-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
--------------------------------------------------------------------- Red Hat Security Advisory
Synopsis: Updated kernel packages fix security vulnerabilities Advisory ID: RHSA-2004:549-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2004-549.html Issue date: 2004-12-02 Updated on: 2004-12-02 Product: Red Hat Enterprise Linux Keywords: taroon kernel security errata AF_UNIX Obsoletes: RHBA-2004:433 CVE Names: CAN-2004-0136 CAN-2004-0619 CAN-2004-0685 CAN-2004-0812 CAN-2004-0883 CAN-2004-0949 CAN-2004-1068 CAN-2004-1070 CAN-2004-1071 CAN-2004-1072 CAN-2004-1073 ---------------------------------------------------------------------
1. Summary:
Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64 Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64 Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64
3. Problem description:
The Linux kernel handles the basic functions of the operating system.
This update includes fixes for several security issues:
A missing serialization flaw in unix_dgram_recvmsg was discovered that affects kernels prior to 2.4.28. A local user could potentially make use of a race condition in order to gain privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1068 to this issue.
Paul Starzetz of iSEC discovered various flaws in the ELF binary loader affecting kernels prior to 2.4.28. A local user could use thse flaws to gain read access to executable-only binaries or possibly gain privileges. (CAN-2004-1070, CAN-2004-1071, CAN-2004-1072, CAN-2004-1073)
A flaw when setting up TSS limits was discovered that affects AMD AMD64 and Intel EM64T architecture kernels prior to 2.4.23. A local user could use this flaw to cause a denial of service (crash) or possibly gain privileges. (CAN-2004-0812)
An integer overflow flaw was discovered in the ubsec_keysetup function in the Broadcom 5820 cryptonet driver. On systems using this driver, a local user could cause a denial of service (crash) or possibly gain elevated privileges. (CAN-2004-0619)
Stefan Esser discovered various flaws including buffer overflows in the smbfs driver affecting kernels prior to 2.4.28. A local user may be able to cause a denial of service (crash) or possibly gain privileges. In order to exploit these flaws the user would require control of a connected Samba server. (CAN-2004-0883, CAN-2004-0949)
SGI discovered a bug in the elf loader that affects kernels prior to 2.4.25 which could be triggered by a malformed binary. On architectures other than x86, a local user could create a malicious binary which could cause a denial of service (crash). (CAN-2004-0136)
Conectiva discovered flaws in certain USB drivers affecting kernels prior to 2.4.27 which used the copy_to_user function on uninitialized structures. These flaws could allow local users to read small amounts of kernel memory. (CAN-2004-0685)
All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):
127258 - CAN-2004-0619 Broadcom 5820 integer overflow 127915 - CAN-2004-0136 Verify interpreter arch 127918 - CAN-2004-0685 usb sparse fixes in 2.4 133003 - CAN-2004-0812 User application with "out" instruction can crash the system 134720 - CAN-2004-0883 smbfs potential DOS (CAN-2004-0949) 134874 - CAN-2004-1070 binfmt_elf loader vulnerabilities (CAN-2004-1071 CAN-2004-1072 CAN-2004-1073) 134981 - CAN-2004-0136 Program crashes the kernel 140710 - CAN-2004-1068 Missing serialisation in unix_dgram_recvmsg
6. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS: kernel-2.4.21-20.0.1.EL.src.rpm c9e3ddfa76b6337d22ee18de622288c1 kernel-2.4.21-20.0.1.EL.src.rpm
athlon: f8c081ece832012d2336fdd79e4deb60 kernel-2.4.21-20.0.1.EL.athlon.rpm fdb4239f2bb030111db06b4d97db5caf kernel-smp-2.4.21-20.0.1.EL.athlon.rpm da055118ecfa029bdb09fdb8ebb1d955 kernel-smp-unsupported-2.4.21-20.0.1.EL.athlon.rpm fa9407f23524f3ed308564adfcfeb175 kernel-unsupported-2.4.21-20.0.1.EL.athlon.rpm
i386: 6783573b11708147b9eeebccfadc0d82 kernel-BOOT-2.4.21-20.0.1.EL.i386.rpm 6dd1727c460491c50d3baafa9f3eb48e kernel-doc-2.4.21-20.0.1.EL.i386.rpm 2a562d9602e88bf603315e8284be1b63 kernel-source-2.4.21-20.0.1.EL.i386.rpm
i686: 333a016b05fefae9c36edce0db8ce528 kernel-2.4.21-20.0.1.EL.i686.rpm 0880fd510254db4de758d7769c12aa22 kernel-hugemem-2.4.21-20.0.1.EL.i686.rpm 40bc41de62fd8954352271ab39d5a671 kernel-hugemem-unsupported-2.4.21-20.0.1.EL.i686.rpm 8c78b2438e867fb71842d766d0e9124d kernel-smp-2.4.21-20.0.1.EL.i686.rpm fc4efb54677603328eb4275f5cc13224 kernel-smp-unsupported-2.4.21-20.0.1.EL.i686.rpm 87f698bc20a97bdd8cc0d700449cb93f kernel-unsupported-2.4.21-20.0.1.EL.i686.rpm
ia32e: e30fe011aaec81a31ef08d318dbc0fcb kernel-2.4.21-20.0.1.EL.ia32e.rpm 56b4bb346e1eac026ae7d68952ce2c2e kernel-unsupported-2.4.21-20.0.1.EL.ia32e.rpm
ia64: 602204cf75227aa55af4701cc4528517 kernel-2.4.21-20.0.1.EL.ia64.rpm 999dae9a7f28e800a969f9470fd01aa9 kernel-doc-2.4.21-20.0.1.EL.ia64.rpm a5ab35ad4ec2542009bcf798d53c1a7a kernel-source-2.4.21-20.0.1.EL.ia64.rpm 7d3b7d3723dfa22e9587cf504da049f5 kernel-unsupported-2.4.21-20.0.1.EL.ia64.rpm
ppc64: 677ab689167f78686f91b88f36aa70a3 kernel-doc-2.4.21-20.0.1.EL.ppc64.rpm 2b0078cf957293819e11232b8d090b55 kernel-source-2.4.21-20.0.1.EL.ppc64.rpm
ppc64iseries: b22a72441fa3b7ca93101e41f4bee003 kernel-2.4.21-20.0.1.EL.ppc64iseries.rpm e8a2dd6770e48537a4606f5cb413a82e kernel-unsupported-2.4.21-20.0.1.EL.ppc64iseries.rpm
ppc64pseries: 2f5724e8b26f64ac1a3b401a8ce4e55a kernel-2.4.21-20.0.1.EL.ppc64pseries.rpm ba54755ba36b7176270d807468232af7 kernel-unsupported-2.4.21-20.0.1.EL.ppc64pseries.rpm
s390: 2c69b4903f00b833dc6343fecb1cbc21 kernel-2.4.21-20.0.1.EL.s390.rpm 229cdd30ce01ff95e5c12660598631b3 kernel-doc-2.4.21-20.0.1.EL.s390.rpm de76d738799e18613ff9d791e56453e9 kernel-source-2.4.21-20.0.1.EL.s390.rpm 4b75ed72fff3f4a4a6a0f05e23bdaeeb kernel-unsupported-2.4.21-20.0.1.EL.s390.rpm
s390x: e46dc77dc92833dea60ba5a03bf462f1 kernel-2.4.21-20.0.1.EL.s390x.rpm d8ed930629a1292ac52eeb1a9bbd067f kernel-doc-2.4.21-20.0.1.EL.s390x.rpm 585d443c6dd03e4ef290b637f5e7238c kernel-source-2.4.21-20.0.1.EL.s390x.rpm e1050dc296ba58c1b174fdf5ceb53be1 kernel-unsupported-2.4.21-20.0.1.EL.s390x.rpm
x86_64: a7b9984ba33ef118bfac14ccf3d55a92 kernel-2.4.21-20.0.1.EL.x86_64.rpm 11d87e3ae8f05534a8863edf9609a054 kernel-doc-2.4.21-20.0.1.EL.x86_64.rpm e91f6c5fb7353522f1e1edf4fa5ddc32 kernel-smp-2.4.21-20.0.1.EL.x86_64.rpm ebdc738c994fcb10a81987c52070bdd0 kernel-smp-unsupported-2.4.21-20.0.1.EL.x86_64.rpm bc37b34ac3e62c3ae600615621d8f2d2 kernel-source-2.4.21-20.0.1.EL.x86_64.rpm 25a000e88c186cd1c53185186eb27e48 kernel-unsupported-2.4.21-20.0.1.EL.x86_64.rpm
Red Hat Desktop version 3:
SRPMS: kernel-2.4.21-20.0.1.EL.src.rpm c9e3ddfa76b6337d22ee18de622288c1 kernel-2.4.21-20.0.1.EL.src.rpm
athlon: f8c081ece832012d2336fdd79e4deb60 kernel-2.4.21-20.0.1.EL.athlon.rpm fdb4239f2bb030111db06b4d97db5caf kernel-smp-2.4.21-20.0.1.EL.athlon.rpm da055118ecfa029bdb09fdb8ebb1d955 kernel-smp-unsupported-2.4.21-20.0.1.EL.athlon.rpm fa9407f23524f3ed308564adfcfeb175 kernel-unsupported-2.4.21-20.0.1.EL.athlon.rpm
i386: 6783573b11708147b9eeebccfadc0d82 kernel-BOOT-2.4.21-20.0.1.EL.i386.rpm 6dd1727c460491c50d3baafa9f3eb48e kernel-doc-2.4.21-20.0.1.EL.i386.rpm 2a562d9602e88bf603315e8284be1b63 kernel-source-2.4.21-20.0.1.EL.i386.rpm
i686: 333a016b05fefae9c36edce0db8ce528 kernel-2.4.21-20.0.1.EL.i686.rpm 0880fd510254db4de758d7769c12aa22 kernel-hugemem-2.4.21-20.0.1.EL.i686.rpm 40bc41de62fd8954352271ab39d5a671 kernel-hugemem-unsupported-2.4.21-20.0.1.EL.i686.rpm 8c78b2438e867fb71842d766d0e9124d kernel-smp-2.4.21-20.0.1.EL.i686.rpm fc4efb54677603328eb4275f5cc13224 kernel-smp-unsupported-2.4.21-20.0.1.EL.i686.rpm 87f698bc20a97bdd8cc0d700449cb93f kernel-unsupported-2.4.21-20.0.1.EL.i686.rpm
ia32e: e30fe011aaec81a31ef08d318dbc0fcb kernel-2.4.21-20.0.1.EL.ia32e.rpm 56b4bb346e1eac026ae7d68952ce2c2e kernel-unsupported-2.4.21-20.0.1.EL.ia32e.rpm
x86_64: a7b9984ba33ef118bfac14ccf3d55a92 kernel-2.4.21-20.0.1.EL.x86_64.rpm 11d87e3ae8f05534a8863edf9609a054 kernel-doc-2.4.21-20.0.1.EL.x86_64.rpm e91f6c5fb7353522f1e1edf4fa5ddc32 kernel-smp-2.4.21-20.0.1.EL.x86_64.rpm ebdc738c994fcb10a81987c52070bdd0 kernel-smp-unsupported-2.4.21-20.0.1.EL.x86_64.rpm bc37b34ac3e62c3ae600615621d8f2d2 kernel-source-2.4.21-20.0.1.EL.x86_64.rpm 25a000e88c186cd1c53185186eb27e48 kernel-unsupported-2.4.21-20.0.1.EL.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS: kernel-2.4.21-20.0.1.EL.src.rpm c9e3ddfa76b6337d22ee18de622288c1 kernel-2.4.21-20.0.1.EL.src.rpm
athlon: f8c081ece832012d2336fdd79e4deb60 kernel-2.4.21-20.0.1.EL.athlon.rpm fdb4239f2bb030111db06b4d97db5caf kernel-smp-2.4.21-20.0.1.EL.athlon.rpm da055118ecfa029bdb09fdb8ebb1d955 kernel-smp-unsupported-2.4.21-20.0.1.EL.athlon.rpm fa9407f23524f3ed308564adfcfeb175 kernel-unsupported-2.4.21-20.0.1.EL.athlon.rpm
i386: 6783573b11708147b9eeebccfadc0d82 kernel-BOOT-2.4.21-20.0.1.EL.i386.rpm 6dd1727c460491c50d3baafa9f3eb48e kernel-doc-2.4.21-20.0.1.EL.i386.rpm 2a562d9602e88bf603315e8284be1b63 kernel-source-2.4.21-20.0.1.EL.i386.rpm
i686: 333a016b05fefae9c36edce0db8ce528 kernel-2.4.21-20.0.1.EL.i686.rpm 0880fd510254db4de758d7769c12aa22 kernel-hugemem-2.4.21-20.0.1.EL.i686.rpm 40bc41de62fd8954352271ab39d5a671 kernel-hugemem-unsupported-2.4.21-20.0.1.EL.i686.rpm 8c78b2438e867fb71842d766d0e9124d kernel-smp-2.4.21-20.0.1.EL.i686.rpm fc4efb54677603328eb4275f5cc13224 kernel-smp-unsupported-2.4.21-20.0.1.EL.i686.rpm 87f698bc20a97bdd8cc0d700449cb93f kernel-unsupported-2.4.21-20.0.1.EL.i686.rpm
ia32e: e30fe011aaec81a31ef08d318dbc0fcb kernel-2.4.21-20.0.1.EL.ia32e.rpm 56b4bb346e1eac026ae7d68952ce2c2e kernel-unsupported-2.4.21-20.0.1.EL.ia32e.rpm
ia64: 602204cf75227aa55af4701cc4528517 kernel-2.4.21-20.0.1.EL.ia64.rpm 999dae9a7f28e800a969f9470fd01aa9 kernel-doc-2.4.21-20.0.1.EL.ia64.rpm a5ab35ad4ec2542009bcf798d53c1a7a kernel-source-2.4.21-20.0.1.EL.ia64.rpm 7d3b7d3723dfa22e9587cf504da049f5 kernel-unsupported-2.4.21-20.0.1.EL.ia64.rpm
x86_64: a7b9984ba33ef118bfac14ccf3d55a92 kernel-2.4.21-20.0.1.EL.x86_64.rpm 11d87e3ae8f05534a8863edf9609a054 kernel-doc-2.4.21-20.0.1.EL.x86_64.rpm e91f6c5fb7353522f1e1edf4fa5ddc32 kernel-smp-2.4.21-20.0.1.EL.x86_64.rpm ebdc738c994fcb10a81987c52070bdd0 kernel-smp-unsupported-2.4.21-20.0.1.EL.x86_64.rpm bc37b34ac3e62c3ae600615621d8f2d2 kernel-source-2.4.21-20.0.1.EL.x86_64.rpm 25a000e88c186cd1c53185186eb27e48 kernel-unsupported-2.4.21-20.0.1.EL.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS: kernel-2.4.21-20.0.1.EL.src.rpm c9e3ddfa76b6337d22ee18de622288c1 kernel-2.4.21-20.0.1.EL.src.rpm
athlon: f8c081ece832012d2336fdd79e4deb60 kernel-2.4.21-20.0.1.EL.athlon.rpm fdb4239f2bb030111db06b4d97db5caf kernel-smp-2.4.21-20.0.1.EL.athlon.rpm da055118ecfa029bdb09fdb8ebb1d955 kernel-smp-unsupported-2.4.21-20.0.1.EL.athlon.rpm fa9407f23524f3ed308564adfcfeb175 kernel-unsupported-2.4.21-20.0.1.EL.athlon.rpm
i386: 6783573b11708147b9eeebccfadc0d82 kernel-BOOT-2.4.21-20.0.1.EL.i386.rpm 6dd1727c460491c50d3baafa9f3eb48e kernel-doc-2.4.21-20.0.1.EL.i386.rpm 2a562d9602e88bf603315e8284be1b63 kernel-source-2.4.21-20.0.1.EL.i386.rpm
i686: 333a016b05fefae9c36edce0db8ce528 kernel-2.4.21-20.0.1.EL.i686.rpm 0880fd510254db4de758d7769c12aa22 kernel-hugemem-2.4.21-20.0.1.EL.i686.rpm 40bc41de62fd8954352271ab39d5a671 kernel-hugemem-unsupported-2.4.21-20.0.1.EL.i686.rpm 8c78b2438e867fb71842d766d0e9124d kernel-smp-2.4.21-20.0.1.EL.i686.rpm fc4efb54677603328eb4275f5cc13224 kernel-smp-unsupported-2.4.21-20.0.1.EL.i686.rpm 87f698bc20a97bdd8cc0d700449cb93f kernel-unsupported-2.4.21-20.0.1.EL.i686.rpm
ia32e: e30fe011aaec81a31ef08d318dbc0fcb kernel-2.4.21-20.0.1.EL.ia32e.rpm 56b4bb346e1eac026ae7d68952ce2c2e kernel-unsupported-2.4.21-20.0.1.EL.ia32e.rpm
ia64: 602204cf75227aa55af4701cc4528517 kernel-2.4.21-20.0.1.EL.ia64.rpm 999dae9a7f28e800a969f9470fd01aa9 kernel-doc-2.4.21-20.0.1.EL.ia64.rpm a5ab35ad4ec2542009bcf798d53c1a7a kernel-source-2.4.21-20.0.1.EL.ia64.rpm 7d3b7d3723dfa22e9587cf504da049f5 kernel-unsupported-2.4.21-20.0.1.EL.ia64.rpm
x86_64: a7b9984ba33ef118bfac14ccf3d55a92 kernel-2.4.21-20.0.1.EL.x86_64.rpm 11d87e3ae8f05534a8863edf9609a054 kernel-doc-2.4.21-20.0.1.EL.x86_64.rpm e91f6c5fb7353522f1e1edf4fa5ddc32 kernel-smp-2.4.21-20.0.1.EL.x86_64.rpm ebdc738c994fcb10a81987c52070bdd0 kernel-smp-unsupported-2.4.21-20.0.1.EL.x86_64.rpm bc37b34ac3e62c3ae600615621d8f2d2 kernel-source-2.4.21-20.0.1.EL.x86_64.rpm 25a000e88c186cd1c53185186eb27e48 kernel-unsupported-2.4.21-20.0.1.EL.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0136 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0685 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0812 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1068 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1073
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBrv1gXlSAg2UNWIIRAi/TAJ4tEWd/OWwzTKL4MH602lHlKbDyzgCfZ/+o ntkXKUObRw3vALyUMITPSkU= =Z8fX -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|