Security Advisory kernel security update

Advisory: RHSA-2003:103-09
Type: Security Advisory
Severity: Important
Issued on: 2003-03-21
Last updated on: 2003-03-21
Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux WS (v. 2.1)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2003-0127

Details

Updated kernel packages are now available that fix a ptrace-related
vulnerability which can lead to elevated (root) privileges.

The Linux kernel handles the basic functions of the operating system.
A vulnerability has been found in version 2.4.18 of the kernel.

This vulnerability allows a local user to gain elevated (root) privileges
without authorization.

All users should upgrade to these errata packages, which contain patches to
fix the vulnerability.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

The procedure for upgrading the kernel manually is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

Updated packages

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
kernel-2.4.9-e.16.src.rpm
File outdated by:  RHSA-2007:0672		     51c6355db93c3d0ea4a38659adbc45cd
 
IA-32:
kernel-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     d3258ef2091da40a5aa8d05cf88d49f2
kernel-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     4c490d23d3d07e1bb9a365d97c405ced
kernel-BOOT-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     b921812492eaaf552f45fd4cfe998aa4
kernel-debug-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     d261b5d7ca55eb742bac66ebed6ae9d4
kernel-doc-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     bdad339f97932fef6922128cfe85c543
kernel-enterprise-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     96f1232a34e029978f99d44e1b8fbbc4
kernel-headers-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     2b0fec22d4fefbdc3dd51e8a32e6d789
kernel-smp-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     bf563752eaa1eb2784aa1046e154b417
kernel-smp-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     697c54c0b44e366e514daf3453eade18
kernel-source-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     3111844f48535c43809de762cfb47c27
kernel-summit-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     2aedb7b59e53d29ac0b77ace5d433666
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
kernel-2.4.9-e.16.src.rpm
File outdated by:  RHSA-2007:0672		     51c6355db93c3d0ea4a38659adbc45cd
 
IA-32:
kernel-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     d3258ef2091da40a5aa8d05cf88d49f2
kernel-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     4c490d23d3d07e1bb9a365d97c405ced
kernel-BOOT-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     b921812492eaaf552f45fd4cfe998aa4
kernel-debug-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     d261b5d7ca55eb742bac66ebed6ae9d4
kernel-doc-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     bdad339f97932fef6922128cfe85c543
kernel-enterprise-2.4.9-e.16.i686.rpm     96f1232a34e029978f99d44e1b8fbbc4
kernel-headers-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     2b0fec22d4fefbdc3dd51e8a32e6d789
kernel-smp-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     bf563752eaa1eb2784aa1046e154b417
kernel-smp-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     697c54c0b44e366e514daf3453eade18
kernel-source-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     3111844f48535c43809de762cfb47c27
kernel-summit-2.4.9-e.16.i686.rpm     2aedb7b59e53d29ac0b77ace5d433666
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
kernel-2.4.9-e.16.src.rpm
File outdated by:  RHSA-2007:0672		     51c6355db93c3d0ea4a38659adbc45cd
 
IA-32:
kernel-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     d3258ef2091da40a5aa8d05cf88d49f2
kernel-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     4c490d23d3d07e1bb9a365d97c405ced
kernel-BOOT-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     b921812492eaaf552f45fd4cfe998aa4
kernel-debug-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     d261b5d7ca55eb742bac66ebed6ae9d4
kernel-doc-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     bdad339f97932fef6922128cfe85c543
kernel-enterprise-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     96f1232a34e029978f99d44e1b8fbbc4
kernel-headers-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     2b0fec22d4fefbdc3dd51e8a32e6d789
kernel-smp-2.4.9-e.16.athlon.rpm
File outdated by:  RHSA-2007:0672		     bf563752eaa1eb2784aa1046e154b417
kernel-smp-2.4.9-e.16.i686.rpm
File outdated by:  RHSA-2007:0672		     697c54c0b44e366e514daf3453eade18
kernel-source-2.4.9-e.16.i386.rpm
File outdated by:  RHSA-2007:0672		     3111844f48535c43809de762cfb47c27
kernel-summit-2.4.9-e.16.i686.rpm     2aedb7b59e53d29ac0b77ace5d433666
 
(The unlinked packages above are only available from the Red Hat Network)

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0127

Keywords

ptrace

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/