Skip to navigation

Security Advisory Linux kernel 2.2.19 now available, provides security fixes, enhancements

Advisory: RHSA-2001:047-05
Type: Security Advisory
Severity: N/A
Issued on: 2001-04-10
Last updated on: 2001-04-17
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
CVEs (cve.mitre.org): CVE-2001-1390
CVE-2001-1391
CVE-2001-1392
CVE-2001-1393
CVE-2001-1394
CVE-2001-1395
CVE-2001-1396
CVE-2001-1397
CVE-2001-1398
CVE-2001-1399
CVE-2001-1400

Details

A local denial of service attack and root compromise of the kernel have
been corrected, drivers have been updated, and NFS version 3 has been
integrated.

All Linux kernels prior to version 2.2.19 include possibilities for local
denial of service or root exploits by exercising race conditions between
the ptrace, exec, and/or suid system calls. Additionally, the sysctl
system call included programming errors allowing a user to write to kernel
memory. The 2.2.19 kernel fixes these problems.

Minor potential problems in the virtual memory and signal delivery
subsystems are also corrected.

Many drivers have been updated since the release of 2.2.17, our last
official kernel release, including but not limited to: 3c59x, AGP, CS46xx,
DAC960, EMU10K, Maestro 3, NE2000/PCI, Tulip, and various USB devices.
The
missing Intel E100 driver is now included. A hang while booting on some
computers due inadvertent inclusion of a toshiba driver has been fixed.

Finally, support for NFS version 3 has been included, which has much
improved performance characteristics compared to earlier versions. In
order to support this, new versions of nfs-utils and mount are required.

2001-04-17: missing rpc.rquotad added to nfs-utils. This is only
necessary for those using disk quotas withi NFS.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Updated packages

Red Hat Linux 6.2

SRPMS:
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-0.6.x/SRPMS/mount-2.10r-0.6.x.src.rpm
Missing file
    MD5: 4d5d3b10bb5aae79303680b3a2dc23fe
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-0.6.x.1/SRPMS/nfs-utils-0.3.1-0.6.x.1.src.rpm
Missing file
    MD5: fd8763c9b9a58ee5b668984c3a570925
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/losetup/2.10r-0.6.x/alpha/losetup-2.10r-0.6.x.alpha.rpm
Missing file
    MD5: f934e2ed5e69f30700742b245b8f5cc1
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-0.6.x/alpha/mount-2.10r-0.6.x.alpha.rpm
Missing file
    MD5: e5246bee33116a2987d722d40c379419
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-0.6.x.1/alpha/nfs-utils-0.3.1-0.6.x.1.alpha.rpm
Missing file
    MD5: 83d49c61722ada9c70a0ee882d2b657a
 
IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/losetup/2.10r-0.6.x/i386/losetup-2.10r-0.6.x.i386.rpm
Missing file
    MD5: 190d65d0f715a4972be8033859123f8f
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-0.6.x/i386/mount-2.10r-0.6.x.i386.rpm
Missing file
    MD5: 4e61f8189688ed32c04f21c2333a4c32
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-0.6.x.1/i386/nfs-utils-0.3.1-0.6.x.1.i386.rpm
Missing file
    MD5: 9f935a82e02441a4282259a8891abc9e
 
Sparc:
ftp://updates.redhat.com/rhn/repository/NULL/losetup/2.10r-0.6.x/sparc/losetup-2.10r-0.6.x.sparc.rpm
Missing file
    MD5: fe55af7e6d0f159f4d40f53721a77603
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-0.6.x/sparc/mount-2.10r-0.6.x.sparc.rpm
Missing file
    MD5: 3a2d41cd4efe75bc00808fb606a9f612
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-0.6.x.1/sparc/nfs-utils-0.3.1-0.6.x.1.sparc.rpm
Missing file
    MD5: c9a50e6d95738b40734e867c352cdf07
 
Red Hat Linux 7.0

SRPMS:
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-5/SRPMS/mount-2.10r-5.src.rpm
Missing file
    MD5: d346fe7b45b85186b476ab39471be5a8
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-7/SRPMS/nfs-utils-0.3.1-7.src.rpm
Missing file
    MD5: da9aea9be32f9aca8fb6a3d1b83eda03
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/losetup/2.10r-5/alpha/losetup-2.10r-5.alpha.rpm
Missing file
    MD5: be0a11d8699886483fc79a723a257254
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-5/alpha/mount-2.10r-5.alpha.rpm
Missing file
    MD5: b11894cfc39fdea15c8887a3d2770c2f
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-7/alpha/nfs-utils-0.3.1-7.alpha.rpm
Missing file
    MD5: f662d1582ec9ea2132b3c103090a0353
 
IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/losetup/2.10r-5/i386/losetup-2.10r-5.i386.rpm
Missing file
    MD5: e35a9f6237321f065cf024e615154424
ftp://updates.redhat.com/rhn/repository/NULL/mount/2.10r-5/i386/mount-2.10r-5.i386.rpm
Missing file
    MD5: be34dad26b057520565f62ccfcaafd9a
ftp://updates.redhat.com/rhn/repository/NULL/nfs-utils/0.3.1-7/i386/nfs-utils-0.3.1-7.i386.rpm
Missing file
    MD5: 6b04617b4c770b4373457cd0ec1d9794
 

References


Keywords

exec


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/