---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          New kernel 2.2 packages fix local denial of service issue
Advisory ID:       RHSA-2002:264-05
Issue date:        2002-09-23
Updated on:        2002-11-25
Product:           Red Hat Linux
Keywords:          bugtraq DoS
Cross references:  
Obsoletes:         RHSA-2002:210
---------------------------------------------------------------------

1. Topic:

The kernel in Red Hat Linux 6.2 and 7 is vulnerable to
a local denial of service attack.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386, i586, i686
Red Hat Linux 7.0 - i386, i586, i686

3. Problem description:

The Linux kernel handles the basic functions of the operating system.
A vulnerability in the Linux kernel has been discovered in which a non-root
user can cause the machine to freeze. This kernel addresses the
vulnerability.  

Note: This bug is specific to the x86 architecture kernels only, and does
not affect other architectures.

All users of Red Hat Linux 6.2 and 7 should upgrade to
these errata packages, which are not vulnerable to this issue.

Thanks go to Christopher Devine for reporting the vulnerability on bugtraq,
and Petr Vandrovec for being the first to supply a fix to the community.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied. 

The procedure for upgrading the kernel is documented at:
 
Support

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network.  Many
people find this to be an easier way to apply updates.  To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
  
 

i586: 
  
 

i686: 
  
  
 

Red Hat Linux 7.0:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
 

i586: 
  
 

i686: 
  
  
 



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
8c93dac15cbb3162f4cde7c0c0de5643 6.2/en/os/SRPMS/kernel-2.2.22-6.2.3.src.rpm
a9b510b4ffca3e7bf643a46f99ee749f 6.2/en/os/i386/kernel-2.2.22-6.2.3.i386.rpm
5c08d5ac6ffebde931cc924914bf4f10 6.2/en/os/i386/kernel-BOOT-2.2.22-6.2.3.i386.rpm
d417601fb70f93e159a10cf5a9e6e21b 6.2/en/os/i386/kernel-doc-2.2.22-6.2.3.i386.rpm
436d4c050116d0feb910bd93307797f2 6.2/en/os/i386/kernel-headers-2.2.22-6.2.3.i386.rpm
9c55348902c8a8f307be174c4602f59d 6.2/en/os/i386/kernel-ibcs-2.2.22-6.2.3.i386.rpm
6d37e0e877ba6c7d812b56ab3019260e 6.2/en/os/i386/kernel-pcmcia-cs-2.2.22-6.2.3.i386.rpm
36d0b2a93762e0f4f758bcd93e034312 6.2/en/os/i386/kernel-smp-2.2.22-6.2.3.i386.rpm
d8d77e393802a68aebf80e292522e16b 6.2/en/os/i386/kernel-source-2.2.22-6.2.3.i386.rpm
c8d46df81889868d1faff01fca32b284 6.2/en/os/i386/kernel-utils-2.2.22-6.2.3.i386.rpm
cd23cad52c4cda6b5f07480cdf21ed3b 6.2/en/os/i586/kernel-2.2.22-6.2.3.i586.rpm
53a7a0043e0d31b144fd61bdaf11e187 6.2/en/os/i586/kernel-smp-2.2.22-6.2.3.i586.rpm
93f87f2b9cfec1fd06529b6a28939d75 6.2/en/os/i686/kernel-2.2.22-6.2.3.i686.rpm
c4fd6d256c39ebc4ea00806b5ab3d56a 6.2/en/os/i686/kernel-enterprise-2.2.22-6.2.3.i686.rpm
ff2017bb51f4d19572fde3f451d09dd1 6.2/en/os/i686/kernel-smp-2.2.22-6.2.3.i686.rpm
f82a5596f9b243dec8742963756c11ce 7.0/en/os/SRPMS/kernel-2.2.22-7.0.3.src.rpm
ba432d1cde8294af402b86270b496d3b 7.0/en/os/i386/kernel-2.2.22-7.0.3.i386.rpm
63e83e11ea93f22f4640914b14defc64 7.0/en/os/i386/kernel-BOOT-2.2.22-7.0.3.i386.rpm
c11cc524a48dada56206b02f0c8a9425 7.0/en/os/i386/kernel-doc-2.2.22-7.0.3.i386.rpm
d5c4579a9db0a2d8e8288b8a539dbfea 7.0/en/os/i386/kernel-ibcs-2.2.22-7.0.3.i386.rpm
cf201e8b3441f9a01799b89a8c748d0e 7.0/en/os/i386/kernel-pcmcia-cs-2.2.22-7.0.3.i386.rpm
1fc8a3891a20c03062eb8c369a62bfce 7.0/en/os/i386/kernel-smp-2.2.22-7.0.3.i386.rpm
554eba6533979171920db4c933e8f0eb 7.0/en/os/i386/kernel-source-2.2.22-7.0.3.i386.rpm
3d42a527d8c3193d48e559f86a2ac710 7.0/en/os/i386/kernel-utils-2.2.22-7.0.3.i386.rpm
d73578bf7c208e6e11b8f3d71dd5292f 7.0/en/os/i586/kernel-2.2.22-7.0.3.i586.rpm
a528f8c13f296c12f063227606ffd7ff 7.0/en/os/i586/kernel-smp-2.2.22-7.0.3.i586.rpm
b58bd6b9bd450fe76270f2187d740fea 7.0/en/os/i686/kernel-2.2.22-7.0.3.i686.rpm
ca1fc2c95dd8e63a23507514889b9a8b 7.0/en/os/i686/kernel-enterprise-2.2.22-7.0.3.i686.rpm
70d3da3e911ae417338701537044530d 7.0/en/os/i686/kernel-smp-2.2.22-7.0.3.i686.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at  About

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


7. References:
 
kernel

8. Contact:

The Red Hat security contact is <security@RedHat.com>.  More contact
details at  All Red Hat products

Copyright(c) 2000, 2001, 2002 Red Hat, Inc.

RedHat: 2.2 kernel denial of service vulnerability

The kernel in Red Hat Linux 6.2 and 7 is vulnerable to a local denial of service attack.

Summary



Summary

The Linux kernel handles the basic functions of the operating system.A vulnerability in the Linux kernel has been discovered in which a non-rootuser can cause the machine to freeze. This kernel addresses thevulnerability. Note: This bug is specific to the x86 architecture kernels only, and doesnot affect other architectures.All users of Red Hat Linux 6.2 and 7 should upgrade tothese errata packages, which are not vulnerable to this issue.Thanks go to Christopher Devine for reporting the vulnerability on bugtraq,and Petr Vandrovec for being the first to supply a fix to the community.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
The procedure for upgrading the kernel is documented at:
Support
Please read the directions for your architecture carefully before proceeding with the kernel upgrade.
Please note that this update is also available via Red Hat Network. Many people find this to be an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly on default configurations of up2date.
5. RPMs required:
Red Hat Linux 6.2:
SRPMS:

i386:









i586:


i686:



Red Hat Linux 7.0:
SRPMS:

i386:








i586:


i686:





6. Verification:
MD5 sum Package Name 8c93dac15cbb3162f4cde7c0c0de5643 6.2/en/os/SRPMS/kernel-2.2.22-6.2.3.src.rpm a9b510b4ffca3e7bf643a46f99ee749f 6.2/en/os/i386/kernel-2.2.22-6.2.3.i386.rpm 5c08d5ac6ffebde931cc924914bf4f10 6.2/en/os/i386/kernel-BOOT-2.2.22-6.2.3.i386.rpm d417601fb70f93e159a10cf5a9e6e21b 6.2/en/os/i386/kernel-doc-2.2.22-6.2.3.i386.rpm 436d4c050116d0feb910bd93307797f2 6.2/en/os/i386/kernel-headers-2.2.22-6.2.3.i386.rpm 9c55348902c8a8f307be174c4602f59d 6.2/en/os/i386/kernel-ibcs-2.2.22-6.2.3.i386.rpm 6d37e0e877ba6c7d812b56ab3019260e 6.2/en/os/i386/kernel-pcmcia-cs-2.2.22-6.2.3.i386.rpm 36d0b2a93762e0f4f758bcd93e034312 6.2/en/os/i386/kernel-smp-2.2.22-6.2.3.i386.rpm d8d77e393802a68aebf80e292522e16b 6.2/en/os/i386/kernel-source-2.2.22-6.2.3.i386.rpm c8d46df81889868d1faff01fca32b284 6.2/en/os/i386/kernel-utils-2.2.22-6.2.3.i386.rpm cd23cad52c4cda6b5f07480cdf21ed3b 6.2/en/os/i586/kernel-2.2.22-6.2.3.i586.rpm 53a7a0043e0d31b144fd61bdaf11e187 6.2/en/os/i586/kernel-smp-2.2.22-6.2.3.i586.rpm 93f87f2b9cfec1fd06529b6a28939d75 6.2/en/os/i686/kernel-2.2.22-6.2.3.i686.rpm c4fd6d256c39ebc4ea00806b5ab3d56a 6.2/en/os/i686/kernel-enterprise-2.2.22-6.2.3.i686.rpm ff2017bb51f4d19572fde3f451d09dd1 6.2/en/os/i686/kernel-smp-2.2.22-6.2.3.i686.rpm f82a5596f9b243dec8742963756c11ce 7.0/en/os/SRPMS/kernel-2.2.22-7.0.3.src.rpm ba432d1cde8294af402b86270b496d3b 7.0/en/os/i386/kernel-2.2.22-7.0.3.i386.rpm 63e83e11ea93f22f4640914b14defc64 7.0/en/os/i386/kernel-BOOT-2.2.22-7.0.3.i386.rpm c11cc524a48dada56206b02f0c8a9425 7.0/en/os/i386/kernel-doc-2.2.22-7.0.3.i386.rpm d5c4579a9db0a2d8e8288b8a539dbfea 7.0/en/os/i386/kernel-ibcs-2.2.22-7.0.3.i386.rpm cf201e8b3441f9a01799b89a8c748d0e 7.0/en/os/i386/kernel-pcmcia-cs-2.2.22-7.0.3.i386.rpm 1fc8a3891a20c03062eb8c369a62bfce 7.0/en/os/i386/kernel-smp-2.2.22-7.0.3.i386.rpm 554eba6533979171920db4c933e8f0eb 7.0/en/os/i386/kernel-source-2.2.22-7.0.3.i386.rpm 3d42a527d8c3193d48e559f86a2ac710 7.0/en/os/i386/kernel-utils-2.2.22-7.0.3.i386.rpm d73578bf7c208e6e11b8f3d71dd5292f 7.0/en/os/i586/kernel-2.2.22-7.0.3.i586.rpm a528f8c13f296c12f063227606ffd7ff 7.0/en/os/i586/kernel-smp-2.2.22-7.0.3.i586.rpm b58bd6b9bd450fe76270f2187d740fea 7.0/en/os/i686/kernel-2.2.22-7.0.3.i686.rpm ca1fc2c95dd8e63a23507514889b9a8b 7.0/en/os/i686/kernel-enterprise-2.2.22-7.0.3.i686.rpm 70d3da3e911ae417338701537044530d 7.0/en/os/i686/kernel-smp-2.2.22-7.0.3.i686.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at About
You can verify each package with the following command:
rpm --checksig -v
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:
md5sum

References

kernel

Package List


Severity
Advisory ID: RHSA-2002:264-05
Issued Date: : 2002-09-23
Updated on: 2002-11-25
Product: Red Hat Linux
Keywords: bugtraq DoS
Cross references:
Obsoletes: RHSA-2002:210

Topic


Topic

The kernel in Red Hat Linux 6.2 and 7 is vulnerable to

a local denial of service attack.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - i386, i586, i686

Red Hat Linux 7.0 - i386, i586, i686


Bugs Fixed


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved