Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2001.465 -- RHSA-2001:129-05
New kernel 2.4 packages are available
2 November 2001
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel 2.4
Vendor: Red Hat
Operating System: Red Hat Linux 7.1
Red Hat Linux 7.2
Impact: Root Compromise
Access Required: Existing Account
- --------------------------BEGIN INCLUDED TEXT--------------------
- ---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New kernel 2.4 packages are available
Advisory ID: RHSA-2001:129-10
Issue date: 2001-10-09
Updated on: 2001-10-19
Product: Red Hat Linux
Keywords: ptrace local root kernel
Cross references:
Obsoletes:
- ---------------------------------------------------------------------
1. Topic:
A vulnerability has been found in the ptrace code of the kernel (ptrace is
the part that allows program debuggers to run) that could be abused by
local users to gain root privileges.
2001-10-22: Kernel updates are now available for Red Hat Linux 7.2.
2. Relevant releases/architectures:
Red Hat Linux 7.1 - alpha, i386, i586, i686, ia64, noarch
Red Hat Linux 7.2 - athlon, i386, i586, i686
3. Problem description:
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
The procedure for upgrading the kernel is documented at:
http://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html
Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.
Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
6. RPMs required:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.9-6.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/initscripts-5.84.1-1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/filesystem-2.1.0-2.1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/mkinitrd-3.2.6-1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/e2fsprogs-1.23-1.7.1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/tux-2.1.0-2.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/modutils-2.4.6-4.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-source-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-headers-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-doc-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-smp-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-BOOT-2.4.9-6.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/initscripts-5.84.1-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/mkinitrd-3.2.6-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/e2fsprogs-1.23-1.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/e2fsprogs-devel-1.23-1.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tux-2.1.0-2.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/modutils-2.4.6-4.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-headers-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.9-6.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/initscripts-5.84.1-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/mkinitrd-3.2.6-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/e2fsprogs-1.23-1.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/e2fsprogs-devel-1.23-1.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tux-2.1.0-2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/modutils-2.4.6-4.i386.rpm
i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.9-6.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.9-6.i586.rpm
i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.9-6.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.9-6.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-enterprise-2.4.9-6.i686.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-source-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-headers-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-doc-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-smp-2.4.9-6.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/initscripts-5.84.1-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/mkinitrd-3.2.6-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/e2fsprogs-1.23-1.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/e2fsprogs-devel-1.23-1.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tux-2.1.0-2.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/modutils-2.4.6-4.ia64.rpm
noarch:
ftp://updates.redhat.com/7.1/en/os/noarch/filesystem-2.1.0-2.1.noarch.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.9-7.src.rpm
athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.9-7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.9-7.athlon.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.9-7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.9-7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-headers-2.4.9-7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.9-7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.9-7.i386.rpm
i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.9-7.i586.rpm
i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.9-7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.9-7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-enterprise-2.4.9-7.i686.rpm
7. Verification:
MD5 sum Package Name
- --------------------------------------------------------------------------
c0de6c2dc68b7fd8c2387a609f831300 7.1/en/os/SRPMS/e2fsprogs-1.23-1.7.1.src.rpm
f1b186064204b0847d65e5ed410326c0 7.1/en/os/SRPMS/filesystem-2.1.0-2.1.src.rpm
0a9eabee87e02f38daac18608c700602 7.1/en/os/SRPMS/initscripts-5.84.1-1.src.rpm
ade852159b65d73889ae3b6a81bca7fc 7.1/en/os/SRPMS/kernel-2.4.9-6.src.rpm
afcbfa7fcb7c15bc39db1fd4fb7ceb0d 7.1/en/os/SRPMS/mkinitrd-3.2.6-1.src.rpm
ceb368d11b19472703996d4a74a80b4b 7.1/en/os/SRPMS/modutils-2.4.6-4.src.rpm
69ee0f556efb223f0b83cd242328777f 7.1/en/os/SRPMS/tux-2.1.0-2.src.rpm
1b288a8f56975831d016fd367f2fcf9a 7.1/en/os/alpha/e2fsprogs-1.23-1.7.1.alpha.rpm
98335c23fa4002f5f7fbc4ddff7cf7f3 7.1/en/os/alpha/e2fsprogs-devel-1.23-1.7.1.alpha.rpm
545c22afe254117c978f60508d617e21 7.1/en/os/alpha/initscripts-5.84.1-1.alpha.rpm
6c7524b6c96ef1a8b0877041fa1b8713 7.1/en/os/alpha/kernel-2.4.9-6.alpha.rpm
b81e3e4fcf47c2b69ec863fa3e38ba0c 7.1/en/os/alpha/kernel-BOOT-2.4.9-6.alpha.rpm
cc0e07a8431d3abb2213a47f4c035c18 7.1/en/os/alpha/kernel-doc-2.4.9-6.alpha.rpm
cf170c33eed766795529a2fa25f5347f 7.1/en/os/alpha/kernel-headers-2.4.9-6.alpha.rpm
a06ef52b0f35d5b7cbf0bcbb6cf3c126 7.1/en/os/alpha/kernel-smp-2.4.9-6.alpha.rpm
ee5d668bca79e61169dff2cac03923a9 7.1/en/os/alpha/kernel-source-2.4.9-6.alpha.rpm
6b72c828a17d10d584e6a456ec58cb8e 7.1/en/os/alpha/mkinitrd-3.2.6-1.alpha.rpm
523cb756275604b76df81edce0aa96dd 7.1/en/os/alpha/modutils-2.4.6-4.alpha.rpm
214ec9cb9c826f532aa22549215b624d 7.1/en/os/alpha/tux-2.1.0-2.alpha.rpm
10429f3d3ec1c0efb63cdabdc732d3f8 7.1/en/os/i386/e2fsprogs-1.23-1.7.1.i386.rpm
f95277f4257eeaa1af44c0dc4f88c89d 7.1/en/os/i386/e2fsprogs-devel-1.23-1.7.1.i386.rpm
684f6a19a6b5a4a6ed12193216df7a28 7.1/en/os/i386/initscripts-5.84.1-1.i386.rpm
973a8b27ca9e8ee8a782f8828049d1a3 7.1/en/os/i386/kernel-2.4.9-6.i386.rpm
03b81b6ee99298b80a639a566e010984 7.1/en/os/i386/kernel-BOOT-2.4.9-6.i386.rpm
740a3a9798ac5c09dc63244cc68245ad 7.1/en/os/i386/kernel-doc-2.4.9-6.i386.rpm
87d776c849b1e5e0a3768200d9ea7905 7.1/en/os/i386/kernel-headers-2.4.9-6.i386.rpm
79fe87b50f4b246de850699e38a98b79 7.1/en/os/i386/kernel-source-2.4.9-6.i386.rpm
fb4e7b2b6b75bc546ec5681fd6039bff 7.1/en/os/i386/mkinitrd-3.2.6-1.i386.rpm
30bf3dada85275f85e77e5362eb4c008 7.1/en/os/i386/modutils-2.4.6-4.i386.rpm
ddb1a483f925f7a9a15710b0ac463264 7.1/en/os/i386/tux-2.1.0-2.i386.rpm
5791131b49492d35059cd9e9522fa93e 7.1/en/os/i586/kernel-2.4.9-6.i586.rpm
835c39b74fc422bd71a35971680bbf59 7.1/en/os/i586/kernel-smp-2.4.9-6.i586.rpm
c1ed1963d569389452c2d0af69a0820a 7.1/en/os/i686/kernel-2.4.9-6.i686.rpm
e26159a6f77e6c6be26cbe224616bf32 7.1/en/os/i686/kernel-enterprise-2.4.9-6.i686.rpm
fe3a3765b0f9f1271c22a961381f3ae1 7.1/en/os/i686/kernel-smp-2.4.9-6.i686.rpm
9377ec21ca85bae2145ed15a3ddbed25 7.1/en/os/ia64/e2fsprogs-1.23-1.7.1.ia64.rpm
0d1adb9da84f92fefedb42740ac79ecf 7.1/en/os/ia64/e2fsprogs-devel-1.23-1.7.1.ia64.rpm
3c402853c7e902c63af9ee6a69347dc6 7.1/en/os/ia64/initscripts-5.84.1-1.ia64.rpm
46300b1cd84ef06e2e22826501101bb5 7.1/en/os/ia64/kernel-2.4.9-6.ia64.rpm
97bea74c79f97f68e3527e487c69c700 7.1/en/os/ia64/kernel-doc-2.4.9-6.ia64.rpm
0c0ac573d838a737232ef460192e641b 7.1/en/os/ia64/kernel-headers-2.4.9-6.ia64.rpm
ef0650b6f73a3e2451450ffa03a0ccfa 7.1/en/os/ia64/kernel-smp-2.4.9-6.ia64.rpm
fc2b5c49995bb3b4c656992325760ea8 7.1/en/os/ia64/kernel-source-2.4.9-6.ia64.rpm
79e2cae63dcb4470f5f83c9e4edb997e 7.1/en/os/ia64/mkinitrd-3.2.6-1.ia64.rpm
c976c028f57bef2caa4da97f0d95dbc2 7.1/en/os/ia64/modutils-2.4.6-4.ia64.rpm
6b372e64d483bc180e63a9a58e10fcd6 7.1/en/os/ia64/tux-2.1.0-2.ia64.rpm
cbebb62e10affc94f4896caf149dfac2 7.1/en/os/noarch/filesystem-2.1.0-2.1.noarch.rpm
c9bb4f2cbeb520af7eb69c6f6336f338 7.2/en/os/SRPMS/kernel-2.4.9-7.src.rpm
a40e0a289e3a1a454d9e88e38ffb1e7e 7.2/en/os/athlon/kernel-2.4.9-7.athlon.rpm
dd0dbc77a1771ed1a01ef5281bce163d 7.2/en/os/athlon/kernel-smp-2.4.9-7.athlon.rpm
99e1f72271c41273140e7804b3e87b17 7.2/en/os/i386/kernel-2.4.9-7.i386.rpm
74ec63baa96425fbef34f177653fa181 7.2/en/os/i386/kernel-BOOT-2.4.9-7.i386.rpm
3103e3da5a86c63cbd5b87bb4d9b5e7c 7.2/en/os/i386/kernel-doc-2.4.9-7.i386.rpm
236e612b7601f52e07662ff11dee574d 7.2/en/os/i386/kernel-headers-2.4.9-7.i386.rpm
832a4f7da767cd89ba70cf986badcd23 7.2/en/os/i386/kernel-source-2.4.9-7.i386.rpm
e67e42f9032c852572f4537f942db83b 7.2/en/os/i586/kernel-smp-2.4.9-7.i586.rpm
e8aefad583d9cc59c310f55371669140 7.2/en/os/i686/kernel-2.4.9-7.i686.rpm
58be178f5c349f9c09f001b3e48af5db 7.2/en/os/i686/kernel-enterprise-2.4.9-7.i686.rpm
d1d2e0d1f3ed304383439077012726b1 7.2/en/os/i686/kernel-smp-2.4.9-7.i686.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact/pgpkey.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg <filename>
8. References:
Copyright(c) 2000, 2001 Red Hat, Inc.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/Information/advisories.html
If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for emergencies.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key
iQCVAwUBO+KfRSh9+71yA2DNAQFrMgP8C9t2YiIviFhGaSL7nvd3HtZV3JHTgi2c
vynMK5HV/NNDgzEV27uM9x9f7c4ypRVVPhgZpDdOx8osnn8diNWk9CZrxAQ+XR6W
3Ehw/PsnlXQS15eoYEl6vpRU9u6l3pngXFejIqRwDL4a9XKdq00ow8Vb9/4SLkjN
RhAcbG0Azr8=
=lGyZ
-----END PGP SIGNATURE-----