Skip to navigation

Security Advisory Updated 2.4 kernel fixes privilege escalation security vulnerability

Advisory: RHSA-2003:392-05
Type: Security Advisory
Severity: N/A
Issued on: 2003-12-01
Last updated on: 2003-12-01
Affected Products: Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CVE-2003-0961

Details

Updated kernel packages are now available that fix a security vulnerability
leading to a possible privilege escalation.

The Linux kernel handles the basic functions of the operating system.

A flaw in bounds checking in the do_brk() function in the Linux kernel
versions 2.4.22 and previous can allow a local attacker to gain root
privileges. This issue is known to be exploitable; an exploit has been
seen in the wild that takes advantage of this vulnerability. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0961 to this issue.

All users are advised to upgrade to these errata packages, which contain
a backported security patch that corrects this vulnerability.

Important:

If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from
RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have
installed quota-3.06-9.7 from RHSA-2003:187


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To use Red Hat Network to upgrade the kernel, launch the Red Hat Update
Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the
kernel explicitly if you are using the default configuration of up2date.

To install kernel packages manually, use "rpm -ivh <package>" and
modify system settings to boot the kernel you have installed. To
do this, edit /boot/grub/grub.conf and change the default entry to
"default=0" (or, if you have chosen to use LILO as your boot loader,
edit /etc/lilo.conf and run lilo)

Do not use "rpm -Uvh" as that will remove your running kernel binaries
from your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Linux 7.1

SRPMS:
kernel-2.4.20-24.7.src.rpm
File outdated by:  RHSA-2003:417
    MD5: d820f37c791df3f59e22e0f2f4aee4a8
 
IA-32:
kernel-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: 172f574aa6055e4ed706abf395b4a9ab
kernel-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 3ae94919218a7edce005c955f6b22776
kernel-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: bacae6a71188c7e5e54c4a91434c67c4
kernel-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: a6351fcc1a61054adf492f66da65f2d9
kernel-BOOT-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 6a4ab4889332208b048f4ef2fb7a190d
kernel-bigmem-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: fe052b2b749aa3d1abe449d3ea392cf9
kernel-doc-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: b10a9aff5af4ce2cf36252fd4b0f21a0
kernel-smp-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: f7b7f5e5eafc31b541fe3a27bd48f408
kernel-smp-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: 945b720803753d1f60f6d4492b54ca6b
kernel-smp-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: 31128ef6e28b75ce451b4c3c00a0b1b7
kernel-source-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 5a88fec16c237e778518df03e62af071
 
Red Hat Linux 7.2

SRPMS:
kernel-2.4.20-24.7.src.rpm
File outdated by:  RHSA-2003:417
    MD5: d820f37c791df3f59e22e0f2f4aee4a8
 
IA-32:
kernel-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: 172f574aa6055e4ed706abf395b4a9ab
kernel-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 3ae94919218a7edce005c955f6b22776
kernel-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: bacae6a71188c7e5e54c4a91434c67c4
kernel-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: a6351fcc1a61054adf492f66da65f2d9
kernel-BOOT-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 6a4ab4889332208b048f4ef2fb7a190d
kernel-bigmem-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: fe052b2b749aa3d1abe449d3ea392cf9
kernel-doc-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: b10a9aff5af4ce2cf36252fd4b0f21a0
kernel-smp-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: f7b7f5e5eafc31b541fe3a27bd48f408
kernel-smp-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: 945b720803753d1f60f6d4492b54ca6b
kernel-smp-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: 31128ef6e28b75ce451b4c3c00a0b1b7
kernel-source-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 5a88fec16c237e778518df03e62af071
 
Red Hat Linux 7.3

SRPMS:
kernel-2.4.20-24.7.src.rpm
File outdated by:  RHSA-2003:417
    MD5: d820f37c791df3f59e22e0f2f4aee4a8
 
IA-32:
kernel-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: 172f574aa6055e4ed706abf395b4a9ab
kernel-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 3ae94919218a7edce005c955f6b22776
kernel-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: bacae6a71188c7e5e54c4a91434c67c4
kernel-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: a6351fcc1a61054adf492f66da65f2d9
kernel-BOOT-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 6a4ab4889332208b048f4ef2fb7a190d
kernel-bigmem-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: fe052b2b749aa3d1abe449d3ea392cf9
kernel-doc-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: b10a9aff5af4ce2cf36252fd4b0f21a0
kernel-smp-2.4.20-24.7.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: f7b7f5e5eafc31b541fe3a27bd48f408
kernel-smp-2.4.20-24.7.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: 945b720803753d1f60f6d4492b54ca6b
kernel-smp-2.4.20-24.7.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: 31128ef6e28b75ce451b4c3c00a0b1b7
kernel-source-2.4.20-24.7.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 5a88fec16c237e778518df03e62af071
 
Red Hat Linux 8.0

SRPMS:
kernel-2.4.20-24.8.src.rpm
File outdated by:  RHSA-2003:417
    MD5: f6f49ba606d4ef1a586f99c564b2499d
 
IA-32:
kernel-2.4.20-24.8.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: 2244d511620477db15996ac6ac586ce6
kernel-2.4.20-24.8.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 6c25fc68334cde596e183532d8b3483a
kernel-2.4.20-24.8.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: 35da48234c032663cd5765a15cab8169
kernel-2.4.20-24.8.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: 000e2b216d17a64b15a81dc27c21b453
kernel-BOOT-2.4.20-24.8.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: c79ea815774a3cf3c00c89f36b34aacb
kernel-bigmem-2.4.20-24.8.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: 062a3810a475c2dacb06c03234652e76
kernel-doc-2.4.20-24.8.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: 3b9cf1a0a8db7fd4503a56d498a23878
kernel-smp-2.4.20-24.8.athlon.rpm
File outdated by:  RHSA-2003:417
    MD5: f73a9ab55bbf9cd43d83c16546a9a07a
kernel-smp-2.4.20-24.8.i586.rpm
File outdated by:  RHSA-2003:417
    MD5: 4dcbad37430e402267a991e1e8586586
kernel-smp-2.4.20-24.8.i686.rpm
File outdated by:  RHSA-2003:417
    MD5: a66bd9c6f6da80b26a353a99f33b5f25
kernel-source-2.4.20-24.8.i386.rpm
File outdated by:  RHSA-2003:417
    MD5: c21153374e1847f47d29ecf99805c064
 
Red Hat Linux 9

SRPMS:
kernel-2.4.20-24.9.src.rpm
File outdated by:  RHSA-2004:166
    MD5: e68dc0c95aab8a27fbdd911925e7be0b
 
IA-32:
kernel-2.4.20-24.9.athlon.rpm
File outdated by:  RHSA-2004:166
    MD5: cd422af233db0164be1a66f69278fb0e
kernel-2.4.20-24.9.i386.rpm
File outdated by:  RHSA-2004:166
    MD5: e732e2ea47e5b07ad3ccebcdb9f96743
kernel-2.4.20-24.9.i586.rpm
File outdated by:  RHSA-2004:166
    MD5: 423f4ef61689574ce915d9c393e50987
kernel-2.4.20-24.9.i686.rpm
File outdated by:  RHSA-2004:166
    MD5: 84b5ebcabf19ed929120ecd70b3d09dc
kernel-BOOT-2.4.20-24.9.i386.rpm
File outdated by:  RHSA-2004:166
    MD5: f00e2c660038c2689c23d28b20da63d7
kernel-bigmem-2.4.20-24.9.i686.rpm
File outdated by:  RHSA-2004:166
    MD5: c95ab7333115db5be3a21c5d144db04b
kernel-doc-2.4.20-24.9.i386.rpm
File outdated by:  RHSA-2004:166
    MD5: 5f14574fc6248d02ea346adbf304a881
kernel-smp-2.4.20-24.9.athlon.rpm
File outdated by:  RHSA-2004:166
    MD5: 60e111499188473b79aa7fe4dfc4f553
kernel-smp-2.4.20-24.9.i586.rpm
File outdated by:  RHSA-2004:166
    MD5: 4121d90dfacd06d266d6b920c8b3b898
kernel-smp-2.4.20-24.9.i686.rpm
File outdated by:  RHSA-2004:166
    MD5: 58a563ee017283fc7a2843d2a5888986
kernel-source-2.4.20-24.9.i386.rpm
File outdated by:  RHSA-2004:166
    MD5: 536db3f62fb66ef96f6171c6f4788db4
 

References


Keywords

privesc


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/