| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
Red Hat alert RHSA-2003:408-00 (kernel)
| From: | bugzilla@redhat.com | |
| To: | enterprise-watch-list@redhat.com | |
| Subject: | [RHSA-2003:408-00] Updated kernel packages address security vulnerabilities, bugfixes | |
| Date: | Fri, 19 Dec 2003 15:37 -0500 |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages address security vulnerabilities, bugfixes Advisory ID: RHSA-2003:408-00 Issue date: 2003-12-19 Updated on: 2003-12-19 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2003-0476 - --------------------------------------------------------------------- 1. Topic: Updated kernel packages that address various security vulnerabilities, fix a number of bugs, and update various drivers are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0476 to this issue. A number of bugfixes are included, including important fixes for the ext3 file system and timer code. New features include limited support for non-cached NFS file sytems, Serial ATA (SATA) devices, and new alt-sysreq debugging options. In addition, the following drivers have been updated: - - e100 2.3.30-k1 - - e1000 5.2.20-k1 - - fusion 2.05.05+ - - ips 6.10.52 - - aic7xxx 6.2.36 - - aic79xxx 1.3.10 - - megaraid 2 2.00.9 - - cciss 2.4.49 All users are advised to upgrade to these erratum packages, which contain backported patches addressing these issues. 4. Solution: Release notes, driver notes, and driver disks for this update are available at the following URL: http://www.redhat.com/support/errata/rhel/ Before applying this update, make sure all previously released errata relevant to your system have been applied. The procedure for upgrading the kernel manually is documented at: http://www.redhat.com/support/docs/howto/kernel-upgrade/ Please read the directions for your architecture carefully before proceeding with the kernel upgrade. Please note that this update is also available via Red Hat Network. Many people find this to be an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly on default configurations of up2date. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 99203 - NFS tcp client retransmission with large wsize. 74516 - NFS DATA CORRUPTION 84452 - RHEL AS2.1 QU3 errata: System hangs with 2.1 AS (timer.c) 85211 - USB CDROM crashes with dd on IBM Bladecenter 75669 - SG queue function getting null pointer 90872 - md device can be stopped when it should return -EBUSY 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.34.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.athlon.rpm i386: Available from Red Hat Network: kernel-source-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-BOOT-2.4.9-e.34.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-summit-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.34.i686.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.34.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.athlon.rpm i386: Available from Red Hat Network: kernel-source-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-BOOT-2.4.9-e.34.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.34.i686.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.34.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.athlon.rpm i386: Available from Red Hat Network: kernel-source-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.34.i386.rpm Available from Red Hat Network: kernel-BOOT-2.4.9-e.34.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.34.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.34.i686.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 9a2fec8ea266a96e7e9027663567bcc8 2.1AS/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm a7f341ff87ef2ec7ac5fc98b6faf4733 2.1AS/en/os/athlon/kernel-2.4.9-e.34.athlon.rpm 314929f994c284817dba78a98f7e4ab6 2.1AS/en/os/athlon/kernel-smp-2.4.9-e.34.athlon.rpm 751dcca290aef19f97441735581f752e 2.1AS/en/os/i386/kernel-BOOT-2.4.9-e.34.i386.rpm 833b9a87e12666a7a3bab95ef0d839e5 2.1AS/en/os/i386/kernel-doc-2.4.9-e.34.i386.rpm 87333913c671d0e3e7a749de0e335e76 2.1AS/en/os/i386/kernel-headers-2.4.9-e.34.i386.rpm a9b3d5e9d162b3a194eaf3008b0eb072 2.1AS/en/os/i386/kernel-source-2.4.9-e.34.i386.rpm c4e713cdbc4c6073a64d75b4dad203bd 2.1AS/en/os/i686/kernel-2.4.9-e.34.i686.rpm 1234399c9c43711dac5a08d6577634ea 2.1AS/en/os/i686/kernel-debug-2.4.9-e.34.i686.rpm 4aa1653dc861991cd07554bd28e5f7e2 2.1AS/en/os/i686/kernel-enterprise-2.4.9-e.34.i686.rpm 1f51cb729dd1e51dbb42e9ba1f6a4436 2.1AS/en/os/i686/kernel-smp-2.4.9-e.34.i686.rpm bd95e8651a275ad1e5de780e52211ba0 2.1AS/en/os/i686/kernel-summit-2.4.9-e.34.i686.rpm 9a2fec8ea266a96e7e9027663567bcc8 2.1ES/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm a7f341ff87ef2ec7ac5fc98b6faf4733 2.1ES/en/os/athlon/kernel-2.4.9-e.34.athlon.rpm 314929f994c284817dba78a98f7e4ab6 2.1ES/en/os/athlon/kernel-smp-2.4.9-e.34.athlon.rpm 751dcca290aef19f97441735581f752e 2.1ES/en/os/i386/kernel-BOOT-2.4.9-e.34.i386.rpm 833b9a87e12666a7a3bab95ef0d839e5 2.1ES/en/os/i386/kernel-doc-2.4.9-e.34.i386.rpm 87333913c671d0e3e7a749de0e335e76 2.1ES/en/os/i386/kernel-headers-2.4.9-e.34.i386.rpm a9b3d5e9d162b3a194eaf3008b0eb072 2.1ES/en/os/i386/kernel-source-2.4.9-e.34.i386.rpm c4e713cdbc4c6073a64d75b4dad203bd 2.1ES/en/os/i686/kernel-2.4.9-e.34.i686.rpm 1234399c9c43711dac5a08d6577634ea 2.1ES/en/os/i686/kernel-debug-2.4.9-e.34.i686.rpm 1f51cb729dd1e51dbb42e9ba1f6a4436 2.1ES/en/os/i686/kernel-smp-2.4.9-e.34.i686.rpm 9a2fec8ea266a96e7e9027663567bcc8 2.1WS/en/os/SRPMS/kernel-2.4.9-e.34.src.rpm a7f341ff87ef2ec7ac5fc98b6faf4733 2.1WS/en/os/athlon/kernel-2.4.9-e.34.athlon.rpm 314929f994c284817dba78a98f7e4ab6 2.1WS/en/os/athlon/kernel-smp-2.4.9-e.34.athlon.rpm 751dcca290aef19f97441735581f752e 2.1WS/en/os/i386/kernel-BOOT-2.4.9-e.34.i386.rpm 833b9a87e12666a7a3bab95ef0d839e5 2.1WS/en/os/i386/kernel-doc-2.4.9-e.34.i386.rpm 87333913c671d0e3e7a749de0e335e76 2.1WS/en/os/i386/kernel-headers-2.4.9-e.34.i386.rpm a9b3d5e9d162b3a194eaf3008b0eb072 2.1WS/en/os/i386/kernel-source-2.4.9-e.34.i386.rpm c4e713cdbc4c6073a64d75b4dad203bd 2.1WS/en/os/i686/kernel-2.4.9-e.34.i686.rpm 1234399c9c43711dac5a08d6577634ea 2.1WS/en/os/i686/kernel-debug-2.4.9-e.34.i686.rpm 4aa1653dc861991cd07554bd28e5f7e2 2.1WS/en/os/i686/kernel-enterprise-2.4.9-e.34.i686.rpm 1f51cb729dd1e51dbb42e9ba1f6a4436 2.1WS/en/os/i686/kernel-smp-2.4.9-e.34.i686.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/keys.html You can verify each package with the following command: rpm --checksig -v <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum <filename> 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0476 9. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/solutions/security/news/contact.html Copyright 2003 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/42GUXlSAg2UNWIIRAqcuAJ9tut+n78V5iUu0PB7uR4ahiZTx5QCcDT77 r+jzxHBprpXKXRAZXOLo+7c= =OfWM -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
(Log in to post comments)