Security Advisory new modutils release addresses more local root compromise possibilities

Advisory: RHSA-2000:108-05
Type: Security Advisory
Severity: N/A
Issued on: 2000-12-20
Last updated on: 2000-12-20
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
OVAL: N/A
CVEs (cve.mitre.org): CVE-2000-1095

Details

A new modutils-2.3.21 package has been released to correctly enable safe
guard measures introduced in modutils-2.3.20.

2000-11-27: Added packages for Red Hat Linux 7 for Alpha

The previous packages of modutils released to address a local root
compromise contained an error in new safe guards that caused them to
not properly be enabled when run as root from the kmod process. These
new safe guards check the arguments passed to modules. The new 2.3.21
modutils package fixes this error and correctly checks the arguments
when running from kmod, limiting kernel module arguments to those
specified in /etc/conf.modules (on Red Hat Linux 6.2) or /etc/modules.conf (on Red Hat Linux 7). This release supersedes the previous modutils errata packages.


Solution

For each RPM for your particular architecture, run:



rpm -Fvh [filename]



where filename is the name of the RPM.



2000-11-17: For Red Hat Linux 6.2, if you installed the previous

modutils-2.3.20-0.6.2 packages, you will need to run:



mv /etc/modules.conf /etc/conf.modules

Updated packages

Red Hat Linux 6.2
alpha:
ftp://updates.redhat.com/6.2/alpha/modutils-2.3.21-0.6.2.alpha.rpm
Missing file		     73953a51d51d173b8acbf93ef387fd81
 
i386:
ftp://updates.redhat.com/6.2/i386/modutils-2.3.21-0.6.2.i386.rpm
Missing file		     4439637a314f3bb60970795d614022b1
 
sparc:
ftp://updates.redhat.com/6.2/sparc/modutils-2.3.21-0.6.2.sparc.rpm
Missing file		     c063d22e0aeeaa762e5bd9903af42cc3
 
Red Hat Linux 7.0
alpha:
ftp://updates.redhat.com/7.0/alpha/modutils-2.3.21-1.alpha.rpm
Missing file		     6f68c415e4ec7f18bc68e987e488056b
 
i386:
ftp://updates.redhat.com/7.0/i386/modutils-2.3.21-1.i386.rpm
Missing file		     46b7f3331bccd927d9d7fefbec74f721
 

Bugs fixed (see bugzilla for more information)

20749 - local root exploit via modutils


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1095
N/A

Keywords

security

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/