---------------------------------------------------------------------
Fedora Security Update Notification
FEDORA-2004-079
2004-02-18
---------------------------------------------------------------------

Name        : kernel
Version     : 2.4.22                      
Release     : 1.2173.nptl                  
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of your
Fedora Core Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

Paul Starzetz discovered a flaw in return value checking in mremap() in the
Linux kernel versions 2.4.24 and previous that may allow a local attacker
to gain root privileges.  No exploit is currently available; however this
issue is exploitable. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.

Arjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could
allow local privilege escalation.  ncpfs is only used to allow a system to
mount volumes of NetWare servers or print to NetWare printers.  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0010 to this issue.

All users are advised to upgrade to these errata packages, which contain
backported security patches that correct these issues.   

Red Hat would like to thank Paul Starzetz from ISEC for reporting the issue
CAN-2004-0077.

---------------------------------------------------------------------

* Wed Feb 18 2004 Dave Jones <davej@redhat.com>
- Fix security problem in gamma DRI driver.

* Tue Feb 17 2004 Dave Jones <davej@redhat.com>
- Fix leak in SSTFB driver.

* Sat Feb 14 2004 Dave Jones <davej@redhat.com>
- aacraid fix for #92129

* Fri Feb 13 2004 Dave Jones <davej@redhat.com>
- Fix building of vt8231.o

* Thu Feb 05 2004 Dave Jones <davej@redhat.com>
- Check do_mremap return values (CAN-2004-0077)

* Mon Feb 02 2004 Dave Jones <davej@redhat.com>
- Disable stack overflow checking.
- More bits from 2.4.25pre
  - Fix ipt_conntrack/ipt_state module refcounting.
  - Zero last byte of mount option page
  - AMD64 update
  - Fix deep stack usage in ncpfs (CAN-2004-0010)

---------------------------------------------------------------------
This update can be downloaded from:
    

be83c63da2ef761aeb7e8696879be360  SRPMS/kernel-2.4.22-1.2173.nptl.src.rpm
78db0934086e959ad1bff965bcc2a188  i386/kernel-source-2.4.22-1.2173.nptl.i386.rpm
64a824908fb9851768f2bdd0911b5f65  i386/kernel-doc-2.4.22-1.2173.nptl.i386.rpm
f8136a330f1bdad42b5c08c5cfaa7464  i386/kernel-BOOT-2.4.22-1.2173.nptl.i386.rpm
50991b3c9e6a7ab6b16d884e032ad391  i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i386.rpm
731de10afe170d5ebd33c199690c947c  i386/kernel-2.4.22-1.2173.nptl.i586.rpm
7a676c2c3c5b899f9de46245e553dded  i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i586.rpm
c3571e87235b5717205f752a2981e044  i386/kernel-2.4.22-1.2173.nptl.i686.rpm
cebf23c3578adc7bfce4c39902111fd0  i386/kernel-smp-2.4.22-1.2173.nptl.i686.rpm
1eb059360ae74ba8116baa67835bce90  i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i686.rpm
c41be8c7cde8cbfab3630a03d4251bb2  i386/kernel-2.4.22-1.2173.nptl.athlon.rpm
958c124d969d6804bd81011924d063e2  i386/kernel-smp-2.4.22-1.2173.nptl.athlon.rpm
cc3b30df501a44e64c1405b6928c04f7  i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------


--
fedora-announce-list mailing list
fedora-announce-list@redhat.com 
fedora-announce-list Info Page

Fedora: kernel Privilege escalation vulnerability

February 18, 2004
Paul Starzetz discovered a flaw in return value checking in mremap() in the Linux kernel versions 2.4.24 and previous that may allow a local attacker to gain root privileges.

Summary

The kernel package contains the Linux kernel (vmlinuz), the core of your

Fedora Core Linux operating system. The kernel handles the basic functions

of the operating system: memory allocation, process allocation, device

input and output, etc.

Paul Starzetz discovered a flaw in return value checking in mremap() in the

Linux kernel versions 2.4.24 and previous that may allow a local attacker

to gain root privileges. No exploit is currently available; however this

issue is exploitable. The Common Vulnerabilities and Exposures project

(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.

Arjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could

allow local privilege escalation. ncpfs is only used to allow a system to

mount volumes of NetWare servers or print to NetWare printers. The Common

Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name

CAN-2004-0010 to this issue.

All users are advised to upgrade to these errata packages, which contain

backported security patches that correct these issues.

Red Hat would like to thank Paul Starzetz from ISEC for reporting the issue

CAN-2004-0077.

* Wed Feb 18 2004 Dave Jones <davej@redhat.com>

- Fix security problem in gamma DRI driver.

* Tue Feb 17 2004 Dave Jones <davej@redhat.com>

- Fix leak in SSTFB driver.

* Sat Feb 14 2004 Dave Jones <davej@redhat.com>

- aacraid fix for #92129

* Fri Feb 13 2004 Dave Jones <davej@redhat.com>

- Fix building of vt8231.o

* Thu Feb 05 2004 Dave Jones <davej@redhat.com>

- Check do_mremap return values (CAN-2004-0077)

* Mon Feb 02 2004 Dave Jones <davej@redhat.com>

- Disable stack overflow checking.

- More bits from 2.4.25pre

- Fix ipt_conntrack/ipt_state module refcounting.

- Zero last byte of mount option page

- AMD64 update

- Fix deep stack usage in ncpfs (CAN-2004-0010)

This update can be downloaded from:

be83c63da2ef761aeb7e8696879be360 SRPMS/kernel-2.4.22-1.2173.nptl.src.rpm

78db0934086e959ad1bff965bcc2a188 i386/kernel-source-2.4.22-1.2173.nptl.i386.rpm

64a824908fb9851768f2bdd0911b5f65 i386/kernel-doc-2.4.22-1.2173.nptl.i386.rpm

f8136a330f1bdad42b5c08c5cfaa7464 i386/kernel-BOOT-2.4.22-1.2173.nptl.i386.rpm

50991b3c9e6a7ab6b16d884e032ad391 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i386.rpm

731de10afe170d5ebd33c199690c947c i386/kernel-2.4.22-1.2173.nptl.i586.rpm

7a676c2c3c5b899f9de46245e553dded i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i586.rpm

c3571e87235b5717205f752a2981e044 i386/kernel-2.4.22-1.2173.nptl.i686.rpm

cebf23c3578adc7bfce4c39902111fd0 i386/kernel-smp-2.4.22-1.2173.nptl.i686.rpm

1eb059360ae74ba8116baa67835bce90 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i686.rpm

c41be8c7cde8cbfab3630a03d4251bb2 i386/kernel-2.4.22-1.2173.nptl.athlon.rpm

958c124d969d6804bd81011924d063e2 i386/kernel-smp-2.4.22-1.2173.nptl.athlon.rpm

cc3b30df501a44e64c1405b6928c04f7 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

--

fedora-announce-list mailing list

fedora-announce-list@redhat.com

fedora-announce-list Info Page

Fedora Security Update Notification FEDORA-2004-079 2004-02-18 Name : kernel Version : 2.4.22 Release : 1.2173.nptl Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of your Fedora Core Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. Paul Starzetz discovered a flaw in return value checking in mremap() in the Linux kernel versions 2.4.24 and previous that may allow a local attacker to gain root privileges. No exploit is currently available; however this issue is exploitable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0077 to this issue. Arjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could allow local privilege escalation. ncpfs is only used to allow a system to mount volumes of NetWare servers or print to NetWare printers. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0010 to this issue. All users are advised to upgrade to these errata packages, which contain backported security patches that correct these issues. Red Hat would like to thank Paul Starzetz from ISEC for reporting the issue CAN-2004-0077. * Wed Feb 18 2004 Dave Jones <davej@redhat.com> - Fix security problem in gamma DRI driver. * Tue Feb 17 2004 Dave Jones <davej@redhat.com> - Fix leak in SSTFB driver. * Sat Feb 14 2004 Dave Jones <davej@redhat.com> - aacraid fix for #92129 * Fri Feb 13 2004 Dave Jones <davej@redhat.com> - Fix building of vt8231.o * Thu Feb 05 2004 Dave Jones <davej@redhat.com> - Check do_mremap return values (CAN-2004-0077) * Mon Feb 02 2004 Dave Jones <davej@redhat.com> - Disable stack overflow checking. - More bits from 2.4.25pre - Fix ipt_conntrack/ipt_state module refcounting. - Zero last byte of mount option page - AMD64 update - Fix deep stack usage in ncpfs (CAN-2004-0010) This update can be downloaded from: be83c63da2ef761aeb7e8696879be360 SRPMS/kernel-2.4.22-1.2173.nptl.src.rpm 78db0934086e959ad1bff965bcc2a188 i386/kernel-source-2.4.22-1.2173.nptl.i386.rpm 64a824908fb9851768f2bdd0911b5f65 i386/kernel-doc-2.4.22-1.2173.nptl.i386.rpm f8136a330f1bdad42b5c08c5cfaa7464 i386/kernel-BOOT-2.4.22-1.2173.nptl.i386.rpm 50991b3c9e6a7ab6b16d884e032ad391 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i386.rpm 731de10afe170d5ebd33c199690c947c i386/kernel-2.4.22-1.2173.nptl.i586.rpm 7a676c2c3c5b899f9de46245e553dded i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i586.rpm c3571e87235b5717205f752a2981e044 i386/kernel-2.4.22-1.2173.nptl.i686.rpm cebf23c3578adc7bfce4c39902111fd0 i386/kernel-smp-2.4.22-1.2173.nptl.i686.rpm 1eb059360ae74ba8116baa67835bce90 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.i686.rpm c41be8c7cde8cbfab3630a03d4251bb2 i386/kernel-2.4.22-1.2173.nptl.athlon.rpm 958c124d969d6804bd81011924d063e2 i386/kernel-smp-2.4.22-1.2173.nptl.athlon.rpm cc3b30df501a44e64c1405b6928c04f7 i386/debug/kernel-debuginfo-2.4.22-1.2173.nptl.athlon.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -- fedora-announce-list mailing list fedora-announce-list@redhat.com fedora-announce-list Info Page

Change Log

References

Update Instructions

Severity
Name : kernel
Version : 2.4.22
Release : 1.2173.nptl
Summary : The Linux kernel (the core of the Linux operating system)

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved