LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Red Hat: kernel Multiple vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux This contains two similar advisories, once set fixing RHEE 3, and the other RHEE 2.1. Patch addresses two DoS attacks and several vulnerable drivers.

RHEE 3.0:

                   Red Hat Security Advisory

Synopsis:          Updated kernel packages fix security vulnerabilities
Advisory ID:       RHSA-2004:255-01
Issue date:        2004-06-17
Updated on:        2004-06-17
Product:           Red Hat Enterprise Linux
Keywords:          
Cross references:  
Obsoletes:         RHSA-2004:188
CVE Names:         CAN-2004-0427 CAN-2004-0495 CAN-2004-0554
- ---------------------------------------------------------------------

1. Topic:

Updated kernel packages for Red Hat Enterprise Linux 3 that fix security
vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

A flaw was found in Linux kernel versions 2.4 and 2.6 for x86 and x86_64
that allowed local users to cause a denial of service (system crash) by
triggering a signal handler with a certain sequence of fsave and frstor
instructions.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0554 to this issue.

Another flaw was discovered in an error path supporting the clone()
system call that allowed local users to cause a denial of service
(memory leak) by passing invalid arguments to clone() running in an
infinite loop of a user's program.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0427
to this issue.

Enhancements were committed to the 2.6 kernel by Al Viro which enabled the
Sparse source code checking tool to check for a certain class of kernel
bugs. A subset of these fixes also applies to various drivers in the 2.4
kernel.  Although the majority of these resides in drivers unsupported in
Red Hat Enterprise Linux 3, the flaws could lead to privilege escalation or
access to kernel memory.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0495 to these issues.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.  These packages contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate.  The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed  (http://bugzilla.redhat.com/bugzilla for more info):

125794 - CAN-2004-0554 local user can get the kernel to hang
125901 - [PATCH] CAN-2004-0554: FPU exception handling local DoS
125968 - last RH kernel affected bug
126121 - CAN-2004-0495 Sparse security fixes backported for 2.4 kernel

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS: 
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

ppc64:
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ppc64.rpm

ppc64iseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm

ppc64pseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm

s390:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm

s390x:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS: 
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS: 
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS: 
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm



7. Verification:

MD5 sum                          Package Name
- --------------------------------------------------------------------------
05b0bcb454ac5454479481d0288fbf20 kernel-2.4.21-15.0.2.EL.athlon.rpm
a3073219b60cbb7ce447a22e5103e097 kernel-2.4.21-15.0.2.EL.i686.rpm
90dabcf0bb591756e5f04f397cf8a156 kernel-2.4.21-15.0.2.EL.ia32e.rpm
24ddfb9f957028d3bbc5cfff2b25bc67 kernel-2.4.21-15.0.2.EL.ia64.rpm
495a1c8f85e0e237643fd2e3f89ddaed kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
6ad188ae0c61a077dede364c59448f61 kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
1b9d329e2b074616239a91fd967871c8 kernel-2.4.21-15.0.2.EL.s390.rpm
a8bab06e561ac8b6ab473b4e722a570b kernel-2.4.21-15.0.2.EL.s390x.rpm
669d77609b1c47ff49c939c1ea7bbc45 kernel-2.4.21-15.0.2.EL.src.rpm
13aabc1c96dfee65f73246051a955ba8 kernel-2.4.21-15.0.2.EL.x86_64.rpm
4635f8c6555f3b3e52feb9444b2e230d kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
6cf6c39a83dfe7cca9c9a79f02dc3fa8 kernel-doc-2.4.21-15.0.2.EL.i386.rpm
cc60f06bdd3ad6a05040df8ba40d41a1 kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
3f21dd578af78ed576c7cbf6e17a3f16 kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm
5e27cc65020dbb1c92368e79c3edcbe6 kernel-doc-2.4.21-15.0.2.EL.s390.rpm
860944b6a4e8384a0b344dc96ea48b6d kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
608d072210521af17c455f7754a6e352 kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
6c8dad84abc4dd1892c9dc862c329273 kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
426c517d35a53546138b0d72a0515909 kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
96eb477ac938da01b729b5ac5ed36e3b kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
bece09ba4a651196758380372dc4c593 kernel-smp-2.4.21-15.0.2.EL.i686.rpm
82154d7551d6e4947af70b3044c9d4d2 kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
9d24273cc70bb6be810984cb3f3d0a36 kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
775338e099c3bdf36a586d29e55dbd3e kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
8fde60be45154b7722893feb65506f42 kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
3c690c54909996d3bba3da7c8d8f894a kernel-source-2.4.21-15.0.2.EL.i386.rpm
a8fc2a1042ee3e580881b50c97a3241d kernel-source-2.4.21-15.0.2.EL.ia64.rpm
937a05a7666f14f95d20be19fc461f05 kernel-source-2.4.21-15.0.2.EL.ppc64.rpm
282bb4f0e5bfbec228a742ab6666665d kernel-source-2.4.21-15.0.2.EL.s390.rpm
6e9628389fa69aafc9c910e4b37a425a kernel-source-2.4.21-15.0.2.EL.s390x.rpm
44be30f820be806621b47786ebff1844 kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
17f10f04cffc9751afb1499aaff00fdc kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm
89ee51cb60f7a1f34e66cbb16abcba07 kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm
144943d76b23470572326c84b57c0dd9 kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm
60e5c1f1efa438a658b12e16543214cd kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm
57f0111e6443fd5a39099731cc0856e8 kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm
22f38c0c1abee45e0ac24caa19e06311 kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm
8f67e244ba867a103e6b211d3d0d1fba kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm
3522c33c18eb876b5033ef12398707fe kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm
aa060423c3136a26ca31a7aafa337380 kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm


These packages are GPG signed by Red Hat for security.  Our key is
available from https://www.redhat.com/security/team/key.html

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


8. References:
 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0427 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554

9. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
RHEE 2.1

                   Red Hat Security Advisory

Synopsis:          Updated kernel packages fix security vulnerabilities
Advisory ID:       RHSA-2004:260-01
Issue date:        2004-06-18
Updated on:        2004-06-18
Product:           Red Hat Enterprise Linux
Keywords:          
Cross references:  
Obsoletes:         RHSA-2004:188
CVE Names:         CAN-2004-0495 CAN-2004-0554
- ---------------------------------------------------------------------

1. Topic:

Updated kernel packages for Red Hat Enterprise Linux 2.1 that fix security
vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686
Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

A flaw was found in Linux kernel versions 2.4 and 2.6 for x86 and x86_64
that allowed local users to cause a denial of service (system crash) by
triggering a signal handler with a certain sequence of fsave and frstor
instructions.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0554 to this issue.

Enhancements were committed to the 2.6 kernel by Al Viro which enabled the
Sparse source code checking tool to check for a certain class of kernel
bugs. A subset of these fixes also applies to various drivers in the 2.4
kernel.  These flaws could lead to privilege escalation or access to kernel
memory.  The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-0495 to these issues.

All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.  These packages contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate.  The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed  (http://bugzilla.redhat.com/bugzilla for more info):

126122 - CAN-2004-0495 Sparse security fixes backported for 2.4 kernel
126031 - CAN-2004-0554 local user can get the kernel to hang

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS: 
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.41.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.9-e.41.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-headers-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-source-2.4.9-e.41.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-debug-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-enterprise-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-summit-2.4.9-e.41.i686.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS: 
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.41.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.9-e.41.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-headers-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-source-2.4.9-e.41.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-debug-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.i686.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS: 
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.41.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.9-e.41.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-headers-2.4.9-e.41.i386.rpm
Available from Red Hat Network: kernel-source-2.4.9-e.41.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-debug-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-enterprise-2.4.9-e.41.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.9-e.41.i686.rpm



7. Verification:

MD5 sum                          Package Name
- --------------------------------------------------------------------------
e8a6f83bc24e92297315f751559a251a kernel-2.4.9-e.41.athlon.rpm
3e0d87495a7c6b7bef7e02f55ef6d24a kernel-2.4.9-e.41.i686.rpm
3958537aa5fd88aebb95864351f824c8 kernel-2.4.9-e.41.src.rpm
fdf9aa6832ac6faeb301988d98e7a31b kernel-BOOT-2.4.9-e.41.i386.rpm
8aa5eb290f69829b5284c90705b6061f kernel-debug-2.4.9-e.41.i686.rpm
4af5cd44eb2fa282c0d743927478738c kernel-doc-2.4.9-e.41.i386.rpm
703fec744138ab5ca5118e266e5b75f1 kernel-enterprise-2.4.9-e.41.i686.rpm
55f2acc05244bf82043d85920aeab3e4 kernel-headers-2.4.9-e.41.i386.rpm
04ab73b3bca23210c7643a74a7602b49 kernel-smp-2.4.9-e.41.athlon.rpm
b2186df6f7d6c688a30365a17dc9a4b4 kernel-smp-2.4.9-e.41.i686.rpm
e6b5c0f91e0808d6c1ba5de86b600c17 kernel-source-2.4.9-e.41.i386.rpm
e05538bec3d7e58542c34f222890facf kernel-summit-2.4.9-e.41.i686.rpm


These packages are GPG signed by Red Hat for security.  Our key is
available from https://www.redhat.com/security/team/key.html

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


8. References:
 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554

9. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.