New kernel fixes local security issues
| Advisory: | RHSA-2002:205-15 |
|---|---|
| Type: | Security Advisory |
| Severity: | N/A |
| Issued on: | 2002-09-20 |
| Last updated on: | 2002-10-15 |
| Affected Products: | Red Hat Linux 7.1 Red Hat Linux 7.2 |
| CVEs (cve.mitre.org): |
CVE-2002-1572 CVE-2002-1573 CVE-2002-1574 |
Details
A new errata kernel based on the 2.4.18 kernel is available for Red Hat
Linux 7.1 and Red Hat Linux 7.2 users. This is a major version change
compared to the previous errata kernel for these releases (2.4.9-34).
The Linux kernel handles the basic functions of the operating system. A
security code audit of the 2.4 kernel found a number of possible local
security vulnerabilities. These vulnerabilities may allow a local user
to obtain elevated (root) privileges, however no exploits are known to
exist at the time of this errata release.
Changes in the errata 2.4.18 kernel include the addition of the intermezzo
file system, the ComX serial port driver, the PC bit ISDN driver, and the
generic ISDN layer. Also, several USB drivers and firewire drivers have
been added and many other device drivers have been updated.
Other features of the 2.4.18 errata kernel include a much-improved VM
subsystem, better interactive performance, and support for new hardware,
such as USB2 devices and large IDE disks.
A full description of the updated kernel can be found in the kernel
changelogs at http://www.kernelnewbies.org/changelogs.
IMPORTANT: For alpha and ia64 architectures, kernel version 2.4.9-40 is
provided instead of 2.4.18. This errata kernel contains important
backported security fixes.
NOTE: As with the 8.0 release, IDE DMA on CD-ROM drives is disabled by
default. If you are sure that your CD-ROM drive is capable of IDE
DMA, place the following line in the /etc/modules.conf file:
options ide-cd dma=1
All users of Red Hat Linux 7.1 and 7.2 should update to these errata packages.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
The procedure for upgrading the kernel manually is documented at:
http://www.redhat.com/support/docs/howto/kernel-upgrade/
Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.
Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.
relevant to your system have been applied.
The procedure for upgrading the kernel manually is documented at:
http://www.redhat.com/support/docs/howto/kernel-upgrade/
Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.
Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.
Updated packages
| Red Hat Linux 7.1 | |
| SRPMS: | |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/SRPMS/MAKEDEV-3.3-4.src.rpm Missing file |
MD5: 7a3d80b481167ce07aeddb64e65bff3e |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/SRPMS/hwcrypto-1.0-3.src.rpm Missing file |
MD5: 49189033d3aabafd23eba5439e3b0f97 |
| ftp://updates.redhat.com/rhn/public/2703533/hwcrypto/1.0-3/SRPMS/hwcrypto-1.0-3.src.rpm Missing file |
MD5: 49189033d3aabafd23eba5439e3b0f97 |
| iptables-1.2.5-3.src.rpm File outdated by: RHSA-2003:213 |
MD5: 75f0a1cd65f95580239f88e03ab04623 |
| iptables-1.2.5-3.src.rpm File outdated by: RHSA-2003:213 |
MD5: 75f0a1cd65f95580239f88e03ab04623 |
| kernel-2.4.18-17.7.x.src.rpm File outdated by: RHSA-2003:417 |
MD5: d0cf8ef64412c78c9d32da9d0cb9850d |
| kernel-2.4.9-40.src.rpm File outdated by: RHSA-2003:098 |
MD5: 7ae973d14afd4d1fa480cd5652651a8a |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.4-8.13.7.2/SRPMS/kernel-utils-2.4-8.13.7.2.src.rpm Missing file |
MD5: 5390115158168e5e8e5d6fd90e3d1344 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/SRPMS/modutils-2.4.18-3.7x.src.rpm Missing file |
MD5: 0414620fa83d72ffd9f128be2e4bf430 |
| Alpha: | |
| ftp://updates.redhat.com/rhn/repository/NULL/MAKEDEV/3.3-4/alpha/MAKEDEV-3.3-4.alpha.rpm Missing file |
MD5: 29d0771474e2ae9f877ed890b0e7c730 |
| ftp://updates.redhat.com/rhn/repository/NULL/dev/3.3-4/alpha/dev-3.3-4.alpha.rpm Missing file |
MD5: 769b1f8cf0ec3e404ba8c055cb9e2e64 |
| ftp://updates.redhat.com/rhn/repository/NULL/iptables/1.2.5-3/alpha/iptables-1.2.5-3.alpha.rpm Missing file |
MD5: faa55a585ae9e84eb5b2407f91a5aefd |
| ftp://updates.redhat.com/rhn/repository/NULL/iptables-ipv6/1.2.5-3/alpha/iptables-ipv6-1.2.5-3.alpha.rpm Missing file |
MD5: 4e51115bc4dbab708c6084678423e634 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel/2.4.9-40/alpha/kernel-2.4.9-40.alpha.rpm Missing file |
MD5: 24265eb70cf408b132d787de7beb23bc |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-BOOT/2.4.9-40/alpha/kernel-BOOT-2.4.9-40.alpha.rpm Missing file |
MD5: bba867d5e20c1d39f6d4d8a1dcde427b |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-doc/2.4.9-40/alpha/kernel-doc-2.4.9-40.alpha.rpm Missing file |
MD5: de2b64811e68e30bd99d5d6912131e1f |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-smp/2.4.9-40/alpha/kernel-smp-2.4.9-40.alpha.rpm Missing file |
MD5: 324c1df33969fe4eef80e11ad2279258 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-source/2.4.9-40/alpha/kernel-source-2.4.9-40.alpha.rpm Missing file |
MD5: acc0468afb4769887f300ead030b9653 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.4-8.13.7.2/alpha/kernel-utils-2.4-8.13.7.2.alpha.rpm Missing file |
MD5: 1bdd50916955e8215758db837c4138b0 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/alpha/modutils-2.4.18-3.7x.alpha.rpm Missing file |
MD5: db71f242273729a201e01aa1d7c55e6b |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils-devel/2.4.18-3.7x/alpha/modutils-devel-2.4.18-3.7x.alpha.rpm Missing file |
MD5: 6f477cc811f9930b1b418621401a0e7d |
| IA-32: | |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/MAKEDEV-3.3-4.i386.rpm Missing file |
MD5: b5bdf89f6810239c8074f135339c372b |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/dev-3.3-4.i386.rpm Missing file |
MD5: e1c9bf91a11b6eddb9df51edf5af63cb |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/hwcrypto-1.0-3.i386.rpm Missing file |
MD5: 92f18477c6b3dd5da4e3babe19a57c13 |
| iptables-1.2.5-3.i386.rpm File outdated by: RHSA-2003:213 |
MD5: 11df2613702a118e43564d2ff077621a |
| iptables-ipv6-1.2.5-3.i386.rpm File outdated by: RHSA-2003:213 |
MD5: e31d27e142c6fd23ea8508de07258f5e |
| kernel-2.4.18-17.7.x.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: 082114a540f7bd692476584e38c6cd5c |
| kernel-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: cfdef58820f5d7701f4221c80a7c821b |
| kernel-2.4.18-17.7.x.i586.rpm File outdated by: RHSA-2003:417 |
MD5: 576ceca80b035a10b942e6feb217c055 |
| kernel-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: 3a3afd67620fc36de17876629398dceb |
| kernel-BOOT-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 145d063537e3a34723d50e611cbd37a8 |
| kernel-bigmem-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: fe9a658e1e22defc3cf5e2134646a6eb |
| kernel-debug-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:098 |
MD5: 158c941a9b430581a7bcd23ec1398052 |
| kernel-doc-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 8d9a20e2f4d82cc262cab928910377fa |
| kernel-smp-2.4.18-17.7.x.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: bd2fa5b6b721caf12dcea357304c008b |
| kernel-smp-2.4.18-17.7.x.i586.rpm File outdated by: RHSA-2003:417 |
MD5: d9d2b3fa23ee4733b35fd730e9553625 |
| kernel-smp-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: f9e11d26c2ca35ef403656be882fb592 |
| kernel-source-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 0344cc1d42651916fb91ed7a700f3f90 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.4-8.13.7.2/i386/kernel-utils-2.4-8.13.7.2.i386.rpm Missing file |
MD5: 9d8fcfd1dcb2a3efed1519c56498cd71 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/i386/modutils-2.4.18-3.7x.i386.rpm Missing file |
MD5: cddd8196a38dbff1a8e34429415670fb |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils-devel/2.4.18-3.7x/i386/modutils-devel-2.4.18-3.7x.i386.rpm Missing file |
MD5: 8c663b5015ba81b2ebef80307a37885f |
| IA-64: | |
| ftp://updates.redhat.com/rhn/repository/NULL/MAKEDEV/3.3-4/ia64/MAKEDEV-3.3-4.ia64.rpm Missing file |
MD5: 31d745681c9e53b81147f5fc968a11c4 |
| ftp://updates.redhat.com/rhn/repository/NULL/dev/3.3-4/ia64/dev-3.3-4.ia64.rpm Missing file |
MD5: 647cae518850399228a68da079b0cb7a |
| ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/iptables-1.2.5-3.ia64.rpm Missing file |
MD5: 9c3d09166d9a854028ecf2fe120a0824 |
| ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/iptables-ipv6-1.2.5-3.ia64.rpm Missing file |
MD5: 7a498fd5b5e803ceb6afc65f9da9bd78 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel/2.4.9-40/ia64/kernel-2.4.9-40.ia64.rpm Missing file |
MD5: 35c17902e921f84e07202bc36c77bcbd |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-doc/2.4.9-40/ia64/kernel-doc-2.4.9-40.ia64.rpm Missing file |
MD5: 71757ded05ea9ec37fc81ce7459df3f3 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-smp/2.4.9-40/ia64/kernel-smp-2.4.9-40.ia64.rpm Missing file |
MD5: cb4a9c26a725e65169e5e82638a6f0be |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-source/2.4.9-40/ia64/kernel-source-2.4.9-40.ia64.rpm Missing file |
MD5: 785bafa5b9b56338562f7a7b6f6db991 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/ia64/modutils-2.4.18-3.7x.ia64.rpm Missing file |
MD5: b2881ce4c011e08d32e817499c813974 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils-devel/2.4.18-3.7x/ia64/modutils-devel-2.4.18-3.7x.ia64.rpm Missing file |
MD5: d1fbc32d6d55dad80129e0bef7360168 |
| Red Hat Linux 7.2 | |
| SRPMS: | |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/SRPMS/MAKEDEV-3.3-4.src.rpm Missing file |
MD5: 7a3d80b481167ce07aeddb64e65bff3e |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/SRPMS/hwcrypto-1.0-3.src.rpm Missing file |
MD5: 49189033d3aabafd23eba5439e3b0f97 |
| ftp://updates.redhat.com/rhn/public/2703533/hwcrypto/1.0-3/SRPMS/hwcrypto-1.0-3.src.rpm Missing file |
MD5: 49189033d3aabafd23eba5439e3b0f97 |
| iptables-1.2.5-3.src.rpm File outdated by: RHSA-2003:213 |
MD5: 75f0a1cd65f95580239f88e03ab04623 |
| iptables-1.2.5-3.src.rpm File outdated by: RHSA-2003:213 |
MD5: 75f0a1cd65f95580239f88e03ab04623 |
| kernel-2.4.18-17.7.x.src.rpm File outdated by: RHSA-2003:417 |
MD5: d0cf8ef64412c78c9d32da9d0cb9850d |
| kernel-2.4.9-40.src.rpm File outdated by: RHSA-2003:098 |
MD5: 7ae973d14afd4d1fa480cd5652651a8a |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.4-8.13.7.2/SRPMS/kernel-utils-2.4-8.13.7.2.src.rpm Missing file |
MD5: 5390115158168e5e8e5d6fd90e3d1344 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/SRPMS/modutils-2.4.18-3.7x.src.rpm Missing file |
MD5: 0414620fa83d72ffd9f128be2e4bf430 |
| IA-32: | |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/MAKEDEV-3.3-4.i386.rpm Missing file |
MD5: b5bdf89f6810239c8074f135339c372b |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/dev-3.3-4.i386.rpm Missing file |
MD5: e1c9bf91a11b6eddb9df51edf5af63cb |
| ftp://updates.redhat.com/rhn/private/shared/redhat/linux/7.3/en/os/i386/RedHat/RPMS/hwcrypto-1.0-3.i386.rpm Missing file |
MD5: 92f18477c6b3dd5da4e3babe19a57c13 |
| iptables-1.2.5-3.i386.rpm File outdated by: RHSA-2003:213 |
MD5: 11df2613702a118e43564d2ff077621a |
| iptables-ipv6-1.2.5-3.i386.rpm File outdated by: RHSA-2003:213 |
MD5: e31d27e142c6fd23ea8508de07258f5e |
| kernel-2.4.18-17.7.x.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: 082114a540f7bd692476584e38c6cd5c |
| kernel-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: cfdef58820f5d7701f4221c80a7c821b |
| kernel-2.4.18-17.7.x.i586.rpm File outdated by: RHSA-2003:417 |
MD5: 576ceca80b035a10b942e6feb217c055 |
| kernel-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: 3a3afd67620fc36de17876629398dceb |
| kernel-BOOT-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 145d063537e3a34723d50e611cbd37a8 |
| kernel-bigmem-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: fe9a658e1e22defc3cf5e2134646a6eb |
| kernel-debug-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:098 |
MD5: 158c941a9b430581a7bcd23ec1398052 |
| kernel-doc-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 8d9a20e2f4d82cc262cab928910377fa |
| kernel-smp-2.4.18-17.7.x.athlon.rpm File outdated by: RHSA-2003:417 |
MD5: bd2fa5b6b721caf12dcea357304c008b |
| kernel-smp-2.4.18-17.7.x.i586.rpm File outdated by: RHSA-2003:417 |
MD5: d9d2b3fa23ee4733b35fd730e9553625 |
| kernel-smp-2.4.18-17.7.x.i686.rpm File outdated by: RHSA-2003:417 |
MD5: f9e11d26c2ca35ef403656be882fb592 |
| kernel-source-2.4.18-17.7.x.i386.rpm File outdated by: RHSA-2003:417 |
MD5: 0344cc1d42651916fb91ed7a700f3f90 |
| ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.4-8.13.7.2/i386/kernel-utils-2.4-8.13.7.2.i386.rpm Missing file |
MD5: 9d8fcfd1dcb2a3efed1519c56498cd71 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/i386/modutils-2.4.18-3.7x.i386.rpm Missing file |
MD5: cddd8196a38dbff1a8e34429415670fb |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils-devel/2.4.18-3.7x/i386/modutils-devel-2.4.18-3.7x.i386.rpm Missing file |
MD5: 8c663b5015ba81b2ebef80307a37885f |
| IA-64: | |
| ftp://updates.redhat.com/rhn/repository/NULL/MAKEDEV/3.3-4/ia64/MAKEDEV-3.3-4.ia64.rpm Missing file |
MD5: 31d745681c9e53b81147f5fc968a11c4 |
| ftp://updates.redhat.com/rhn/repository/NULL/dev/3.3-4/ia64/dev-3.3-4.ia64.rpm Missing file |
MD5: 647cae518850399228a68da079b0cb7a |
| ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/iptables-1.2.5-3.ia64.rpm Missing file |
MD5: 9c3d09166d9a854028ecf2fe120a0824 |
| ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/iptables-ipv6-1.2.5-3.ia64.rpm Missing file |
MD5: 7a498fd5b5e803ceb6afc65f9da9bd78 |
| kernel-2.4.9-40.ia64.rpm File outdated by: RHSA-2003:098 |
MD5: 35c17902e921f84e07202bc36c77bcbd |
| kernel-doc-2.4.9-40.ia64.rpm File outdated by: RHSA-2003:098 |
MD5: 71757ded05ea9ec37fc81ce7459df3f3 |
| kernel-smp-2.4.9-40.ia64.rpm File outdated by: RHSA-2003:098 |
MD5: cb4a9c26a725e65169e5e82638a6f0be |
| kernel-source-2.4.9-40.ia64.rpm File outdated by: RHSA-2003:098 |
MD5: 785bafa5b9b56338562f7a7b6f6db991 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils/2.4.18-3.7x/ia64/modutils-2.4.18-3.7x.ia64.rpm Missing file |
MD5: b2881ce4c011e08d32e817499c813974 |
| ftp://updates.redhat.com/rhn/repository/NULL/modutils-devel/2.4.18-3.7x/ia64/modutils-devel-2.4.18-3.7x.ia64.rpm Missing file |
MD5: d1fbc32d6d55dad80129e0bef7360168 |
References
https://www.redhat.com/security/data/cve/CVE-2002-1572.html
https://www.redhat.com/security/data/cve/CVE-2002-1573.html
https://www.redhat.com/security/data/cve/CVE-2002-1574.html
http://www.kernel.org/pub/linux/kernel/v2.4/
https://www.redhat.com/security/data/cve/CVE-2002-1573.html
https://www.redhat.com/security/data/cve/CVE-2002-1574.html
http://www.kernel.org/pub/linux/kernel/v2.4/
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
