LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: kernel multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux Updated kernel packages for Red Hat Linux 6.2 and 7.0 are now available that fix several security vulnerabilities.

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          New kernel 2.2 packages fix vulnerabilities
Advisory ID:       RHSA-2003:088-01
Issue date:        2003-03-20
Updated on:        2003-03-20
Product:           Red Hat Linux
Keywords:          ethernet frame padding /proc/pid/mem
Cross references:  
Obsoletes:         RHSA-2002:264
CVE Names:         CAN-2003-0001 CAN-2003-1380 CAN-2003-0127
---------------------------------------------------------------------

1. Topic:

Updated kernel packages for Red Hat Linux 6.2 and 7.0 are now available
that fix several security vulnerabilities.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386, i586, i686
Red Hat Linux 7.0 - i386, i586, i686

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

A bug in the kernel module loader code allows a local user to gain root 
privileges. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0127 to this issue.

Multiple ethernet Network Interface Card (NIC) device drivers do not pad
frames with null bytes, which allows remote attackers to obtain information
from previous packets or kernel memory by using malformed packets.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2003-0001 to this issue.

The Linux 2.2 kernel allows local users to cause a denial of service
(crash) by using the mmap() function with a PROT_READ parameter to access
non-readable memory pages through the /proc/pid/mem interface.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2002-1380 to this issue.

All users of Red Hat Linux 6.2 and 7 should upgrade to these errata
packages, which contain version 2.2.24 of the Linux kernel with patches and
are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied. 

The procedure for upgrading the kernel is documented at:
 
http://www.Red Hat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network.  Many
people find this to be an easier way to apply updates.  To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
ftp://updates.Red Hat.com/6.2/en/os/SRPMS/kernel-2.2.24-6.2.3.src.rpm

i386: 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-smp-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-BOOT-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-ibcs-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-utils-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-pcmcia-cs-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-doc-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-headers-2.2.24-6.2.3.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/kernel-source-2.2.24-6.2.3.i386.rpm

i586: 
ftp://updates.Red Hat.com/6.2/en/os/i586/kernel-smp-2.2.24-6.2.3.i586.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i586/kernel-2.2.24-6.2.3.i586.rpm

i686: 
ftp://updates.Red Hat.com/6.2/en/os/i686/kernel-enterprise-2.2.24-6.2.3.i686.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i686/kernel-smp-2.2.24-6.2.3.i686.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i686/kernel-2.2.24-6.2.3.i686.rpm

Red Hat Linux 7.0:

SRPMS: 
ftp://updates.Red Hat.com/7.0/en/os/SRPMS/kernel-2.2.24-7.0.3.src.rpm

i386: 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-smp-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-BOOT-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-ibcs-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-utils-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-pcmcia-cs-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-doc-2.2.24-7.0.3.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/kernel-source-2.2.24-7.0.3.i386.rpm

i586: 
ftp://updates.Red Hat.com/7.0/en/os/i586/kernel-smp-2.2.24-7.0.3.i586.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i586/kernel-2.2.24-7.0.3.i586.rpm

i686: 
ftp://updates.Red Hat.com/7.0/en/os/i686/kernel-enterprise-2.2.24-7.0.3.i686.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i686/kernel-smp-2.2.24-7.0.3.i686.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i686/kernel-2.2.24-7.0.3.i686.rpm



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
e75a158ad3428385d80db17358c01d72 6.2/en/os/SRPMS/kernel-2.2.24-6.2.3.src.rpm
7c8137e737a20ce12528264742f1cf29 6.2/en/os/i386/kernel-2.2.24-6.2.3.i386.rpm
4d98b8669950a871a4f604955b8fdcd2 6.2/en/os/i386/kernel-BOOT-2.2.24-6.2.3.i386.rpm
169d7580f048e5ac4f97b60794182234 6.2/en/os/i386/kernel-doc-2.2.24-6.2.3.i386.rpm
c0ad13a3bd0f5c97cd6c776c8c4d2506 6.2/en/os/i386/kernel-headers-2.2.24-6.2.3.i386.rpm
4a7ac11d656242c86cb5c1a4630f1b7a 6.2/en/os/i386/kernel-ibcs-2.2.24-6.2.3.i386.rpm
3c99049af4f8807ea107cbf5eb3a1838 6.2/en/os/i386/kernel-pcmcia-cs-2.2.24-6.2.3.i386.rpm
da7c86e906fe8a5dfdccd5472e4b7264 6.2/en/os/i386/kernel-smp-2.2.24-6.2.3.i386.rpm
826eb077660afb473e46d88a660a6f1c 6.2/en/os/i386/kernel-source-2.2.24-6.2.3.i386.rpm
d069a463fe21bab5f76f02a31502123e 6.2/en/os/i386/kernel-utils-2.2.24-6.2.3.i386.rpm
eb349334ef125e741a85a8e869e7b523 6.2/en/os/i586/kernel-2.2.24-6.2.3.i586.rpm
adc808ed4014edaa4d4b010ddac4309c 6.2/en/os/i586/kernel-smp-2.2.24-6.2.3.i586.rpm
321dbf853a0cb81c8170459f8fc97893 6.2/en/os/i686/kernel-2.2.24-6.2.3.i686.rpm
e1750055ee17c7d57816f7ca8f3ccd2d 6.2/en/os/i686/kernel-enterprise-2.2.24-6.2.3.i686.rpm
76e6f3fe66df3ed6860264abe5a18de8 6.2/en/os/i686/kernel-smp-2.2.24-6.2.3.i686.rpm
49e5f301b4cddb0ede8e4debf749d284 7.0/en/os/SRPMS/kernel-2.2.24-7.0.3.src.rpm
7848dce7df9d50b7b4559f9e3f6cf9a1 7.0/en/os/i386/kernel-2.2.24-7.0.3.i386.rpm
3e16df51fe2cb5d4d2d452f48a8467f1 7.0/en/os/i386/kernel-BOOT-2.2.24-7.0.3.i386.rpm
5868fb09b963014bb7d6af0b0f07b6c0 7.0/en/os/i386/kernel-doc-2.2.24-7.0.3.i386.rpm
511ca20d6c01b4c631b8878bfc4cc76e 7.0/en/os/i386/kernel-ibcs-2.2.24-7.0.3.i386.rpm
e05486b8be3252fa24dbfbccae7c539e 7.0/en/os/i386/kernel-pcmcia-cs-2.2.24-7.0.3.i386.rpm
98b15116f2e5d623357e6f008118fcd5 7.0/en/os/i386/kernel-smp-2.2.24-7.0.3.i386.rpm
837c9b0986e9762a01756d169d96705d 7.0/en/os/i386/kernel-source-2.2.24-7.0.3.i386.rpm
1086439f7e649ca231a7074aa1273a80 7.0/en/os/i386/kernel-utils-2.2.24-7.0.3.i386.rpm
f0e5f6db3bfd8852c1869b70b9b1229f 7.0/en/os/i586/kernel-2.2.24-7.0.3.i586.rpm
72def97b1db6f807bd98bc2513807de9 7.0/en/os/i586/kernel-smp-2.2.24-7.0.3.i586.rpm
a134b4ed1db1733842e1206ace192825 7.0/en/os/i686/kernel-2.2.24-7.0.3.i686.rpm
5adeaf42c35a3b350623667e4026980e 7.0/en/os/i686/kernel-enterprise-2.2.24-7.0.3.i686.rpm
ef79dfd39815de20ae4a435341ec195c 7.0/en/os/i686/kernel-smp-2.2.24-7.0.3.i686.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at  http://www.Red Hat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


7. References:
 
http://www.atstake.com/research/advisories/2003/a010603-1.txt 
http://marc.theaimsgroup.com/?l=bugtraq&m=104033054204316 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1380 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0127

8. Contact:

The Red Hat security contact is <security@Red Hat.com>.  More contact
details at  http://www.Red Hat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.



_______________________________________________
Red Hat-watch-list mailing list
To unsubscribe, visit: https://listman.Red Hat.com/mailman/listinfo/Red Hat-watch-list


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Encryption goof fixed in TorrentLocker file-locking malware
Qubes: The Open Source OS Built for Security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.