personal 9.3.0 x86_64
• S.u.S.E. Linux Professional 10.0.0
• S.u.S.E. Linux Professional 10.0.0 OSS
• S.u.S.E. Linux Professional 10.1
• S.u.S.E. Linux Professional 9.1.0
• S.u.S.E. Linux Professional 9.1.0 x86_64
• S.u.S.E. Linux Professional 9.2.0
• S.u.S.E. Linux Professional 9.2.0 x86_64
• S.u.S.E. Linux Professional 9.3.0
• S.u.S.E. Linux Professional 9.3.0 x86_64
• Trustix Secure Linux 3.0.0
• Ubuntu Ubuntu Linux 4.1.0 ia32
• Ubuntu Ubuntu Linux 4.1.0 ia64
• Ubuntu Ubuntu Linux 4.1.0 ppc
• Ubuntu Ubuntu Linux 5.0.0 4 amd64
• Ubuntu Ubuntu Linux 5.0.0 4 i386
• Ubuntu Ubuntu Linux 5.0.0 4 powerpc
• Ubuntu Ubuntu Linux 5.10.0 amd64
• Ubuntu Ubuntu Linux 5.10.0 i386
• Ubuntu Ubuntu Linux 5.10.0 powerpc
• Ubuntu Ubuntu Linux 6.06 LTS amd64
• Ubuntu Ubuntu Linux 6.06 LTS i386
• Ubuntu Ubuntu Linux 6.06 LTS powerpc

References:

• Avaya: ASA-2006-161 - kernel security update (RHSA-2006-0493)
• Linux Kernel: Linux Kernel 2.6.11.12 Changelog
• Linux Kernel: kernel.org Homepage.
• Red Hat: Remove bogus BUG() in kernel/exit.c

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.