Skip to navigation

Security Advisory New kernel 2.2 packages fix local denial of service issue

Advisory: RHSA-2002:264-05
Type: Security Advisory
Severity: N/A
Issued on: 2002-09-23
Last updated on: 2002-11-25
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
CVEs (cve.mitre.org): CVE-2002-1319

Details

The kernel in Red Hat Linux 6.2 and 7 is vulnerable to
a local denial of service attack.

The Linux kernel handles the basic functions of the operating system.
A vulnerability in the Linux kernel has been discovered in which a non-root
user can cause the machine to freeze. This kernel addresses the
vulnerability.

Note: This bug is specific to the x86 architecture kernels only, and does
not affect other architectures.

All users of Red Hat Linux 6.2 and 7 should upgrade to
these errata packages, which are not vulnerable to this issue.

Thanks go to Christopher Devine for reporting the vulnerability on bugtraq,
and Petr Vandrovec for being the first to supply a fix to the community.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

Updated packages

Red Hat Linux 6.2

IA-32:
kernel-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: a9b510b4ffca3e7bf643a46f99ee749f
kernel-2.2.22-6.2.3.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: cd23cad52c4cda6b5f07480cdf21ed3b
kernel-2.2.22-6.2.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: 93f87f2b9cfec1fd06529b6a28939d75
kernel-BOOT-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 5c08d5ac6ffebde931cc924914bf4f10
kernel-doc-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: d417601fb70f93e159a10cf5a9e6e21b
kernel-enterprise-2.2.22-6.2.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: c4fd6d256c39ebc4ea00806b5ab3d56a
kernel-headers-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 436d4c050116d0feb910bd93307797f2
kernel-ibcs-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 9c55348902c8a8f307be174c4602f59d
kernel-pcmcia-cs-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 6d37e0e877ba6c7d812b56ab3019260e
kernel-smp-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 36d0b2a93762e0f4f758bcd93e034312
kernel-smp-2.2.22-6.2.3.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: 53a7a0043e0d31b144fd61bdaf11e187
kernel-smp-2.2.22-6.2.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: ff2017bb51f4d19572fde3f451d09dd1
kernel-source-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: d8d77e393802a68aebf80e292522e16b
kernel-utils-2.2.22-6.2.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: c8d46df81889868d1faff01fca32b284
 
Red Hat Linux 7.0

IA-32:
kernel-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: ba432d1cde8294af402b86270b496d3b
kernel-2.2.22-7.0.3.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: d73578bf7c208e6e11b8f3d71dd5292f
kernel-2.2.22-7.0.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: b58bd6b9bd450fe76270f2187d740fea
kernel-BOOT-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 63e83e11ea93f22f4640914b14defc64
kernel-doc-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: c11cc524a48dada56206b02f0c8a9425
kernel-enterprise-2.2.22-7.0.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: ca1fc2c95dd8e63a23507514889b9a8b
kernel-ibcs-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: d5c4579a9db0a2d8e8288b8a539dbfea
kernel-pcmcia-cs-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: cf201e8b3441f9a01799b89a8c748d0e
kernel-smp-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 1fc8a3891a20c03062eb8c369a62bfce
kernel-smp-2.2.22-7.0.3.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: a528f8c13f296c12f063227606ffd7ff
kernel-smp-2.2.22-7.0.3.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: 70d3da3e911ae417338701537044530d
kernel-source-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 554eba6533979171920db4c933e8f0eb
kernel-utils-2.2.22-7.0.3.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 3d42a527d8c3193d48e559f86a2ac710
 

References


Keywords

bugtraq, DoS


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/