Security Advisory kernel security update

Advisory: RHSA-2004:413-07
Type: Security Advisory
Severity: Important
Issued on: 2004-08-03
Last updated on: 2004-08-03
Affected Products: Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2004-0178
CVE-2004-0415
CVE-2004-0447
CVE-2004-0535
CVE-2004-0587

Details

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

The Linux kernel handles the basic functions of the operating system.

Paul Starzetz discovered flaws in the Linux kernel when handling file
offset pointers. These consist of invalid conversions of 64 to 32-bit file
offset pointers and possible race conditions. A local unprivileged user
could make use of these flaws to access large portions of kernel memory.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0415 to this issue.

These packages contain a patch written by Al Viro to correct these flaws.
Red Hat would like to thank iSEC Security Research for disclosing this
issue and a number of vendor-sec participants for reviewing and working on
the patch to this issue.

In addition, these packages correct a number of minor security issues:

An bug in the e1000 network driver. This bug could be used by local users
to leak small amounts of kernel memory (CAN-2004-0535).

A bug in the SoundBlaster 16 code which does not properly handle certain
sample sizes. This flaw could be used by local users to crash a system
(CAN-2004-0178).

A possible NULL-pointer dereference in the Linux kernel prior to 2.4.26 on
the Itanium platform could allow a local user to crash a system
(CAN-2004-0447).

Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587).

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Enterprise Linux AS (v. 3)
SRPMS:
kernel-2.4.21-15.0.4.EL.src.rpm     9f04fbd5d2b5182bfe7fa0242b4fd0a3
 
IA-32:
kernel-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     25e7d097ccf85396dfdc53c6b03d83ea
kernel-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     2269c8e5bab350ac6e5f7252430dfd0f
kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     6741173959e3e0686c080f2313ec7d5d
kernel-doc-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     938fabc770ac041b44d4c99bfa90709a
kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     fa6a5940751cbbb60236c88f58e8cc31
kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     40f3c5f256246fda87d9ddd3cb6791a5
kernel-smp-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     d619cffe546f2f41e9259ac437f07d44
kernel-smp-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     3d106ae97cca1fcba8a3de8a5866b88b
kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     06ef0da24796cc19d9c492e8ab638a29
kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     8590ac5bbca153e1948f48f101bddcb6
kernel-source-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     d106990663a3d5ad735a47a86830940c
kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     388a7af25fbefd195f9ab59922cca912
kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     04197afa144f4c7874b01c50fc027d5d
 
IA-64:
kernel-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d9d9873b1a03437ce9a660d5498e6acc
kernel-doc-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     87c9d3baf789371a88c2078f1bf9cd2a
kernel-source-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d1280df50b401a4ab1fe3630fef1a4b0
kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d07a66ca6e06045842c863be96729733
 
PPC:
kernel-2.4.21-15.0.4.EL.ppc64iseries.rpm
File outdated by:  RHSA-2008:0211		     1c929592946473d5fe73c71354846313
kernel-2.4.21-15.0.4.EL.ppc64pseries.rpm
File outdated by:  RHSA-2008:0211		     01d9b20c6c4c45276195104bc6984224
kernel-doc-2.4.21-15.0.4.EL.ppc64.rpm
File outdated by:  RHSA-2008:0211		     21628655b2e3bd052b9393e8eac6ebd1
kernel-source-2.4.21-15.0.4.EL.ppc64.rpm
File outdated by:  RHSA-2008:0211		     86f1ad447a3023b3a6614c750271d155
kernel-unsupported-2.4.21-15.0.4.EL.ppc64iseries.rpm
File outdated by:  RHSA-2008:0211		     f8d2585dbf7adea54df19fdfd63a2eb7
kernel-unsupported-2.4.21-15.0.4.EL.ppc64pseries.rpm
File outdated by:  RHSA-2008:0211		     48bef493baacda16294ba973404d6587
 
s390:
kernel-2.4.21-15.0.4.EL.s390.rpm
File outdated by:  RHSA-2008:0211		     4ba1d35ff61699b9f3757941eef9623d
kernel-doc-2.4.21-15.0.4.EL.s390.rpm
File outdated by:  RHSA-2008:0211		     9cb546f7b760a62baf3e198ed7591a1a
kernel-source-2.4.21-15.0.4.EL.s390.rpm
File outdated by:  RHSA-2008:0211		     d88eac17c9376f415351eb103a429ca0
kernel-unsupported-2.4.21-15.0.4.EL.s390.rpm
File outdated by:  RHSA-2008:0211		     757875de32469823e2578a088c655925
 
s390x:
kernel-2.4.21-15.0.4.EL.s390x.rpm
File outdated by:  RHSA-2008:0211		     125b33d2f4d7558bfda6397540e7976b
kernel-doc-2.4.21-15.0.4.EL.s390x.rpm
File outdated by:  RHSA-2008:0211		     e02ad38774bd83672d0f8bdeadb6f0f8
kernel-source-2.4.21-15.0.4.EL.s390x.rpm
File outdated by:  RHSA-2008:0211		     25bea5095bcac052ae3897c026f218bd
kernel-unsupported-2.4.21-15.0.4.EL.s390x.rpm
File outdated by:  RHSA-2008:0211		     f756be2685a447f6f19458c1aa75e2be
 
x86_64:
kernel-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     80869adc4ed80a1c035ddaef69e2aa10
kernel-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     499203e60c5c0294fd2a41bbd9306b03
kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     007a0353e8c76dd40424909844f6705e
kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     33ade25b9b682f514f9523ec977a2c09
kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     3171661c4c24e3dcbf8970c8094e5851
kernel-source-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     f33e51c95e59d8379d5dc4817ee13ce7
kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     5dd0f98110e54e64ebfb934a2bb9629f
kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     eea5cbda95fb75f0f9c40e6cd3260efe
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
kernel-2.4.21-15.0.4.EL.src.rpm     9f04fbd5d2b5182bfe7fa0242b4fd0a3
 
IA-32:
kernel-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     25e7d097ccf85396dfdc53c6b03d83ea
kernel-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     2269c8e5bab350ac6e5f7252430dfd0f
kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     6741173959e3e0686c080f2313ec7d5d
kernel-doc-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     938fabc770ac041b44d4c99bfa90709a
kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     fa6a5940751cbbb60236c88f58e8cc31
kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     40f3c5f256246fda87d9ddd3cb6791a5
kernel-smp-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     d619cffe546f2f41e9259ac437f07d44
kernel-smp-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     3d106ae97cca1fcba8a3de8a5866b88b
kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     06ef0da24796cc19d9c492e8ab638a29
kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     8590ac5bbca153e1948f48f101bddcb6
kernel-source-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     d106990663a3d5ad735a47a86830940c
kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     388a7af25fbefd195f9ab59922cca912
kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     04197afa144f4c7874b01c50fc027d5d
 
IA-64:
kernel-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d9d9873b1a03437ce9a660d5498e6acc
kernel-doc-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     87c9d3baf789371a88c2078f1bf9cd2a
kernel-source-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d1280df50b401a4ab1fe3630fef1a4b0
kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d07a66ca6e06045842c863be96729733
 
x86_64:
kernel-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     80869adc4ed80a1c035ddaef69e2aa10
kernel-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     499203e60c5c0294fd2a41bbd9306b03
kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     007a0353e8c76dd40424909844f6705e
kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     33ade25b9b682f514f9523ec977a2c09
kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     3171661c4c24e3dcbf8970c8094e5851
kernel-source-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     f33e51c95e59d8379d5dc4817ee13ce7
kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     5dd0f98110e54e64ebfb934a2bb9629f
kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     eea5cbda95fb75f0f9c40e6cd3260efe
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
kernel-2.4.21-15.0.4.EL.src.rpm     9f04fbd5d2b5182bfe7fa0242b4fd0a3
 
IA-32:
kernel-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     25e7d097ccf85396dfdc53c6b03d83ea
kernel-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     2269c8e5bab350ac6e5f7252430dfd0f
kernel-BOOT-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     6741173959e3e0686c080f2313ec7d5d
kernel-doc-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     938fabc770ac041b44d4c99bfa90709a
kernel-hugemem-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     fa6a5940751cbbb60236c88f58e8cc31
kernel-hugemem-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     40f3c5f256246fda87d9ddd3cb6791a5
kernel-smp-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     d619cffe546f2f41e9259ac437f07d44
kernel-smp-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     3d106ae97cca1fcba8a3de8a5866b88b
kernel-smp-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     06ef0da24796cc19d9c492e8ab638a29
kernel-smp-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     8590ac5bbca153e1948f48f101bddcb6
kernel-source-2.4.21-15.0.4.EL.i386.rpm
File outdated by:  RHSA-2008:0211		     d106990663a3d5ad735a47a86830940c
kernel-unsupported-2.4.21-15.0.4.EL.athlon.rpm
File outdated by:  RHSA-2008:0211		     388a7af25fbefd195f9ab59922cca912
kernel-unsupported-2.4.21-15.0.4.EL.i686.rpm
File outdated by:  RHSA-2008:0211		     04197afa144f4c7874b01c50fc027d5d
 
IA-64:
kernel-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d9d9873b1a03437ce9a660d5498e6acc
kernel-doc-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     87c9d3baf789371a88c2078f1bf9cd2a
kernel-source-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d1280df50b401a4ab1fe3630fef1a4b0
kernel-unsupported-2.4.21-15.0.4.EL.ia64.rpm
File outdated by:  RHSA-2008:0211		     d07a66ca6e06045842c863be96729733
 
x86_64:
kernel-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     80869adc4ed80a1c035ddaef69e2aa10
kernel-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     499203e60c5c0294fd2a41bbd9306b03
kernel-doc-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     007a0353e8c76dd40424909844f6705e
kernel-smp-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     33ade25b9b682f514f9523ec977a2c09
kernel-smp-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     3171661c4c24e3dcbf8970c8094e5851
kernel-source-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     f33e51c95e59d8379d5dc4817ee13ce7
kernel-unsupported-2.4.21-15.0.4.EL.ia32e.rpm
File outdated by:  RHSA-2008:0211		     5dd0f98110e54e64ebfb934a2bb9629f
kernel-unsupported-2.4.21-15.0.4.EL.x86_64.rpm
File outdated by:  RHSA-2008:0211		     eea5cbda95fb75f0f9c40e6cd3260efe
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

120527 - CAN-2004-0447 [PATCH] IPF kernel crashes under gdb
121045 - CAN-2004-0178 Soundblaster 16 local DoS
125168 - CAN-2004-0535 e1000 kernel memory information leak
126396 - CAN-2004-0587 Bad permissions on qla* drivers


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0587

Keywords

errata, kernel, security, taroon

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/