Updated kernel packages that fix a remote denial of service vulnerability
in the TCP/IP stack, and a local privilege vulnerability, are now available.
[Updated 28 August 2003]
Added CAN-2003-0187 and CAN-2003-0619 to the list of security issues that
were fixed by this advisory (there are no changes to the packages themselves).
The Linux kernel handles the basic functions of the operating system.
The connection tracking core of Netfilter for Linux 2.4.20, with
CONFIG_IP_NF_CONNTRACK enabled (or the ip_conntrack module loaded), allows
remote attackers to cause a denial of service (resource consumption). This
causes Netfilter to fail to identify connections with an UNCONFIRMED status
and use large timeouts. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0187 to this issue.
A flaw has been found in several hash table implementations in the kernel
networking code. A remote attacker could send packets with carefully
chosen, forged source addresses in such a way as to make every routing
cache entry get hashed into the same hash chain. The result would be that
the kernel would use a disproportionate amount of processor time to deal
with new packets, resulting in a remote denial of service attack. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2003-0244 to this issue.
A flaw has been found in the "ioperm" system call, which fails to properly
restrict privileges. This flaw can allow an unprivileged local user to
gain read and write access to I/O ports on the system. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0246 to this issue.
An integer signedness error in the Linux kernel before 2.4.21 allows remote
attackers to cause a denial of service (kernel panic) via a negative size
value within XDR data of an NFSv3 procedure call. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0619 to this issue.
All users should upgrade to these updated packages, which are not
vulnerable to these issues.
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To use Red Hat Network to upgrade the kernel, launch the Red Hat Update
Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the
kernel explicitly if you are using the default configuration of up2date.
To install kernel packages manually, use "rpm -ivh <package>" and
modify system settings to boot the kernel you have installed. To
do this, edit /boot/grub/grub.conf and change the default entry to
"default=0" (or, if you have chosen to use LILO as your boot loader,
edit /etc/lilo.conf and run lilo)
Do not use "rpm -Uvh" as that will remove your running kernel binaries
from your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.
| Red Hat Linux 7.1 |
|
| SRPMS: |
kernel-2.4.20-13.7.src.rpm
File outdated by: RHSA-2003:417 |
d1799a2701cd94e64dd7217fd4d1e666 |
| |
| IA-32: |
kernel-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
1ed2234cddcf1a5eb18f8dd9abd2585b |
kernel-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
02347832231e93183581c3dbb8e46c4a |
kernel-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
b5533475a0fd9b383f56945d64dea185 |
kernel-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
77316b8f05f6fd1e352679f56b9992f6 |
kernel-BOOT-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
49c156feaa21c6b847813f3a087b5ae3 |
kernel-bigmem-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
408d19fa437c5e452167f2c8c1f362ce |
kernel-doc-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
702f8a04e66fdfd8f41a4319fe604e0a |
kernel-smp-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
4ec891edbd9340da904fd6a8d1d98043 |
kernel-smp-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
592733320530871511e9c5d636563533 |
kernel-smp-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
24168061d6bffb12a1fc150eaea6b1b9 |
kernel-source-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
36437fe4edf013dc89aa9d226f20fd01 |
| |
| Red Hat Linux 7.2 |
|
| SRPMS: |
kernel-2.4.20-13.7.src.rpm
File outdated by: RHSA-2003:417 |
d1799a2701cd94e64dd7217fd4d1e666 |
| |
| IA-32: |
kernel-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
1ed2234cddcf1a5eb18f8dd9abd2585b |
kernel-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
02347832231e93183581c3dbb8e46c4a |
kernel-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
b5533475a0fd9b383f56945d64dea185 |
kernel-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
77316b8f05f6fd1e352679f56b9992f6 |
kernel-BOOT-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
49c156feaa21c6b847813f3a087b5ae3 |
kernel-bigmem-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
408d19fa437c5e452167f2c8c1f362ce |
kernel-doc-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
702f8a04e66fdfd8f41a4319fe604e0a |
kernel-smp-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
4ec891edbd9340da904fd6a8d1d98043 |
kernel-smp-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
592733320530871511e9c5d636563533 |
kernel-smp-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
24168061d6bffb12a1fc150eaea6b1b9 |
kernel-source-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
36437fe4edf013dc89aa9d226f20fd01 |
| |
| Red Hat Linux 7.3 |
|
| SRPMS: |
kernel-2.4.20-13.7.src.rpm
File outdated by: RHSA-2003:417 |
d1799a2701cd94e64dd7217fd4d1e666 |
| |
| IA-32: |
kernel-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
1ed2234cddcf1a5eb18f8dd9abd2585b |
kernel-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
02347832231e93183581c3dbb8e46c4a |
kernel-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
b5533475a0fd9b383f56945d64dea185 |
kernel-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
77316b8f05f6fd1e352679f56b9992f6 |
kernel-BOOT-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
49c156feaa21c6b847813f3a087b5ae3 |
kernel-bigmem-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
408d19fa437c5e452167f2c8c1f362ce |
kernel-doc-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
702f8a04e66fdfd8f41a4319fe604e0a |
kernel-smp-2.4.20-13.7.athlon.rpm
File outdated by: RHSA-2003:417 |
4ec891edbd9340da904fd6a8d1d98043 |
kernel-smp-2.4.20-13.7.i586.rpm
File outdated by: RHSA-2003:417 |
592733320530871511e9c5d636563533 |
kernel-smp-2.4.20-13.7.i686.rpm
File outdated by: RHSA-2003:417 |
24168061d6bffb12a1fc150eaea6b1b9 |
kernel-source-2.4.20-13.7.i386.rpm
File outdated by: RHSA-2003:417 |
36437fe4edf013dc89aa9d226f20fd01 |
| |
| Red Hat Linux 8.0 |
|
| SRPMS: |
kernel-2.4.20-13.8.src.rpm
File outdated by: RHSA-2003:417 |
1eac6e546a88e479821b0c64fafd076c |
ftp://updates.redhat.com/8.0/en/os/SRPMS/oprofile-0.4-44.8.1.src.rpm
Missing file |
5cdd690b2c0b8b275a4d048a95d8bf8b |
| |
| IA-32: |
kernel-2.4.20-13.8.athlon.rpm
File outdated by: RHSA-2003:417 |
20f2ec3996100d5c4b5a5cf609cbf96c |
kernel-2.4.20-13.8.i386.rpm
File outdated by: RHSA-2003:417 |
04a3edfdf82d73de6e58fcf2254b7fd4 |
kernel-2.4.20-13.8.i586.rpm
File outdated by: RHSA-2003:417 |
be7d58a03d9a28db072b99c57fe80f0b |
kernel-2.4.20-13.8.i686.rpm
File outdated by: RHSA-2003:417 |
08584687dae702a02c9603fb95f5275c |
kernel-BOOT-2.4.20-13.8.i386.rpm
File outdated by: RHSA-2003:417 |
cbc978d4e686f0e2f8d4bb91a527ee59 |
kernel-bigmem-2.4.20-13.8.i686.rpm
File outdated by: RHSA-2003:417 |
d336ee0403d4d8ffccdbed5fd460693f |
kernel-doc-2.4.20-13.8.i386.rpm
File outdated by: RHSA-2003:417 |
7061fe2b7d9a9e04d7d799590871d2fc |
kernel-smp-2.4.20-13.8.athlon.rpm
File outdated by: RHSA-2003:417 |
bcdbbbe42fee19a74d993c9eb0b5c2e0 |
kernel-smp-2.4.20-13.8.i586.rpm
File outdated by: RHSA-2003:417 |
23fb8e7b7c895205314be4abd10b0474 |
kernel-smp-2.4.20-13.8.i686.rpm
File outdated by: RHSA-2003:417 |
f4f693c588d9519b26ec912e1e58419b |
kernel-source-2.4.20-13.8.i386.rpm
File outdated by: RHSA-2003:417 |
96429c0d8185bb1672ed3530877e9e9c |
ftp://updates.redhat.com/8.0/en/os/i386/oprofile-0.4-44.8.1.i386.rpm
Missing file |
88440b86e921dce49f05b0c1a0344cc9 |
| |
| Red Hat Linux 9 |
|
| SRPMS: |
kernel-2.4.20-13.9.src.rpm
File outdated by: RHSA-2004:166 |
5a39e35dfea5b4b79c8be444bf49dcc5 |
| |
| IA-32: |
kernel-2.4.20-13.9.athlon.rpm
File outdated by: RHSA-2004:166 |
6b3e0a56fb8977818b0802f64a91dbb3 |
kernel-2.4.20-13.9.i386.rpm
File outdated by: RHSA-2004:166 |
b46c026c49d52da7b9f971f4a8a13908 |
kernel-2.4.20-13.9.i586.rpm
File outdated by: RHSA-2004:166 |
c0957a0fe3c04594c9b5489877a7c570 |
kernel-2.4.20-13.9.i686.rpm
File outdated by: RHSA-2004:166 |
ac8410ce50e12268cc07e6dfb80a08f0 |
kernel-BOOT-2.4.20-13.9.i386.rpm
File outdated by: RHSA-2004:166 |
794415512835127e0a7c7a99e56aa986 |
kernel-bigmem-2.4.20-13.9.i686.rpm
File outdated by: RHSA-2004:166 |
21ca6ca4b4d4aada6ce90dbb700145b3 |
kernel-doc-2.4.20-13.9.i386.rpm
File outdated by: RHSA-2004:166 |
5a1e0fd284dc69896c25f8c31bea6513 |
kernel-smp-2.4.20-13.9.athlon.rpm
File outdated by: RHSA-2004:166 |
0460a0cc4bf91467fc3b26a979a8d658 |
kernel-smp-2.4.20-13.9.i586.rpm
File outdated by: RHSA-2004:166 |
6d9a641dadcc0abce2584f9f92f20552 |
kernel-smp-2.4.20-13.9.i686.rpm
File outdated by: RHSA-2004:166 |
bac56b09e64cbe6befa0f134f9c7ab53 |
kernel-source-2.4.20-13.9.i386.rpm
File outdated by: RHSA-2004:166 |
9367405b84ff5bb55cef17c879cf9ce0 |
| |
81282 - No pcmcia devices found (HP OmniBook XT6050) after upgrade.
86180 - orinoco_cs periodically drops connection with linksys wpc11v3
88047 - /proc/<pid>/cmdline is empty in RHL8
88550 - Acer 351tev fails loading trident.o module
88847 - Sound card AZT1008 not initialized by ad1848.o
89049 - ALi M5451 doesn't work
89554 - Kernel needs dell inspiron 8500 support
89686 - V.110 doesn't work with HFC_PCI cards.
89732 - Installer hangs when loading aic7xxx module
89743 - usb-uhci Kernel freeze with one-shot interrupt transfers
90276 - Some drivers are missing a copy_from_user() function call
Updated 2.4 kernel fixes security vulnerabilities and various bugs