Fedora: Kernel crash vulnerability
Posted by LinuxSecurity.com Team   
Fedora The kernel shipped with Fedora Core 1 was vulnerable to a bug in theerror return on a concurrent fork() with threaded exit() which could beexploited by a user level program to crash the kernel.

---------------------------------------------------------------------
Fedora Security Update Notification
FEDORA-2003-026
2003-12-02
---------------------------------------------------------------------

Name        : kernel
Version     : 2.4.22                      
Release     : 1.2129.nptl                  
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of your
Red Hat Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

---------------------------------------------------------------------

The kernel shipped with Fedora Core 1 was vulnerable to a bug in the
error return on a concurrent fork() with threaded exit() which could be
exploited by a user level program to crash the kernel.

In addition to this bug fix, the changelog below details various
other non security fixes that have been added.


* Mon Dec 01 2003 Dave Jones <davej@Red Hat.com>

- sys_tgkill wasn't enabled on IA32.

* Sun Nov 30 2003 Dave Jones <davej@Red Hat.com>

- Process scheduler fix.
  When doing sync wakeups we must not skip the notification of other cpus if
  the task is not on this runqueue.

* Wed Nov 26 2003 Justin M. Forbes <64bit_fedora@comcast.net>

- Merge required ia32 syscalls for AMD64
- [f]truncate64 for 32bit code fix

* Mon Nov 24 2003 Dave Jones <davej@Red Hat.com>

- Fix power-off on shutdown with ACPI.
- Add missing part of recent cmpci fix
- Drop CONFIG_NR_CPUS patch which was problematic.
- Fold futex-fix into main futex patch.
- Fix TG3 tqueue initialisation.
- Various NPTL fixes.

* Fri Nov 14 2003 Dave Jones <davej@Red Hat.com>

- Drop netfilter change which proved to be bad upstream.

* Thu Nov 13 2003 Justin M. Forbes <64bit_fedora@comcast.net>

- Fix NForce3 DMA and ATA133 on AMD64

* Wed Nov 12 2003 Dave Jones <davej@Red Hat.com>

- Fix syscall definitions on AMD64

* Tue Nov 11 2003 Dave Jones <davej@Red Hat.com>

- Fix Intel 440GX Interrupt routing.
- Fix waitqueue leak in cmpci driver.

* Mon Nov 10 2003 Dave Jones <davej@Red Hat.com>

- Kill noisy warnings in the DRM modules.
- Merge munged upstream x86-64.org patch for various AMD64 fixes.

* Mon Nov 03 2003 Dave Jones <davej@Red Hat.com>

- Further cleanups related to AMD64 build.

* Fri Oct 31 2003 Dave Jones <davej@Red Hat.com>

- Make AMD64 build.


---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.Red Hat.com/pub/fedora/linux/core/updates/1/

b2ca2e65c14ba3a32bbae6b11e368033  SRPMS/kernel-2.4.22-1.2129.nptl.src.rpm
30c673e9bd3470d2323fad69ba064a59  i386/kernel-source-2.4.22-1.2129.nptl.i386.rpm
ea3ca9fce1003aa1c03396501fe8e8e4  i386/kernel-doc-2.4.22-1.2129.nptl.i386.rpm
90bbab66acb77dbfe6e2ae91fca5f4c8  i386/kernel-BOOT-2.4.22-1.2129.nptl.i386.rpm
a9ebdfdfd8d19a72decf1b8d5549996b  i386/debug/kernel-debuginfo-2.4.22-1.2129.nptl.i386.rpm
d088887cfc2894539051ec7708ef7c9e  i386/kernel-2.4.22-1.2129.nptl.i586.rpm
43edf191d8dd0713964ee922e85179a4  i386/debug/kernel-debuginfo-2.4.22-1.2129.nptl.i586.rpm
ee7850054d3f2b3f72a7d262a398ad87  i386/kernel-2.4.22-1.2129.nptl.i686.rpm
a023b71cda6252a168c69a05e894e988  i386/kernel-smp-2.4.22-1.2129.nptl.i686.rpm
7c23798f7d4d3852cf395a23169e99df  i386/debug/kernel-debuginfo-2.4.22-1.2129.nptl.i686.rpm
a81da54e2c360f336e35135b5b3fedb9  i386/kernel-2.4.22-1.2129.nptl.athlon.rpm
230fedc801524652681a23cfd6aad8a4  i386/kernel-smp-2.4.22-1.2129.nptl.athlon.rpm
7f461087fa103bef89c14057413e0c1d  i386/debug/kernel-debuginfo-2.4.22-1.2129.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------


--
fedora-announce-list mailing list
fedora-announce-list@Red Hat.com 
http://www.Red Hat.com/mailman/listinfo/fedora-announce-list