Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Slackware: kernel Multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Team   
Slackware These provide an improved version of theptrace fix that had been applied to 2.4.20 in Slackware 9.0, andfix a potential denial of service problem with netfilter.

[slackware-security]  2.4.21 kernels available (SSA:2003-168-01)

Precompiled Linux 2.4.21 kernels and source packages are now available for
Slackware 9.0 and -current.  These provide an improved version of the
ptrace fix that had been applied to 2.4.20 in Slackware 9.0 (for example,
command line options now appear correctly when root does 'ps ax'), and
fix a potential denial of service problem with netfilter.

Here are the details from the Slackware 9.0 ChangeLog:
Tue Jun 17 19:41:55 PDT 2003
New precompiled Linux 2.4.21 kernels and source packages are now available
  for Slackware 9.0.  These fix a few problems with the ptrace patch used
  with the 2.4.20 kernel, and add a few extra drivers (like Silicon Image
  Serial-ATA support).  The new kernel also fixes a number of security
  issues, such as a routing cache problem in 2.4.20 and earlier can allow
  an attacker to cause hash collisions in the prerouting chain that consume
  CPU resources resulting in a denial-of-service (CAN-2003-0244).
patches/packages/kernel-headers-2.4.21-i386-1.tgz:  Upgraded to Linux
  2.4.21 kernel headers.
patches/packages/kernel-ide-2.4.21-i486-1.tgz:  Upgraded to Linux 2.4.21.
patches/packages/kernel-modules-2.4.21-i486-1.tgz:  Upgraded kernel modules
  to Linux 2.4.21.
patches/packages/kernel-modules-2.4.21_xfs-i486-1.tgz:  Upgraded the
  XFS-patched kernel modules package to Linux 2.4.21-xfs.  These are needed
  for the xfs.i kernel.
patches/packages/kernel-source-2.4.21-noarch-1.tgz:  Upgraded to Linux
  2.4.21 source.
patches/kernels/*:  Upgraded to Linux 2.4.21.
(* Security fix *)


Updated packages for Slackware 9.0:


If you are using the standard Slackware "bare.i" kernel, you may update
your kernel like this:

upgradepkg kernel-ide-2.4.21-i486-1.tgz kernel-modules-2.4.21-i486-1.tgz

Then, reinstall your boot loader.  This may be as simple as running 'lilo'
as root, or you may use 'makebootdisk' to create a new boot floppy.

If you use a different kernel, you'll want to use upgradepkg to update the
appropriate kernel modules package (kernel-modules-2.4.21-i486-1.tgz for
most kernels, but if you use the xfs.i kernel with XFS patches, then you
will need to use the kernel-modules-2.4.21_xfs-i486-1.tgz package instead).
Then, install the kernel from the kernels/ directory.  For example, to
install the adaptec.s kernel:
  cd kernels/adaptec.s
  rm -f /boot/ /boot/config /boot/vmlinuz
  cp -a config bzImage /boot
  gzip -d /boot/
  mv /boot/bzImage /boot/vmlinuz
Then, reinstall your boot loader.

You may also wish to update your installed kernel sources:

upgradepkg kernel-headers-2.4.21-i386-1.tgz kernel-source-2.4.21-noarch-1.tgz

If you use XFS or Speakup you'll need to apply additional patches found here:


Slackware Linux Security Team

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Tech Companies, Privacy Advocates Call for NSA Reform
Google warns of unauthorized TLS certificates trusted by almost all OSes
How Kevin Mitnick hacked the audience at CeBIT 2015
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.