[RHSA-2004:689-01] Updated kernel packages fix security vulnerabilities

bugzilla at redhat.com bugzilla at redhat.com
Thu Dec 23 20:50:00 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated kernel packages fix security vulnerabilities
Advisory ID:       RHSA-2004:689-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2004-689.html
Issue date:        2004-12-23
Updated on:        2004-12-23
Product:           Red Hat Enterprise Linux
Keywords:          taroon kernel security errata
Obsoletes:         RHBA-2004:550
CVE Names:         CAN-2004-0565 CAN-2004-1016 CAN-2004-1017 CAN-2004-1137 CAN-2004-1144 CAN-2004-1234
- ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues:

Petr Vandrovec discovered a flaw in the 32bit emulation code affecting the
Linux 2.4 kernel on the AMD64 architecture.  A local attacker could use
this flaw to gain privileges. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-1144 to this issue.

ISEC security research discovered multiple vulnerabilities in the IGMP
functionality which was backported in the Red Hat Enterprise Linux 3
kernels.  These flaws could allow a local user to cause a denial of
service (crash) or potentially gain privileges.  Where multicast
applications are being used on a system, these flaws may also allow remote
users to cause a denial of service.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-1137 to
this issue.

ISEC security research and Georgi Guninski independantly discovered a flaw
in the scm_send function in the auxiliary message layer.  A local user
could create a carefully crafted auxiliary message which could cause a
denial of service (system hang).  The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-1016 to this issue.

A floating point information leak was discovered in the ia64 architecture
context switch code.  A local user could use this flaw to read register
values of other processes by setting the MFH bit. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-0565 to this issue.

Kirill Korotaev found a flaw in load_elf_binary affecting kernels prior to
2.4.26.  A local user could create a carefully crafted binary in such a
way that it would cause a denial of service (system crash).  The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-1234 to this issue.

These packages also fix issues in the io_edgeport driver, and a memory leak
in ip_options_get.

Note: The kernel-unsupported package contains various drivers and modules
that are unsupported and therefore might contain security problems that
have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

124734 - CAN-2004-0565 Information leak on Linux/ia64
126126 - CAN-2004-0565 Information leak on Linux/ia64
142593 - CAN-2004-1017 io_edgeport driver overflows
142729 - CAN-2004-1016 CMSG validation checks
142733 - 20041208 ip_options_get memory leak
142748 - CAN-2004-1137 IGMP flaws
142964 - CAN-2004-1144 x86-64 privilege escalation
142965 - CAN-2004-1234 kernel denial of service vulnerability and exploit

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba  kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e  kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8  kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c  kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e  kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4  kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097  kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4  kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d  kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d  kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8  kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5  kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e  kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3  kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471  kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e  kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221  kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013  kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07  kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920  kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

ppc64:
9fad7bb5b55495ddee280d62de15b1dc  kernel-doc-2.4.21-27.0.1.EL.ppc64.rpm
c083c0b8df5ff034f269d8380e6dbad0  kernel-source-2.4.21-27.0.1.EL.ppc64.rpm

ppc64iseries:
bc4093dfba89bafa591eaa78ec5f6916  kernel-2.4.21-27.0.1.EL.ppc64iseries.rpm
abb1744cd91a84d40e7f5a016ead294c  kernel-unsupported-2.4.21-27.0.1.EL.ppc64iseries.rpm

ppc64pseries:
fc6f34a93f682a1273e0ec4375eb0998  kernel-2.4.21-27.0.1.EL.ppc64pseries.rpm
a39c1a6fa61b0295e0f5e3065b0812f6  kernel-unsupported-2.4.21-27.0.1.EL.ppc64pseries.rpm

s390:
30e5097e6dd66d5c21a99901882f7e9f  kernel-2.4.21-27.0.1.EL.s390.rpm
d481b85ea42c24a00736ea720ae48c39  kernel-doc-2.4.21-27.0.1.EL.s390.rpm
81c880f52af50c26f8a525e114b8b223  kernel-source-2.4.21-27.0.1.EL.s390.rpm
79fd1f5f22ad407138185018ee029750  kernel-unsupported-2.4.21-27.0.1.EL.s390.rpm

s390x:
dfcdfd9650c5a5012ade9ea3afb1c186  kernel-2.4.21-27.0.1.EL.s390x.rpm
66d37169facb8256fdf5f4658d11ac80  kernel-doc-2.4.21-27.0.1.EL.s390x.rpm
d3f921de093961d3badf8f1da21f4a82  kernel-source-2.4.21-27.0.1.EL.s390x.rpm
e7d85997309e95e1f778fd34a069d999  kernel-unsupported-2.4.21-27.0.1.EL.s390x.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d  kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba  kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809  kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f  kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb  kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558  kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba  kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e  kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8  kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c  kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e  kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4  kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097  kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4  kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d  kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d  kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8  kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5  kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e  kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3  kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471  kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e  kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d  kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba  kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809  kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f  kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb  kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558  kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba  kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e  kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8  kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c  kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e  kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4  kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097  kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4  kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d  kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d  kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8  kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5  kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e  kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3  kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471  kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e  kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221  kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013  kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07  kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920  kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d  kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba  kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809  kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f  kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb  kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558  kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-27.0.1.EL.src.rpm
abbf2ea9f5b6cd480eab25b472ed64ba  kernel-2.4.21-27.0.1.EL.src.rpm

athlon:
1f8c7b25b7fffbc85993ec55905dcc5e  kernel-2.4.21-27.0.1.EL.athlon.rpm
b7ec4b9732b8743940cab2f4853ccae8  kernel-smp-2.4.21-27.0.1.EL.athlon.rpm
caec8b413e4b0bd3abe885fbde2b2d4c  kernel-smp-unsupported-2.4.21-27.0.1.EL.athlon.rpm
f67ab1ac2f5b06c9c0e97d074684974e  kernel-unsupported-2.4.21-27.0.1.EL.athlon.rpm

i386:
dbe3ea95f5e93c6d61394cb829dd18d4  kernel-BOOT-2.4.21-27.0.1.EL.i386.rpm
7f4dd010b194e99a4e8e8cfdec9c2097  kernel-doc-2.4.21-27.0.1.EL.i386.rpm
162ab3a522f8160b09c1629f563a2fc4  kernel-source-2.4.21-27.0.1.EL.i386.rpm

i686:
b0a8a21ca61cb102ebbccb3ea815fa8d  kernel-2.4.21-27.0.1.EL.i686.rpm
abdef53df06ee9af541823ac24261f2d  kernel-hugemem-2.4.21-27.0.1.EL.i686.rpm
816e736618c6d05b35c979b2492d6fb8  kernel-hugemem-unsupported-2.4.21-27.0.1.EL.i686.rpm
6bd020027cdb043d747452fadc043ec5  kernel-smp-2.4.21-27.0.1.EL.i686.rpm
68ea78ae3d41965edd0cd80cc17ff95e  kernel-smp-unsupported-2.4.21-27.0.1.EL.i686.rpm
7a997263d5c711cc787fe2a9bb4101a3  kernel-unsupported-2.4.21-27.0.1.EL.i686.rpm

ia32e:
f5b00c38dc3884ecac2e5566c8db7471  kernel-2.4.21-27.0.1.EL.ia32e.rpm
2a0f9f13ef39f254697455fb36af531e  kernel-unsupported-2.4.21-27.0.1.EL.ia32e.rpm

ia64:
5d8f8152c6c9786cda4b12e75fe66221  kernel-2.4.21-27.0.1.EL.ia64.rpm
e3b551b4df18eadc40fe6ae7d0d0d013  kernel-doc-2.4.21-27.0.1.EL.ia64.rpm
f0ede4dc792c5cbbe3d80af6dd4bab07  kernel-source-2.4.21-27.0.1.EL.ia64.rpm
51fdf74adca231adebace8f019d8d920  kernel-unsupported-2.4.21-27.0.1.EL.ia64.rpm

x86_64:
b143e2768ecc0b84e5d10987fe76925d  kernel-2.4.21-27.0.1.EL.x86_64.rpm
010de9e78951ac60ad2d9b88fb3d4eba  kernel-doc-2.4.21-27.0.1.EL.x86_64.rpm
d41dff47cc7c3278daf998d447bc5809  kernel-smp-2.4.21-27.0.1.EL.x86_64.rpm
e792eaa5735a1852c2f32088fd24378f  kernel-smp-unsupported-2.4.21-27.0.1.EL.x86_64.rpm
2271f0c3aec207d30b4c81b386fb64fb  kernel-source-2.4.21-27.0.1.EL.x86_64.rpm
e2b329e10ee3a5d254385d49e57e3558  kernel-unsupported-2.4.21-27.0.1.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1234

8. Contact:

The Red Hat security contact is <secalert at redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2004 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFByy92XlSAg2UNWIIRAmSfAJ9EExBOGEMAixjqqCmnXwzZz8Rm7QCgkLDc
26pyzt19b1lw+N7bNUNTWNg=
=kaKE
-----END PGP SIGNATURE-----

More information about the Enterprise-watch-list mailing list