Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2001.072 -- RHSA-2001:013-05
Three security holes fixed in new kernel
19 February 2001
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Vendor: Red Hat
Operating System: Red Hat Linux 6.x
Red Hat Linux 7.0
Platform: Alpha
i386
i586
i686
Sparc
Sparc64
Impact: Root Compromise
Denial of Service
Access Required: Existing Account
- --------------------------BEGIN INCLUDED TEXT--------------------
- ---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Three security holes fixed in new kernel
Advisory ID: RHSA-2001:013-05
Issue date: 2001-02-08
Updated on: 2001-02-08
Product: Red Hat Linux
Keywords: sysctl ptrace mxcsr P4
Cross references:
Obsoletes:
- ---------------------------------------------------------------------
1. Topic:
Three security holes fixed in new kernel, and several other
updates and bug fixes have been applied as well.
2. Relevant releases/architectures:
Red Hat Linux 6.x - alpha, i386, i586, i686, sparc, sparc64
Red Hat Linux 7.0 - alpha, i386, i586, i686
3. Problem description:
Three security holes have been fixed in the kernel. One involves
ptrace, another involves sysctl, and the last is specific to some
Intel CPUs. All three security holes involve local access only
(they do not provide a hole to remote attackers without a local
account). The ptrace and sysctl bugs provide local users with the
potential to compromise the root account. Neither has an active
exploit available at the time of this writing. The last security
hole is a DOS (Denial Of Service) that does not provide access to
the root account but does allow any user with shell access the
ability to halt the CPU.
All users are strongly recommended to upgrade.
In addition to the security fixes, these kernels contain more
advanced support for the Intel Pentium 4 processors, as well as
a number of driver updates. These updates include e100, sis900,
cs46xx, qla1x160, qla2x00, ServeRAID, and ipvs.
In addition, a number of other bugs have been fixed. Most notably,
the RAW I/O facility could corrupt data under certain usage patterns.
4. Solution:
Upgrade to kernel-2.2.17-14
The procedure for upgrading the kernel is documented at:
http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html
Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
24737 - make oldconfig on SMP Alphas
21514 - problem with module sis900.o
21654 - PANIC: failed to set gid
6. RPMs required:
Red Hat Linux 6.x:
SRPMS:
ftp://updates.redhat.com/6.2/SRPMS/kernel-2.2.17-14.src.rpm
alpha:
ftp://updates.redhat.com/6.2/alpha/kernel-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-smp-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-enterprise-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-BOOT-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-source-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-doc-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-utils-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/kernel-headers-2.2.16-3.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/i386/kernel-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-smp-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-BOOT-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-pcmcia-cs-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-ibcs-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-source-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-doc-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-utils-2.2.17-14.i386.rpm
ftp://updates.redhat.com/6.2/i386/kernel-headers-2.2.16-3.i386.rpm
i586:
ftp://updates.redhat.com/6.2/i586/kernel-2.2.17-14.i586.rpm
ftp://updates.redhat.com/6.2/i586/kernel-smp-2.2.17-14.i586.rpm
i686:
ftp://updates.redhat.com/6.2/i686/kernel-2.2.17-14.i686.rpm
ftp://updates.redhat.com/6.2/i686/kernel-smp-2.2.17-14.i686.rpm
ftp://updates.redhat.com/6.2/i686/kernel-enterprise-2.2.17-14.i686.rpm
sparc:
ftp://updates.redhat.com/6.2/sparc/kernel-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-smp-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-smp-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-enterprise-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-enterprise-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-BOOT-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-BOOT-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-source-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-doc-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-utils-2.2.17-14.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/kernel-headers-2.2.16-3.sparc.rpm
sparc64:
ftp://updates.redhat.com/6.2/sparc64/kernel-2.2.17-14.sparc64.rpm
ftp://updates.redhat.com/6.2/sparc64/kernel-smp-2.2.17-14.sparc64.rpm
ftp://updates.redhat.com/6.2/sparc64/kernel-enterprise-2.2.17-14.sparc64.rpm
ftp://updates.redhat.com/6.2/sparc64/kernel-BOOT-2.2.17-14.sparc64.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/SRPMS/kernel-2.2.17-14.src.rpm
alpha:
ftp://updates.redhat.com/7.0/alpha/kernel-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-smp-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-enterprise-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-BOOT-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-source-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-doc-2.2.17-14.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/kernel-utils-2.2.17-14.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/i386/kernel-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-smp-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-BOOT-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-pcmcia-cs-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-ibcs-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-source-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-doc-2.2.17-14.i386.rpm
ftp://updates.redhat.com/7.0/i386/kernel-utils-2.2.17-14.i386.rpm
i586:
ftp://updates.redhat.com/7.0/i586/kernel-2.2.17-14.i586.rpm
ftp://updates.redhat.com/7.0/i586/kernel-smp-2.2.17-14.i586.rpm
i686:
ftp://updates.redhat.com/7.0/i686/kernel-2.2.17-14.i686.rpm
ftp://updates.redhat.com/7.0/i686/kernel-smp-2.2.17-14.i686.rpm
ftp://updates.redhat.com/7.0/i686/kernel-enterprise-2.2.17-14.i686.rpm
7. Verification:
MD5 sum Package Name
- --------------------------------------------------------------------------
0fbeeba0bdcb5b7d97928726d81a48d5 6.2/SRPMS/kernel-2.2.17-14.src.rpm
94a66e9957b5f6183cd2048c37d627e6 6.2/alpha/kernel-2.2.17-14.alpha.rpm
4c2de8af30a1f0e7a5df3e0c327ce012 6.2/alpha/kernel-BOOT-2.2.17-14.alpha.rpm
bf44ed30edb776903e362203ed7c790d 6.2/alpha/kernel-doc-2.2.17-14.alpha.rpm
ae5cda1426dac598d372da0412ec3396 6.2/alpha/kernel-enterprise-2.2.17-14.alpha.rpm
1555c9e448523f168ba37423c912d96f 6.2/alpha/kernel-headers-2.2.16-3.alpha.rpm
12bffd53a573138c5f307d5debc7032b 6.2/alpha/kernel-smp-2.2.17-14.alpha.rpm
accd11c1a755f9ddbccaa3b78868c22d 6.2/alpha/kernel-source-2.2.17-14.alpha.rpm
28c6d9fb21ad9000ae4014a32c8b7ee0 6.2/alpha/kernel-utils-2.2.17-14.alpha.rpm
b32465d6af49869d91165754c4f417b2 6.2/i386/kernel-2.2.17-14.i386.rpm
e684d42f07694423d2ca7545dd941607 6.2/i386/kernel-BOOT-2.2.17-14.i386.rpm
458aacd81c6901c5b12e2694d61cef51 6.2/i386/kernel-doc-2.2.17-14.i386.rpm
cb7f09603ffde7c618ebfe25bf137994 6.2/i386/kernel-headers-2.2.16-3.i386.rpm
1dd67a1bdd6828fc5e68a01ce0941680 6.2/i386/kernel-ibcs-2.2.17-14.i386.rpm
5e68fbca7e26bc9007563f33f5faab7a 6.2/i386/kernel-pcmcia-cs-2.2.17-14.i386.rpm
1a7c5b4577a1e9cf279814ed8671bc33 6.2/i386/kernel-smp-2.2.17-14.i386.rpm
7b8467c5be0d394e40b426260f401735 6.2/i386/kernel-source-2.2.17-14.i386.rpm
d0a17158357d0825da13565114301a26 6.2/i386/kernel-utils-2.2.17-14.i386.rpm
9345ff97a923baf3d3f9b5898115407c 6.2/i586/kernel-2.2.17-14.i586.rpm
1a2e9c58b1287d59a02a2302c67d25ee 6.2/i586/kernel-smp-2.2.17-14.i586.rpm
e76faf7322d2cb16db6d68a4f26d0615 6.2/i686/kernel-2.2.17-14.i686.rpm
4d3838de0d64a73628a075cd31306ab5 6.2/i686/kernel-enterprise-2.2.17-14.i686.rpm
19a6315c05d73b612307c4083d84aa1f 6.2/i686/kernel-smp-2.2.17-14.i686.rpm
821850c50fc5bd4d4b12a70cd169c1a9 6.2/sparc/kernel-2.2.17-14.sparc.rpm
5afc4883572aa658aeb2b3f6e81795fe 6.2/sparc/kernel-BOOT-2.2.17-14.sparc.rpm
e64efcf1d5e1f3c89e019e74c2f807b3 6.2/sparc/kernel-doc-2.2.17-14.sparc.rpm
1fd07fb2a3e5fb195994d46c52a2e3f3 6.2/sparc/kernel-enterprise-2.2.17-14.sparc.rpm
28ef48469ef0d6979c3b6fdfff417a94 6.2/sparc/kernel-headers-2.2.16-3.sparc.rpm
74b02c35181f4c124948dc7857a812a7 6.2/sparc/kernel-smp-2.2.17-14.sparc.rpm
f29edc673e900e2e4b5b2dab4c936229 6.2/sparc/kernel-source-2.2.17-14.sparc.rpm
57d7bbf1a67c88bc045cc967acbaa835 6.2/sparc/kernel-utils-2.2.17-14.sparc.rpm
b966c86487d3b4363b0006d4967cc6f5 6.2/sparc64/kernel-2.2.17-14.sparc64.rpm
60785d7a36dda52e8309ee8db16bc507 6.2/sparc64/kernel-BOOT-2.2.17-14.sparc64.rpm
ec43d4f425cc694cb094f4bb4411718a 6.2/sparc64/kernel-enterprise-2.2.17-14.sparc64.rpm
4926009e503b50e479e4a91c33a40b6d 6.2/sparc64/kernel-smp-2.2.17-14.sparc64.rpm
ec73ecb5087782190aa87c6de38f1944 7.0/SRPMS/kernel-2.2.17-14.src.rpm
16836dc9b811aa920f27b9f4645c77d2 7.0/alpha/kernel-2.2.17-14.alpha.rpm
30805edc55754b6b5823c14adeadaed6 7.0/alpha/kernel-BOOT-2.2.17-14.alpha.rpm
4f4f52c13a014d9a3241ef65b097735b 7.0/alpha/kernel-doc-2.2.17-14.alpha.rpm
e51a30641955a2f1d74e7946cd1ec848 7.0/alpha/kernel-enterprise-2.2.17-14.alpha.rpm
cce161a3ca87b6a6fd913f0edfc1571e 7.0/alpha/kernel-smp-2.2.17-14.alpha.rpm
6416073893f16f2a4f665a05be9ec2e1 7.0/alpha/kernel-source-2.2.17-14.alpha.rpm
d1722cd0fbc15d45d5f0da21bc527b49 7.0/alpha/kernel-utils-2.2.17-14.alpha.rpm
c98c5a8f5cf6e2cd95498123d364254a 7.0/i386/kernel-2.2.17-14.i386.rpm
68eb1561679fa6a2591f24717b3b9b97 7.0/i386/kernel-BOOT-2.2.17-14.i386.rpm
50d5d81d798073ea9c16324ccda95921 7.0/i386/kernel-doc-2.2.17-14.i386.rpm
d7294666ff8f97a063f533100425ae83 7.0/i386/kernel-ibcs-2.2.17-14.i386.rpm
43885937a0b912dd56bb562f578f63a2 7.0/i386/kernel-pcmcia-cs-2.2.17-14.i386.rpm
0dcf34126e88dfbee8bd0f79a2e7089f 7.0/i386/kernel-smp-2.2.17-14.i386.rpm
f4d428e89aaa6a78c3714cc554f92ce5 7.0/i386/kernel-source-2.2.17-14.i386.rpm
c1c1adfec112d216e15a939a708c3c12 7.0/i386/kernel-utils-2.2.17-14.i386.rpm
89fa2189731d4053e966e7559ae525f1 7.0/i586/kernel-2.2.17-14.i586.rpm
adb2fd91b3283711ac25c719eb612058 7.0/i586/kernel-smp-2.2.17-14.i586.rpm
78db07ab97326c16586379f1a6cb95c6 7.0/i686/kernel-2.2.17-14.i686.rpm
b78434588b1dd4a184169a483fadfb77 7.0/i686/kernel-enterprise-2.2.17-14.i686.rpm
0cfa860325f25ef78e192beee8a66a3c 7.0/i686/kernel-smp-2.2.17-14.i686.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg <filename>
8. References:
Thanks to Solar Designer for finding the sysctl bug, and
for the versions of the sysctl and ptrace patches we used.
Copyright(c) 2000, 2001 Red Hat, Inc.
- --------------------------END INCLUDED TEXT--------------------
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/Information/advisories.html
If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for emergencies.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key
iQCVAwUBOpD/GCh9+71yA2DNAQH5lwP7Bz/p6aOH2vID53I3LHEfo17rMhAdro5x
97bYj6zB/EtKf1y5HCV+CKs8gmgN6FxvlX63ngU2hhWA4KTEKXNBld7XFDHgaUAf
RwE9R5h3r/PSUe5ETMWuhKdZ+y+FnkdnaWhQbtIyXTUIyV1HjU8qoqpV4eY0qj0M
vvi8lts0dPk=
=bImc
-----END PGP SIGNATURE-----