New kernel update available, fixes i810 video oops, several security issues
| Advisory: | RHSA-2002:158-09 |
|---|---|
| Type: | Security Advisory |
| Severity: | N/A |
| Issued on: | 2002-07-26 |
| Last updated on: | 2002-08-20 |
| Affected Products: | Red Hat Linux 7.3 |
| CVEs (cve.mitre.org): |
CVE-2002-0429 |
Details
Updated kernel packages are now available which fix an oops in the i810 3D
kernel code. This kernel update also fixes a difficult to trigger race in
the dcache (filesystem cache) code, as well as some potential security
holes, although we are not currently aware of any exploits.
The 2.4.18-5 kernel introduced some safety checks in the VM subsystem that
were triggered when exiting an X session while using 3D acceleration with
the Intel i810/i815 chipset. Additionally, there was a difficult to trigger
race in the dcache of the file system subsystem.
This kernel update addresses both of these issues.
In addition, there are fixes for potential security holes in the following
drivers:
stradis
rio500
se401
usbvideo
apm
Finally, this kernel fixes a few files in the /proc file system which had
the capability to expose kernel memory when abused.
All of the security issues found during an audit and none of them, at the
time of this writing, have any known exploits.
We would like to thank Silvio Cesare, Stas Sergeev, Andi Kleen, Solar
Designer, and others for their auditing work.
Solution
relevant to your system have been applied.
The procedure for upgrading the kernel manually is documented at:
http://www.redhat.com/support/docs/howto/kernel-upgrade/
Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.
Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.
Updated packages
| Red Hat Linux 7.3 | |
| SRPMS: | |
| kernel-2.4.18-10.src.rpm File outdated by: RHSA-2003:417 |
MD5: 4473420c7f9bf2b9c83e6c1ec69f597f |
| IA-32: | |
| kernel-2.4.18-10.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: 1b836ea01aa4aef62cc3c185e8547952 |
| kernel-2.4.18-10.i386.rpm File outdated by: RHSA-2003:417 |
MD5: b2bacd0954832353ecddb507f087b338 |
| kernel-2.4.18-10.i586.rpm File outdated by: RHSA-2003:417 |
MD5: 2cd340835d9acb309ccd61cb7581fc2d |
| kernel-2.4.18-10.i686.rpm File outdated by: RHSA-2003:417 |
MD5: 32b3df55a27018ea85cf8ebcad6186dd |
| kernel-BOOT-2.4.18-10.i386.rpm File outdated by: RHSA-2003:417 |
MD5: d105a7cc4d3e21bc9c5ace02f0b0152e |
| kernel-bigmem-2.4.18-10.i686.rpm File outdated by: RHSA-2003:417 |
MD5: 96df823d6e481142b446f278abb91a70 |
| kernel-debug-2.4.18-10.i686.rpm File outdated by: RHSA-2003:098 |
MD5: 2c3ac524c7da4188905a28a37acd8afd |
| kernel-doc-2.4.18-10.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 91a1978068ee80c53a7500d4486b66e4 |
| kernel-smp-2.4.18-10.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: b88c661fddd81194503be2acd168bff5 |
| kernel-smp-2.4.18-10.i586.rpm File outdated by: RHSA-2003:417 |
MD5: a0925e2445b68abe21225a4d3842c1a2 |
| kernel-smp-2.4.18-10.i686.rpm File outdated by: RHSA-2003:417 |
MD5: 51ba272488114c3b61d7c0fdc63ee04b |
| kernel-source-2.4.18-10.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 51bc76e8c016e00aa26d798a85f53759 |
References
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
