LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 12th, 2014
Linux Security Week: December 9th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat 6.2: Potential kernel vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux Several problems were discovered in the kernel shipped in Red Hat Linux 6.2.Updated kernel packages are available for download now.
---------------------------------------------------------------------
                   Red Hat, Inc. Bug Fix Advisory

Synopsis:          Updated kernel available for Red Hat Linux
Advisory ID:       RHBA-2000:018-10
Issue date:        2000-04-10
Updated on:        2000-04-28
Product:           Red Hat Linux
Keywords:          kernel agpgart megaraid networking
Cross references:  N/A
---------------------------------------------------------------------

1. Topic:

Several problems were discovered in the kernel shipped in Red Hat Linux 6.2.
Updated kernel packages are available for download now.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386 alpha sparc

3. Problem description:

The following problems have been fixed in this kernel release:

1)  The agpgart.o module was omitted from the 6.2 kernel package. This
module is required for proper operation of i810 video chips.

2)  The AMI MegaRAID driver included in 6.2 requires firmware revision 3.10
or higher.  Data corruption and lockups can occur if version 3.10 or higher
is not used.  The megaraid.o module in this updated package refuses to load
if firmware 3.10 or higher is not present.

3) AF_UNIX fix addresses a problem in which any user on the system could
perform a DoS

4) Exec bug fixes a problem where any user on the system could open any file
or device for side effects on open()

5) Masquerading bug fixes protect against bugs in the UDP code that allow an
attacker to scan and build paths for packet arrival. This is configurable,
because the non security behaviour is useful for some games. This also stops
people from building attacks using a compromised ftp server to build back
channels at server ports on the masquerrading host.

6) Ext2 filesystem bug fixes the error recovery on bad blocks in
directories, which could lead to unpredictable results when continuing to
read a directory after an IO failure. Also fixes a bug where it was possible
to get garbage returned from readdir() if you were reading directory
information into a user buffer which wasn't swapped into physical memory,
and you had multiple threads doing readdir() and seek() on the same file
descriptor.

7) A kernel nfsd denial of service exposure is now fixed.

8) [Sparc only] Several denial of service attacks by local users on Sparc
machines are now patched.

4. Solution:

Upgrade to kernel-2.2.14-12.

The procedure for upgrading the kernel is documented at:

http://www.Red Hat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before proceeding
with the kernel upgrade.

5. Bug IDs fixed (http://bugzilla.Red Hat.com/bugzilla for more info):

10409 - agp driver not build


6. Obsoleted by:

N/A

7. Conflicts with:

N/A

8. RPMs required:

Red Hat Linux 6.2

intel (i386, i586 and i686 optimized kernels):
ftp://updates.Red Hat.com/6.2/i386/kernel-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i386/kernel-smp-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i386/kernel-headers-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i386/kernel-source-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i386/kernel-doc-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i386/kernel-pcmcia-cs-2.2.14-12.i386.rpm
ftp://updates.Red Hat.com/6.2/i586/kernel-2.2.14-12.i586.rpm
ftp://updates.Red Hat.com/6.2/i586/kernel-smp-2.2.14-12.i586.rpm
ftp://updates.Red Hat.com/6.2/i686/kernel-2.2.14-12.i686.rpm
ftp://updates.Red Hat.com/6.2/i686/kernel-smp-2.2.14-12.i686.rpm

alpha:
ftp://updates.Red Hat.com/6.2/alpha/kernel-2.2.14-12.alpha.rpm
ftp://updates.Red Hat.com/6.2/alpha/kernel-smp-2.2.14-12.alpha.rpm
ftp://updates.Red Hat.com/6.2/alpha/kernel-headers-2.2.14-12.alpha.rpm
ftp://updates.Red Hat.com/6.2/alpha/kernel-source-2.2.14-12.alpha.rpm
ftp://updates.Red Hat.com/6.2/alpha/kernel-doc-2.2.14-12.alpha.rpm

sparc:
ftp://updates.Red Hat.com/6.2/sparc/kernel-2.2.14-12.sparc.rpm
ftp://updates.Red Hat.com/6.2/sparc/kernel-smp-2.2.14-12.sparc.rpm
ftp://updates.Red Hat.com/6.2/sparc/kernel-headers-2.2.14-12.sparc.rpm
ftp://updates.Red Hat.com/6.2/sparc/kernel-source-2.2.14-12.sparc.rpm
ftp://updates.Red Hat.com/6.2/sparc/kernel-doc-2.2.14-12.sparc.rpm

sources:
ftp://updates.Red Hat.com/6.2/SRPMS/kernel-2.2.14-12.src.rpm

9. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
c89d484320c146ea34959b29eecc97a2  6.2/SRPMS/kernel-2.2.14-12.src.rpm
c8ff378080dbe8b80ff12a917b87087d  6.2/alpha/kernel-2.2.14-12.alpha.rpm
cc66d5776c23b8e35213b11b9fef7df1  6.2/alpha/kernel-doc-2.2.14-12.alpha.rpm
578ac2f5e7f3d791b13d2366d0f3568c  6.2/alpha/kernel-headers-2.2.14-12.alpha.rpm
c7ab6ebfcb8da46c3600a0c0b23bb9ae  6.2/alpha/kernel-smp-2.2.14-12.alpha.rpm
4159b1b9b13c45a00bd2198e183c01ff  6.2/alpha/kernel-source-2.2.14-12.alpha.rpm
1f2735d819c192e8a85d6fe31ad769f4  6.2/i386/kernel-2.2.14-12.i386.rpm
9e52cbb798bc1938d9daaa6e88e0dd14  6.2/i386/kernel-doc-2.2.14-12.i386.rpm
8e86ae48bc41f3dd96908af004a4116c  6.2/i386/kernel-headers-2.2.14-12.i386.rpm
ba03fafbec6373887003bc49b82a1786  6.2/i386/kernel-pcmcia-cs-2.2.14-12.i386.rpm
291cdd4571c36e4f241eb5bdfc5c7131  6.2/i386/kernel-smp-2.2.14-12.i386.rpm
395f90591ae401df818c2472786d76f7  6.2/i386/kernel-source-2.2.14-12.i386.rpm
6d129d9bea0099f8af1c586a690571e8  6.2/i586/kernel-2.2.14-12.i586.rpm
02c7db1b6f91612827d5fc358a0c4b56  6.2/i586/kernel-smp-2.2.14-12.i586.rpm
13b5e3cab890e0a7940d1eebf26fe9b3  6.2/i686/kernel-2.2.14-12.i686.rpm
4b70292e101005947c0b2e49070c3be3  6.2/i686/kernel-smp-2.2.14-12.i686.rpm
d6bf517e60a5c821440c72a15ec43b67  6.2/sparc/kernel-2.2.14-12.sparc.rpm
60221961c206f8238da7275fd34d6a41  6.2/sparc/kernel-doc-2.2.14-12.sparc.rpm
7fa5fcf38df5636f7657b68eb5e3af0e  6.2/sparc/kernel-headers-2.2.14-12.sparc.rpm
3835ec733154d69e23493f97706128ee  6.2/sparc/kernel-smp-2.2.14-12.sparc.rpm
8d21f109ed1b58f97c2f5119253a06ee  6.2/sparc/kernel-source-2.2.14-12.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.Red Hat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

10. References:

http://www.Red Hat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
University of California, Berkeley Hacked, Data Compromised
London teen pleads guilty to Spamhaus DDoS
New England security group shares threat intelligence, strives to bolster region
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.