LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: 'kernel22' local privilege escalation vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Mandrake The ptrace vulnerability could be used by local users to gain root privilege, the symlink vulnerability could result in a local DoS.

________________________________________________________________________

                Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name:           kernel22
Date:                   October 26th, 2001
Advisory ID:            MDKSA-2001:082

Affected versions:      7.1, 7.2, 8.0, 8.1, Corporate Server 1.0.1,
                        Single Network Firewall 7.2
________________________________________________________________________

Problem Description:

 Rafal Wojtczuk found a vulnerability in the 2.2.19 and 2.4.11 Linux
 kernels with the ptrace code and deeply nested symlinks spending an
 arbitrary amount of time in the kernel code.  The ptrace vulnerability
 could be used by local users to gain root privilege, the symlink
 vulnerability could result in a local DoS.

 NOTE: This update is *not* meant to be done via MandrakeUpdate!  You
 must download the necessary RPMs and upgrade manually by following
 these steps:

   1.  Type: rpm -ivh kernel-[version].i586.rpm
   2.  Type: mv kernel-[version].i586.rpm /tmp
   3.  Type: rpm -Fvh *.rpm
   4a. You may wish to edit /etc/lilo.conf to ensure a new entry is in
       place.  The new kernel will be the last entry.  Change any options
       you need to change.  You will also want to create a new entry with
       the initrd and image directives pointing to the old kernel's
       vmlinuz and initrd images so you may also boot from the old
       images if required.
   4b. PPC users must execute some additional instructions.  First edit
       /etc/yaboot.conf and add a new entry for the kernel and change
       any options that you need to change.  You must also create a new
       initrd image to enable USB support for keyboards and mice by
       typing:
         mkinitrd --with=usb-ohci /boot/initrd-2.2.19-19.1mdk 2.2.19-19.1mdk
   5a. Type: /sbin/lilo -v
   5b. PPC users must type: /sbin/ybin -v

 You may then reboot and use the new kernel and remove the older kernel
 when you are comfortable using the upgraded one.
________________________________________________________________________

References:

   http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337
________________________________________________________________________

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package.  You can do this with the command:
  rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
   http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.

Linux-Mandrake 7.1:
1fd551f299c93b192feb1189bb6b049e  7.1/RPMS/alsa-2.2.19_0.5.10b-5.2mdk.i586.rpm
9f842e01d0cb62b8a30da0f9b483f08c  7.1/RPMS/alsa-source-2.2.19_0.5.10b-5.2mdk.i586.rpm
304420542a92f76c85b465ddf8861e10  7.1/RPMS/kernel-2.2.19-5.2mdk.i586.rpm
bd9934f6244b41948f82239c9e4af973  7.1/RPMS/kernel-doc-2.2.19-5.2mdk.i586.rpm
27e7f4ffe94a21693d10db01ea905cbe  7.1/RPMS/kernel-headers-2.2.19-5.2mdk.i586.rpm
f8b9152a5030992e87950176e31b76dd  7.1/RPMS/kernel-pcmcia-cs-2.2.19-5.2mdk.i586.rpm
45a9b2b89605676ee86b3a989434589b  7.1/RPMS/kernel-secure-2.2.19-5.2mdk.i586.rpm
001b21f47ade48242373a1cdae8aa503  7.1/RPMS/kernel-smp-2.2.19-5.2mdk.i586.rpm
f0d0e0fd0aa32b084bc29ec36939d378  7.1/RPMS/kernel-source-2.2.19-5.2mdk.i586.rpm
032398178fe6b3a826ea730c74461378  7.1/RPMS/kernel-utils-2.2.19-5.2mdk.i586.rpm
43e440aaa651a590287c5adbdbc92a93  7.1/RPMS/reiserfs-utils-2.2.19_3.5.29-5.2mdk.i586.rpm
f13ab9a51bce2f2386213ac68c1a34dd  7.1/SRPMS/kernel-2.2.19-5.2mdk.src.rpm

Linux-Mandrake 7.2:
446ebf53de386f07e183d77c33fdf33a  7.2/RPMS/alsa-2.2.19_0.5.10b-5.1mdk.i586.rpm
a0dc2f262e5deaf93bc270af7a01b340  7.2/RPMS/alsa-source-2.2.19_0.5.10b-5.1mdk.i586.rpm
fcc1907df00924c10c64ae60a7d5a400  7.2/RPMS/kernel-2.2.19-5.1mdk.i586.rpm
003135b5a545bbb22a972ac6301c5b99  7.2/RPMS/kernel-doc-2.2.19-5.1mdk.i586.rpm
d7e072775b3528648770b658d65375dd  7.2/RPMS/kernel-headers-2.2.19-5.1mdk.i586.rpm
a42c6ac0a6ab26c0a5992aaa4574ae5b  7.2/RPMS/kernel-pcmcia-cs-2.2.19-5.1mdk.i586.rpm
d80195dfa4aedf435f5ae82993e8afa3  7.2/RPMS/kernel-secure-2.2.19-5.1mdk.i586.rpm
d535affc1dad7f3dc63a9abe6b719ba8  7.2/RPMS/kernel-smp-2.2.19-5.1mdk.i586.rpm
4bd83c356e51adffdb32b476d0eda558  7.2/RPMS/kernel-source-2.2.19-5.1mdk.i586.rpm
79448d2ec448aeb23eb1a5c519da96c7  7.2/RPMS/kernel-utils-2.2.19-5.1mdk.i586.rpm
757609c3fc09fa9de14d3d7aa6150b46  7.2/RPMS/reiserfs-utils-2.2.19_3.5.29-5.1mdk.i586.rpm
299ef92dba0e4732991c80df2d356a9f  7.2/SRPMS/kernel-2.2.19-5.1mdk.src.rpm

Mandrake Linux 8.0:
777bc89220caef2bf5470867d103c7fb  8.0/RPMS/kernel22-2.2.19-19.1mdk.i586.rpm
96ee291d0bc3a68728e5e53d980b0aa4  8.0/RPMS/kernel22-secure-2.2.19-19.1mdk.i586.rpm
b0c356629c2c35273b646060d8c94b3e  8.0/RPMS/kernel22-smp-2.2.19-19.1mdk.i586.rpm
042d2fe6f409ad5d2380d8e16c8cc004  8.0/RPMS/kernel22-source-2.2.19-19.1mdk.i586.rpm
42ce13c7040dbec1dc37379b57c0f557  8.0/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm

Mandrake Linux 8.0 (PPC):
89174f97906a2f5b1f42113e1cdb5ae3  ppc/8.0/RPMS/kernel22-2.2.19-19.1mdk.ppc.rpm
2f239b3f38b556f3432d444d3b7f941e  ppc/8.0/RPMS/kernel22-secure-2.2.19-19.1mdk.ppc.rpm
f7396ee3358a2fe837313ba84987272e  ppc/8.0/RPMS/kernel22-smp-2.2.19-19.1mdk.ppc.rpm
86601e4cd3af59061a454b4c2d2d204b  ppc/8.0/RPMS/kernel22-source-2.2.19-19.1mdk.ppc.rpm
6b98e69d183424879a90a39b97714ac1  ppc/8.0/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm

Mandrake Linux 8.1:
777bc89220caef2bf5470867d103c7fb  8.1/RPMS/kernel22-2.2.19-19.1mdk.i586.rpm
96ee291d0bc3a68728e5e53d980b0aa4  8.1/RPMS/kernel22-secure-2.2.19-19.1mdk.i586.rpm
b0c356629c2c35273b646060d8c94b3e  8.1/RPMS/kernel22-smp-2.2.19-19.1mdk.i586.rpm
042d2fe6f409ad5d2380d8e16c8cc004  8.1/RPMS/kernel22-source-2.2.19-19.1mdk.i586.rpm
42ce13c7040dbec1dc37379b57c0f557  8.1/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm

Corporate Server 1.0.1:
54c7fd84f4061e6dec4624d9398082d9  1.0.1/RPMS/alsa-2.2.19_0.5.10b-5.3mdk.i586.rpm
c12e09418b9b8b2fcae335f3b71ff703  1.0.1/RPMS/alsa-source-2.2.19_0.5.10b-5.3mdk.i586.rpm
c862259dbaa9ccd59c7f55005fe73444  1.0.1/RPMS/kernel-2.2.19-5.3mdk.i586.rpm
6651117102969aff2afb25c2f6c489b1  1.0.1/RPMS/kernel-doc-2.2.19-5.3mdk.i586.rpm
e0d319ab9e31ac81b3acd5899c084ce9  1.0.1/RPMS/kernel-headers-2.2.19-5.3mdk.i586.rpm
29d2a1da07cd72a66530ffd65e6059be  1.0.1/RPMS/kernel-pcmcia-cs-2.2.19-5.3mdk.i586.rpm
2a489974f4805e82e0992f61d474a980  1.0.1/RPMS/kernel-secure-2.2.19-5.3mdk.i586.rpm
7204b64d976081b346ea2d937b7be77d  1.0.1/RPMS/kernel-smp-2.2.19-5.3mdk.i586.rpm
b45d07dae8e0fb0cba67ccd34d388c4f  1.0.1/RPMS/kernel-source-2.2.19-5.3mdk.i586.rpm
80662f490e035797941dc4973ffc1ca4  1.0.1/RPMS/kernel-utils-2.2.19-5.3mdk.i586.rpm
5fab41266e2665f8dcee47d930040738  1.0.1/RPMS/reiserfs-utils-2.2.19_3.5.29-5.3mdk.i586.rpm
53abac0c6a89df3f66673db59c92feb7  1.0.1/SRPMS/kernel-2.2.19-5.3mdk.src.rpm

Single Network Firewall 7.2:
fcc1907df00924c10c64ae60a7d5a400  snf7.2/RPMS/kernel-2.2.19-5.1mdk.i586.rpm
003135b5a545bbb22a972ac6301c5b99  snf7.2/RPMS/kernel-doc-2.2.19-5.1mdk.i586.rpm
d7e072775b3528648770b658d65375dd  snf7.2/RPMS/kernel-headers-2.2.19-5.1mdk.i586.rpm
a42c6ac0a6ab26c0a5992aaa4574ae5b  snf7.2/RPMS/kernel-pcmcia-cs-2.2.19-5.1mdk.i586.rpm
d80195dfa4aedf435f5ae82993e8afa3  snf7.2/RPMS/kernel-secure-2.2.19-5.1mdk.i586.rpm
d535affc1dad7f3dc63a9abe6b719ba8  snf7.2/RPMS/kernel-smp-2.2.19-5.1mdk.i586.rpm
4bd83c356e51adffdb32b476d0eda558  snf7.2/RPMS/kernel-source-2.2.19-5.1mdk.i586.rpm
79448d2ec448aeb23eb1a5c519da96c7  snf7.2/RPMS/kernel-utils-2.2.19-5.1mdk.i586.rpm
757609c3fc09fa9de14d3d7aa6150b46  snf7.2/RPMS/reiserfs-utils-2.2.19_3.5.29-5.1mdk.i586.rpm
299ef92dba0e4732991c80df2d356a9f  snf7.2/SRPMS/kernel-2.2.19-5.1mdk.src.rpm
________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):

________________________________________________________________________

To upgrade automatically, use MandrakeUpdate.

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".

You can download the updates directly from one of the mirror sites
listed at:

   http://www.linux-mandrake.com/en/ftp.php3.

Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/".  Updated source
RPMs are available as well, but you generally do not need to download
them.

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other security advisories for Mandrake Linux at:

   http://www.linux-mandrake.com/en/security/

If you want to report vulnerabilities, please contact

  security@linux-mandrake.com
________________________________________________________________________

Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:

security-announce@linux-mandrake.com

  Mandrake Linux's security announcements mailing list.  Only
  announcements are sent to this list and it is read-only.

security-discuss@linux-mandrake.com

  Mandrake Linux's security discussion mailing list.  This list is open
  to anyone to discuss Mandrake Linux security specifically and Linux
  security in general.

To subscribe to either list, send a message to
  sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.

To remove yourself from either list, send a message to
  sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.

To get more information on either list, send a message to
  sympa@linux-mandrake.com
with "info [listname]" in the body of the message.

Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:

   http://www.linux-mandrake.com/en/flists.php3#security
________________________________________________________________________

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security@linux-mandrake.com>


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see  http://www.gnupg.org

mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPa5AQ0EOWnn
7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ9F77
9FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzRxBXV
Jb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z269s
+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN6SCX
Vl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZjTcl
3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo0NAi
RYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJEJGX
lA==
=0ahQ
-----END PGP PUBLIC KEY BLOCK-----



 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Canadians arrest a Heartbleed hacker
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.