RHSA-2004:689-01: Updated kernel packages fix security vulnerabilities
Posted on: 12/23/2004 06:54 PM

Updated kernel packages are available for Red Hat Enterprise Linux 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerabilities
Advisory ID: RHSA-2004:689-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2004-689.html
Issue date: 2004-12-23
Updated on: 2004-12-23
Product: Red Hat Enterprise Linux
Keywords: taroon kernel security errata
Obsoletes: RHBA-2004:550
CVE Names: CAN-2004-0565 CAN-2004-1016 CAN-2004-1017 CAN-2004-1137 CAN-2004-1144 CAN-2004-1234
----------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues:

Petr Vandrovec discovered a flaw in the 32bit emulation code affecting the Linux 2.4 kernel on the AMD64 architecture. A local attacker could use this flaw to gain privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1144 to this issue.

ISEC security research discovered multiple vulnerabilities in the IGMP functionality which was backported in the Red Hat Enterprise Linux 3 kernels. These flaws could allow a local user to cause a denial of service (crash) or potentially gain privileges. Where multicast applications are being used on a system, these flaws may also allow remote users to cause a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1137 to this issue.

ISEC security research and Georgi Guninski independantly discovered a flaw in the scm_send function in the auxiliary message layer. A local user could create a carefully crafted auxiliary message which could cause a denial of service (system hang). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1016 to this issue.

A floating point information leak was discovered in the ia64 architecture context switch code. A local user could use this flaw to read register values of other processes by setting the MFH bit. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0565 to this issue.

Kirill Korotaev found a flaw in load_elf_binary affecting kernels prior to 2.4.26. A local user could create a carefully crafted binary in such a way that it would cause a denial of service (system crash). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1234 to this issue.

These packages also fix issues in the io_edgeport driver, and a memory leak in ip_options_get.

Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

124734 - CAN-2004-0565 Information leak on Linux/ia64
126126 - CAN-2004-0565 Information leak on Linux/ia64
142593 - CAN-2004-1017 io_edgeport driver overflows
142729 - CAN-2004-1016 CMSG validation checks
142733 - 20041208 ip_options_get memory leak
142748 - CAN-2004-1137 IGMP flaws
142964 - CAN-2004-1144 x86-64 privilege escalation
142965 - CAN-2004-1234 kernel denial of service vulnerability and exploit

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8 kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4 kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097 kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4 kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8 kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5 kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3 kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471 kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221 kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013 kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07 kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920 kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

ppc64:
9fad7bb5b55495ddee280d62de15b1dc kernel-doc-2.4.21-27.0.1.EL.ppc64.rpm
c083c0b8df5ff034f269d8380e6dbad0 kernel-source-2.4.21-27.0.1.EL.ppc64.rpm

ppc64iseries:
bc4093dfba89bafa591eaa78ec5f6916 kernel-2.4.21-27.0.1.EL.ppc64iseries.rpm
abb1744cd91a84d40e7f5a016ead294c kernel-unsupported-2.4.21-27.0.1.EL.ppc64iseries.rpm

ppc64pseries:
fc6f34a93f682a1273e0ec4375eb0998 kernel-2.4.21-27.0.1.EL.ppc64pseries.rpm
a39c1a6fa61b0295e0f5e3065b0812f6 kernel-unsupported-2.4.21-27.0.1.EL.ppc64pseries.rpm

s390:
30e5097e6dd66d5c21a99901882f7e9f kernel-2.4.21-27.0.1.EL.s390.rpm
d481b85ea42c24a00736ea720ae48c39 kernel-doc-2.4.21-27.0.1.EL.s390.rpm
81c880f52af50c26f8a525e114b8b223 kernel-source-2.4.21-27.0.1.EL.s390.rpm
79fd1f5f22ad407138185018ee029750 kernel-unsupported-2.4.21-27.0.1.EL.s390.rpm

s390x:
dfcdfd9650c5a5012ade9ea3afb1c186 kernel-2.4.21-27.0.1.EL.s390x.rpm
66d37169facb8256fdf5f4658d11ac80 kernel-doc-2.4.21-27.0.1.EL.s390x.rpm
d3f921de093961d3badf8f1da21f4a82 kernel-source-2.4.21-27.0.1.EL.s390x.rpm
e7d85997309e95e1f778fd34a069d999 kernel-unsupported-2.4.21-27.0.1.EL.s390x.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809 kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558 kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8 kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4 kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097 kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4 kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8 kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5 kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3 kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471 kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809 kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558 kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8 kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4 kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097 kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4 kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8 kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5 kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3 kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471 kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221 kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013 kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07 kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920 kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809 kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558 kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8 kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4 kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097 kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4 kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8 kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5 kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3 kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471 kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221 kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013 kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07 kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920 kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809 kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558 kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1234

8. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2004 Red Hat, Inc.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_2004689_01_updated_kernel_packages_fix_security_vulnerabilities.html)