Skip to navigation

Security Advisory New kernel fixes local denial of service issue

Advisory: RHSA-2002:262-07
Type: Security Advisory
Severity: N/A
Issued on: 2002-09-23
Last updated on: 2002-11-16
Affected Products: Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
CVEs (cve.mitre.org): CVE-2002-1319

Details

The kernel in Red Hat Linux 7.1, 7.1K, 7.2, 7.3, and 8.0 are vulnerable to
a local denial of service attack. Updated packages are available which
address this vulnerability, as well as bugs in several drivers.

The Linux kernel handles the basic functions of the operating system.
A vulnerability in the Linux kernel has been discovered in which a non-root
user can cause the machine to freeze. This kernel addresses the
vulnerability.

Note: This bug is specific to the x86 architecture kernels only, and does
not affect ia64 or other architectures.

In addition, a bug in the maestro3 soundcard driver has been fixed as well
as a bug in the xircom pcmcia driver network driver and the tg3 network
driver for Broadcom gigabit ethernet chips.

All users of Red Hat Linux 7.1, 7.1K, 7.2, 7.3, and 8.0 should upgrade to
these errata packages, which are not vulnerable to this issue.

Thanks go to Christopher Devine for reporting the vulnerability on bugtraq,
and Petr Vandrovec for being the first to supply a fix to the community.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied, especially the additional
packages from RHSA-2002:205 and RHSA-2002:206 respectively.

The procedure for upgrading the kernel manually is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

Updated packages

Red Hat Linux 7.1
SRPMS:
kernel-2.4.18-18.7.x.src.rpm
File outdated by:  RHSA-2003:417		     MD5: 7f8581e632826cafd7530109c79c19bb
 
IA-32:
kernel-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: e38b754b71fb5a091f3bce785c968724
kernel-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: d16d76b77189d9da17481e9c0e0cc0ca
kernel-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: fd20bdd2a82510eab8e8498fec0232fb
kernel-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: d8adfe12ad67f8bac27339a450b97499
kernel-BOOT-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 026e9c4a13ba2fd3fdd49eb9b2f432ea
kernel-bigmem-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: ff7a46200b12e53e5092b9d889c7cb9c
kernel-debug-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:098		     MD5: 61e83bb1999b8fa861fb98f41b8f46ef
kernel-doc-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 02c6831a3e971fab22ecbb5f1e1a09f3
kernel-smp-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: 0ab8f1aa236289f6c3c9c152cd578669
kernel-smp-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: a1ed7b8fd3d6de8db0ec73b0b4e75f1d
kernel-smp-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: 20be5fba2e3ebe73c1126bb61fce6c43
kernel-source-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: a81a5af709b40d713100a82124e7c0dd
 
Red Hat Linux 7.2
SRPMS:
kernel-2.4.18-18.7.x.src.rpm
File outdated by:  RHSA-2003:417		     MD5: 7f8581e632826cafd7530109c79c19bb
 
IA-32:
kernel-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: e38b754b71fb5a091f3bce785c968724
kernel-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: d16d76b77189d9da17481e9c0e0cc0ca
kernel-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: fd20bdd2a82510eab8e8498fec0232fb
kernel-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: d8adfe12ad67f8bac27339a450b97499
kernel-BOOT-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 026e9c4a13ba2fd3fdd49eb9b2f432ea
kernel-bigmem-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: ff7a46200b12e53e5092b9d889c7cb9c
kernel-debug-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:098		     MD5: 61e83bb1999b8fa861fb98f41b8f46ef
kernel-doc-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 02c6831a3e971fab22ecbb5f1e1a09f3
kernel-smp-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: 0ab8f1aa236289f6c3c9c152cd578669
kernel-smp-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: a1ed7b8fd3d6de8db0ec73b0b4e75f1d
kernel-smp-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: 20be5fba2e3ebe73c1126bb61fce6c43
kernel-source-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: a81a5af709b40d713100a82124e7c0dd
 
Red Hat Linux 7.3
SRPMS:
kernel-2.4.18-18.7.x.src.rpm
File outdated by:  RHSA-2003:417		     MD5: 7f8581e632826cafd7530109c79c19bb
 
IA-32:
kernel-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: e38b754b71fb5a091f3bce785c968724
kernel-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: d16d76b77189d9da17481e9c0e0cc0ca
kernel-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: fd20bdd2a82510eab8e8498fec0232fb
kernel-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: d8adfe12ad67f8bac27339a450b97499
kernel-BOOT-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 026e9c4a13ba2fd3fdd49eb9b2f432ea
kernel-bigmem-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: ff7a46200b12e53e5092b9d889c7cb9c
kernel-debug-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:098		     MD5: 61e83bb1999b8fa861fb98f41b8f46ef
kernel-doc-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 02c6831a3e971fab22ecbb5f1e1a09f3
kernel-smp-2.4.18-18.7.x.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: 0ab8f1aa236289f6c3c9c152cd578669
kernel-smp-2.4.18-18.7.x.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: a1ed7b8fd3d6de8db0ec73b0b4e75f1d
kernel-smp-2.4.18-18.7.x.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: 20be5fba2e3ebe73c1126bb61fce6c43
kernel-source-2.4.18-18.7.x.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: a81a5af709b40d713100a82124e7c0dd
 
Red Hat Linux 8.0
SRPMS:
kernel-2.4.18-18.8.0.src.rpm
File outdated by:  RHSA-2003:417		     MD5: 65f6590b550c8a0d0b04bb885c12368d
 
IA-32:
kernel-2.4.18-18.8.0.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: 946a8573a7af951a37f91bfbd445da07
kernel-2.4.18-18.8.0.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 6da80288107c7b7bb574c8aa47242e3b
kernel-2.4.18-18.8.0.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: 93835d95e05a593fd86b497259d6a313
kernel-2.4.18-18.8.0.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: 41fea4a230a8989d16151fe21b38c9d4
kernel-BOOT-2.4.18-18.8.0.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 889397ada127361d19bb29c83eb33b57
kernel-bigmem-2.4.18-18.8.0.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: 3b5aa2480f92f79b2a9f597a865dc6a5
kernel-debug-2.4.18-18.8.0.i686.rpm
File outdated by:  RHSA-2003:098		     MD5: 6026588279d9871ffac63e15a9091563
kernel-doc-2.4.18-18.8.0.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: 9c91e050657805d547b1664ca55d7691
kernel-smp-2.4.18-18.8.0.athlon.rpm
File outdated by:  RHSA-2003:417		     MD5: c31721f77fc44fd6bab38c75ff66fa17
kernel-smp-2.4.18-18.8.0.i586.rpm
File outdated by:  RHSA-2003:417		     MD5: 6ba903e2c94ea619baf10ebffdfd9a15
kernel-smp-2.4.18-18.8.0.i686.rpm
File outdated by:  RHSA-2003:417		     MD5: b94e4989c4c28fab3fbe1fa8b79ea902
kernel-source-2.4.18-18.8.0.i386.rpm
File outdated by:  RHSA-2003:417		     MD5: b99ffefa103eeb4d12ad6efae9cf4ef1
kernel-uml-2.4.18-18.8.0.i686.rpm
File outdated by:  RHBA-2002:292		     MD5: be0e87f588f1995d48ed72c3251d21be
 

Bugs fixed (see bugzilla for more information)

69920 - Kernel Crashes in TG3 Driver
75359 - kernel source does not compile due to missing include files
76171 - kernel-2.4.18-17.7.x update caused maestro3 to stop working
76206 - xirc2ps_cs hangs apmd after upgrading to 2.4.18-17
76233 - new kernel up2date hangs laptop at shutdown
76385 - 2.4.18-17.7.x update breaks Wacom tablet support
76555 - problems with kernel-2.4.18-17.8.0 on Dell Latitude CPx
76624 - Segmentation Fault using GDTH on RH72 kernel-smp-2.4.18-17.7.x
77134 - Sound Modules fail for Enigma kernel 2.4.18-17.7.x
77138 - Sound Modules Fail for Enigma kernel 2.4.18-17.7.x on Dell Latitude J750
77241 - esd peaks CPU w/ kernel 2.4.18-17.8.0 on Dell Inspiron 8100
77258 - Ethernet interface not working on SiS 963 south bridge (SiS 648 chipset)
77565 - [gdth] NULL pointer dereference in scsi.c (scsi_release_commandblocks)
77834 - Working Dos from bugtraq mailing list


References

https://www.redhat.com/security/data/cve/CVE-2002-1319.html
http://online.securityfocus.com/archive/1/299687/2002-11-11/2002-11-17/0

Keywords

bugtraq, DoS

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/