Three security holes fixed in new kernel

Advisory:	RHSA-2001:013-06
Type:	Security Advisory
Severity:	N/A
Issued on:	2001-02-08
Last updated on:	2001-02-09
Affected Products:	Red Hat Linux 6.2 Red Hat Linux 7.0
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2001-0316 CVE-2001-0317 CVE-2001-1273

Details

Three security holes fixed in new kernel, and several other
updates and bug fixes have been applied as well.

Three security holes have been fixed in the kernel. One involves
ptrace, another involves sysctl, and the last is specific to some
Intel CPUs. All three security holes involve local access only
(they do not provide a hole to remote attackers without a local
account). The ptrace and sysctl bugs provide local users with the
potential to compromise the root account. Neither has an active
exploit available at the time of this writing. The last security
hole is a DOS (Denial Of Service) that does not provide access to
the root account but does allow any user with shell access the
ability to halt the CPU.

All users are strongly recommended to upgrade.

In addition to the security fixes, these kernels contain more
advanced support for the Intel Pentium 4 processors, as well as
a number of driver updates. These updates include e100, sis900,
cs46xx, qla1x160, qla2x00, ServeRAID, and ipvs.

In addition, a number of other bugs have been fixed. Most notably,
the RAW I/O facility could corrupt data under certain usage patterns.

Solution

Upgrade to kernel-2.2.17-14

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Updated packages

Red Hat Linux 6.2

sparc:
ftp://updates.redhat.com/6.2/sparc/kernel-2.2.17-14.sparc.rpm Missing file	`821850c50fc5bd4d4b12a70cd169c1a9`
ftp://updates.redhat.com/6.2/sparc/kernel-BOOT-2.2.17-14.sparc.rpm Missing file	`5afc4883572aa658aeb2b3f6e81795fe`
ftp://updates.redhat.com/6.2/sparc/kernel-doc-2.2.17-14.sparc.rpm Missing file	`e64efcf1d5e1f3c89e019e74c2f807b3`
ftp://updates.redhat.com/6.2/sparc/kernel-enterprise-2.2.17-14.sparc.rpm Missing file	`1fd07fb2a3e5fb195994d46c52a2e3f3`
ftp://updates.redhat.com/6.2/sparc/kernel-smp-2.2.17-14.sparc.rpm Missing file	`74b02c35181f4c124948dc7857a812a7`
ftp://updates.redhat.com/6.2/sparc/kernel-source-2.2.17-14.sparc.rpm Missing file	`f29edc673e900e2e4b5b2dab4c936229`
ftp://updates.redhat.com/6.2/sparc/kernel-utils-2.2.17-14.sparc.rpm Missing file	`57d7bbf1a67c88bc045cc967acbaa835`

sparc64:
ftp://updates.redhat.com/6.2/sparc64/kernel-2.2.17-14.sparc64.rpm Missing file	`b966c86487d3b4363b0006d4967cc6f5`
ftp://updates.redhat.com/6.2/sparc64/kernel-BOOT-2.2.17-14.sparc64.rpm Missing file	`60785d7a36dda52e8309ee8db16bc507`
ftp://updates.redhat.com/6.2/sparc64/kernel-enterprise-2.2.17-14.sparc64.rpm Missing file	`ec43d4f425cc694cb094f4bb4411718a`
ftp://updates.redhat.com/6.2/sparc64/kernel-smp-2.2.17-14.sparc64.rpm Missing file	`4926009e503b50e479e4a91c33a40b6d`

Red Hat Linux 7.0

alpha:
ftp://updates.redhat.com/7.0/alpha/kernel-2.2.17-14.alpha.rpm Missing file	`16836dc9b811aa920f27b9f4645c77d2`
ftp://updates.redhat.com/7.0/alpha/kernel-BOOT-2.2.17-14.alpha.rpm Missing file	`30805edc55754b6b5823c14adeadaed6`
ftp://updates.redhat.com/7.0/alpha/kernel-doc-2.2.17-14.alpha.rpm Missing file	`4f4f52c13a014d9a3241ef65b097735b`
ftp://updates.redhat.com/7.0/alpha/kernel-enterprise-2.2.17-14.alpha.rpm Missing file	`e51a30641955a2f1d74e7946cd1ec848`
ftp://updates.redhat.com/7.0/alpha/kernel-smp-2.2.17-14.alpha.rpm Missing file	`cce161a3ca87b6a6fd913f0edfc1571e`
ftp://updates.redhat.com/7.0/alpha/kernel-source-2.2.17-14.alpha.rpm Missing file	`6416073893f16f2a4f665a05be9ec2e1`
ftp://updates.redhat.com/7.0/alpha/kernel-utils-2.2.17-14.alpha.rpm Missing file	`d1722cd0fbc15d45d5f0da21bc527b49`

i386:
ftp://updates.redhat.com/7.0/i386/kernel-2.2.17-14.i386.rpm Missing file	`c98c5a8f5cf6e2cd95498123d364254a`
ftp://updates.redhat.com/7.0/i386/kernel-BOOT-2.2.17-14.i386.rpm Missing file	`68eb1561679fa6a2591f24717b3b9b97`
ftp://updates.redhat.com/7.0/i386/kernel-doc-2.2.17-14.i386.rpm Missing file	`50d5d81d798073ea9c16324ccda95921`
ftp://updates.redhat.com/7.0/i386/kernel-ibcs-2.2.17-14.i386.rpm Missing file	`d7294666ff8f97a063f533100425ae83`
ftp://updates.redhat.com/7.0/i386/kernel-pcmcia-cs-2.2.17-14.i386.rpm Missing file	`43885937a0b912dd56bb562f578f63a2`
ftp://updates.redhat.com/7.0/i386/kernel-smp-2.2.17-14.i386.rpm Missing file	`0dcf34126e88dfbee8bd0f79a2e7089f`
ftp://updates.redhat.com/7.0/i386/kernel-source-2.2.17-14.i386.rpm Missing file	`f4d428e89aaa6a78c3714cc554f92ce5`
ftp://updates.redhat.com/7.0/i386/kernel-utils-2.2.17-14.i386.rpm Missing file	`c1c1adfec112d216e15a939a708c3c12`

i586:
ftp://updates.redhat.com/7.0/i586/kernel-2.2.17-14.i586.rpm Missing file	`89fa2189731d4053e966e7559ae525f1`
ftp://updates.redhat.com/7.0/i586/kernel-smp-2.2.17-14.i586.rpm Missing file	`adb2fd91b3283711ac25c719eb612058`

i686:
ftp://updates.redhat.com/7.0/i686/kernel-2.2.17-14.i686.rpm Missing file	`78db07ab97326c16586379f1a6cb95c6`
ftp://updates.redhat.com/7.0/i686/kernel-enterprise-2.2.17-14.i686.rpm Missing file	`b78434588b1dd4a184169a483fadfb77`
ftp://updates.redhat.com/7.0/i686/kernel-smp-2.2.17-14.i686.rpm Missing file	`0cfa860325f25ef78e192beee8a66a3c`

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0317
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1273
Thanks to Chris Evans for finding the sysctl bug, and to
Solar Designer for the versions of the sysctl and ptrace
patches we used.

Keywords

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/