Skip to navigation

Security Advisory kernel security update

Advisory: RHSA-2004:066-09
Type: Security Advisory
Severity: Important
Issued on: 2004-02-20
Last updated on: 2004-02-20
Affected Products: Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2004-0077

Details

Updated kernel packages that fix a security vulnerability that may allow
local users to gain root privileges are now available. These packages also
resolve other minor issues.

The Linux kernel handles the basic functions of the operating
system.

Paul Starzetz discovered a flaw in return value checking in mremap() in the
Linux kernel versions 2.4.24 and previous that may allow a local attacker
to gain root privileges. No exploit is currently available; however this
issue is exploitable. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.

All users are advised to upgrade to these errata packages, which contain
backported security patches that correct these issues.

Red Hat would like to thank Paul Starzetz from ISEC for reporting this issue.

For the IBM S/390 and IBM eServer zSeries architectures, the upstream
version of the s390utils package (which fixes a bug in the zipl
bootloader) is also included.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

Updated packages

Red Hat Enterprise Linux AS (v. 3)

SRPMS:
kernel-2.4.21-9.0.1.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e83988c03d2de9cbea71b3353ebabfaf
s390utils-1.2.4-3.src.rpm
File outdated by:  RHBA-2004:258
    MD5: 0785d3c8153ac9da0e7f9c7bcf856ff0
s390utils-1.2.4-3.src.rpm
File outdated by:  RHBA-2004:258
    MD5: 0785d3c8153ac9da0e7f9c7bcf856ff0
 
IA-32:
kernel-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 3682824cd3afe45ae0d1a42bdc00649f
kernel-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 21d70972866dbaebac7b49832c85b4ac
kernel-BOOT-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2a422029a324b71b91c4d8850808ec96
kernel-doc-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: fc869b3b9ffdabf4531acc08767d6d44
kernel-hugemem-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a1eb7a4a1b4aa43d047684e8aababd04
kernel-hugemem-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1cc969da0bf20b7b095518c1b60cec80
kernel-smp-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 464774de50bb2233e71b148bb202cbdb
kernel-smp-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 7709947b2b66a2085b43eb962d8f1c85
kernel-smp-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 805edccb7aed2490bdf13b9fc712cedb
kernel-smp-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: e53df49382dbca2253cee7b3e850b207
kernel-source-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 803e4ac1ea1e579f688183c1a5991c16
kernel-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 07b31f675849ab2895290289510dcfb4
kernel-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 36778138b5735e2994023bd13aa08daf
 
IA-64:
kernel-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 9b61e2264db6ba6c6b91a16286926f08
kernel-doc-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: a09be06ad4b3d5440c52ffcf9318c177
kernel-source-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: ea5688dd70ab2a780fe20661d82373e4
kernel-unsupported-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 9de00ca59530ff8e5177eafa17912e69
 
PPC:
kernel-2.4.21-9.0.1.EL.ppc64iseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: 611864738d21cc2e5a958b36de6886e6
kernel-2.4.21-9.0.1.EL.ppc64pseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: d4dd8a1c5ec8fe932959dc8b1b29981d
kernel-doc-2.4.21-9.0.1.EL.ppc64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 3a4258c1f4b8e649769d08f05729aa8f
kernel-source-2.4.21-9.0.1.EL.ppc64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 3a4fb1debb5d572bd8f3a0e208725fbd
kernel-unsupported-2.4.21-9.0.1.EL.ppc64iseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: 39ab89ad17b4de9fea0dea9c5aa83ef2
kernel-unsupported-2.4.21-9.0.1.EL.ppc64pseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4fc2d6dad2d465d660bc5c2d677a18a0
 
s390:
kernel-2.4.21-9.0.1.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: 10f10d26db5d74a86b112e3143caf4d2
kernel-doc-2.4.21-9.0.1.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: 6412762e1d44519d2d316c7c94dbd607
kernel-source-2.4.21-9.0.1.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: d49e34bab3d0265e734dca6bfe65373a
kernel-unsupported-2.4.21-9.0.1.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: e03009763c68ba558c261d245cc9faa3
s390utils-1.2.4-3.s390.rpm
File outdated by:  RHBA-2004:258
    MD5: 2421d9175012e807a3195221a57a5b4a
 
s390x:
kernel-2.4.21-9.0.1.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: 6636efb0a5a213d8639326c8a65a57b3
kernel-doc-2.4.21-9.0.1.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: ccbe194bd4f02fee8155ee65f18a0529
kernel-source-2.4.21-9.0.1.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: 12f9627ea99c284750b6ab277b9548e2
kernel-unsupported-2.4.21-9.0.1.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: b24e5e238052f197e29c531a4b39fa3f
s390utils-1.2.4-3.s390x.rpm
File outdated by:  RHBA-2004:258
    MD5: 427156c1eb15322da3c4887f8b6b2762
 
x86_64:
kernel-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2152dc5bb64f21d6e548c1492f054e33
kernel-doc-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0e1ad1b6893dddab831b8882d866793b
kernel-smp-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 392b5b99e396ba2c861d5ef787ef90cb
kernel-smp-unsupported-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: af47d1725e4beb186b27bf477976b8f0
kernel-source-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: af8a5ae66bd171fb0b6e92ba944d24ec
kernel-unsupported-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 49f0b538164e79fadb3bce9871c0f6d1
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
kernel-2.4.21-9.0.1.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e83988c03d2de9cbea71b3353ebabfaf
 
IA-32:
kernel-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 3682824cd3afe45ae0d1a42bdc00649f
kernel-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 21d70972866dbaebac7b49832c85b4ac
kernel-BOOT-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2a422029a324b71b91c4d8850808ec96
kernel-doc-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: fc869b3b9ffdabf4531acc08767d6d44
kernel-hugemem-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a1eb7a4a1b4aa43d047684e8aababd04
kernel-hugemem-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1cc969da0bf20b7b095518c1b60cec80
kernel-smp-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 464774de50bb2233e71b148bb202cbdb
kernel-smp-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 7709947b2b66a2085b43eb962d8f1c85
kernel-smp-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 805edccb7aed2490bdf13b9fc712cedb
kernel-smp-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: e53df49382dbca2253cee7b3e850b207
kernel-source-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 803e4ac1ea1e579f688183c1a5991c16
kernel-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 07b31f675849ab2895290289510dcfb4
kernel-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 36778138b5735e2994023bd13aa08daf
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
kernel-2.4.21-9.0.1.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e83988c03d2de9cbea71b3353ebabfaf
 
IA-32:
kernel-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 3682824cd3afe45ae0d1a42bdc00649f
kernel-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 21d70972866dbaebac7b49832c85b4ac
kernel-BOOT-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2a422029a324b71b91c4d8850808ec96
kernel-doc-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: fc869b3b9ffdabf4531acc08767d6d44
kernel-hugemem-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a1eb7a4a1b4aa43d047684e8aababd04
kernel-hugemem-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1cc969da0bf20b7b095518c1b60cec80
kernel-smp-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 464774de50bb2233e71b148bb202cbdb
kernel-smp-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 7709947b2b66a2085b43eb962d8f1c85
kernel-smp-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 805edccb7aed2490bdf13b9fc712cedb
kernel-smp-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: e53df49382dbca2253cee7b3e850b207
kernel-source-2.4.21-9.0.1.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 803e4ac1ea1e579f688183c1a5991c16
kernel-unsupported-2.4.21-9.0.1.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 07b31f675849ab2895290289510dcfb4
kernel-unsupported-2.4.21-9.0.1.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 36778138b5735e2994023bd13aa08daf
 
IA-64:
kernel-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 9b61e2264db6ba6c6b91a16286926f08
kernel-doc-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: a09be06ad4b3d5440c52ffcf9318c177
kernel-source-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: ea5688dd70ab2a780fe20661d82373e4
kernel-unsupported-2.4.21-9.0.1.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 9de00ca59530ff8e5177eafa17912e69
 
x86_64:
kernel-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2152dc5bb64f21d6e548c1492f054e33
kernel-doc-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0e1ad1b6893dddab831b8882d866793b
kernel-smp-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 392b5b99e396ba2c861d5ef787ef90cb
kernel-smp-unsupported-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: af47d1725e4beb186b27bf477976b8f0
kernel-source-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: af8a5ae66bd171fb0b6e92ba944d24ec
kernel-unsupported-2.4.21-9.0.1.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 49f0b538164e79fadb3bce9871c0f6d1
 

Bugs fixed (see bugzilla for more information)

112891 - OOM killer strikes with lots of free swap space
113517 - RHEL 3.0 smp hang using prctl( PR_SET_PDEATHSIG
115820 - CAN-2004-0077 Linux kernel do_mremap VMA limit local privilege escalation


References


Keywords

kernel, taroon, update


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/