Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0171 -- [RedHat] Important: kernel security and bug fix update 15 March 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Impact: Execute Arbitrary Code/Commands Denial of Service Access: Existing Account CVE Names: CVE-2007-0958 CVE-2007-0006 CVE-2007-0005 Ref: ESB-2007.0134 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0099.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2007:0099-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0099.html Issue date: 2007-03-14 Updated on: 2007-03-14 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0005 CVE-2007-0006 CVE-2007-0958 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the following security issues: * a flaw in the key serial number collision avoidance algorithm of the keyctl subsystem that allowed a local user to cause a denial of service (CVE-2007-0006, Important) * a flaw in the Omnikey CardMan 4040 driver that allowed a local user to execute arbitrary code with kernel privileges. In order to exploit this issue, the Omnikey CardMan 4040 PCMCIA card must be present and the local user must have access rights to the character device created by the driver. (CVE-2007-0005, Moderate) * a flaw in the core-dump handling that allowed a local user to create core dumps from unreadable binaries via PT_INTERP. (CVE-2007-0958, Low) In addition to the security issues described above, a fix for a kernel panic in the powernow-k8 module, and a fix for a kernel panic when booting the Xen domain-0 on system with large memory installations have been included. Red Hat would like to thank Daniel Roethlisberger for reporting an issue fixed in this erratum. Red Hat Enterprise Linux 5 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 229883 - CVE-2007-0006 Key serial number collision problem 229884 - CVE-2007-0005 Buffer Overflow in Omnikey CardMan 4040 cmx driver 229885 - CVE-2007-0958 core-dumping unreadable binaries via PT_INTERP 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm 2744fcbcfaf6da06a0f26c920d040b51 kernel-2.6.18-8.1.1.el5.src.rpm i386: f97e00e18601fd588bb5e920f5685f71 kernel-2.6.18-8.1.1.el5.i686.rpm b364467d99e079cb91759eb38dd7a1db kernel-PAE-2.6.18-8.1.1.el5.i686.rpm b45712015924d73159a895f10bad5e8b kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm 88ac0d2612d402800276d9da72db5b1e kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm 7fb8a3a50492064fbfba3ee05bcf1759 kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm 9b085bd3fc2faee25b4bee012cc7871a kernel-headers-2.6.18-8.1.1.el5.i386.rpm d6340ff404a26f3e475f183cefbaad71 kernel-xen-2.6.18-8.1.1.el5.i686.rpm e398acde099b0a0e3f5e65c4c9f07f90 kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm noarch: 8544c5c2ba06c1807756ea3f458bdbb7 kernel-doc-2.6.18-8.1.1.el5.noarch.rpm x86_64: ff57af3ca7970d24428155c5cd0c42ef kernel-2.6.18-8.1.1.el5.x86_64.rpm 41cbaa96be6d2e8edf5556f7aa827b49 kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm af0186afbfddf6cacb41648d26687242 kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm 57a6db9809542db62551864b92a944f7 kernel-headers-2.6.18-8.1.1.el5.x86_64.rpm c456f6bc5801e67a88c59be81019116f kernel-xen-2.6.18-8.1.1.el5.x86_64.rpm 022bd557cfcede11e7547c05d944b32d kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm 2744fcbcfaf6da06a0f26c920d040b51 kernel-2.6.18-8.1.1.el5.src.rpm i386: b45712015924d73159a895f10bad5e8b kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm dd24498506dafa2baaac2dbc73caf1df kernel-PAE-devel-2.6.18-8.1.1.el5.i686.rpm 88ac0d2612d402800276d9da72db5b1e kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm 7fb8a3a50492064fbfba3ee05bcf1759 kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm ada80c33f4246c176453cd7959131ff9 kernel-devel-2.6.18-8.1.1.el5.i686.rpm e398acde099b0a0e3f5e65c4c9f07f90 kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm 5178447f1a732ea42c18025b2e9b0d41 kernel-xen-devel-2.6.18-8.1.1.el5.i686.rpm x86_64: 41cbaa96be6d2e8edf5556f7aa827b49 kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm af0186afbfddf6cacb41648d26687242 kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm e9db5d366e74227fc07122d97fec7b95 kernel-devel-2.6.18-8.1.1.el5.x86_64.rpm 022bd557cfcede11e7547c05d944b32d kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm a5ea0c18641105e334229134225a78de kernel-xen-devel-2.6.18-8.1.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm 2744fcbcfaf6da06a0f26c920d040b51 kernel-2.6.18-8.1.1.el5.src.rpm i386: f97e00e18601fd588bb5e920f5685f71 kernel-2.6.18-8.1.1.el5.i686.rpm b364467d99e079cb91759eb38dd7a1db kernel-PAE-2.6.18-8.1.1.el5.i686.rpm b45712015924d73159a895f10bad5e8b kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm dd24498506dafa2baaac2dbc73caf1df kernel-PAE-devel-2.6.18-8.1.1.el5.i686.rpm 88ac0d2612d402800276d9da72db5b1e kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm 7fb8a3a50492064fbfba3ee05bcf1759 kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm ada80c33f4246c176453cd7959131ff9 kernel-devel-2.6.18-8.1.1.el5.i686.rpm 9b085bd3fc2faee25b4bee012cc7871a kernel-headers-2.6.18-8.1.1.el5.i386.rpm d6340ff404a26f3e475f183cefbaad71 kernel-xen-2.6.18-8.1.1.el5.i686.rpm e398acde099b0a0e3f5e65c4c9f07f90 kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm 5178447f1a732ea42c18025b2e9b0d41 kernel-xen-devel-2.6.18-8.1.1.el5.i686.rpm ia64: 2905b52ebddeba1c913612fba91fee3e kernel-2.6.18-8.1.1.el5.ia64.rpm 33ea96f6b26b1784d9795cedc6d6335a kernel-debuginfo-2.6.18-8.1.1.el5.ia64.rpm 8cb4bacb8954ad5f1bcc0a5356475fa2 kernel-debuginfo-common-2.6.18-8.1.1.el5.ia64.rpm c9c53f487bbe1600b2ba0fc0ce3e94ca kernel-devel-2.6.18-8.1.1.el5.ia64.rpm d1f64119e9583e1880f7512106b3664b kernel-headers-2.6.18-8.1.1.el5.ia64.rpm e890b7d7b3181afc5bfad05d746e840b kernel-xen-2.6.18-8.1.1.el5.ia64.rpm be8a6439137ad9e09dac6f61d3d4bb45 kernel-xen-debuginfo-2.6.18-8.1.1.el5.ia64.rpm 403efa13018904be8730c28fa8028409 kernel-xen-devel-2.6.18-8.1.1.el5.ia64.rpm noarch: 8544c5c2ba06c1807756ea3f458bdbb7 kernel-doc-2.6.18-8.1.1.el5.noarch.rpm ppc: 4285e4fad7664624ab5971bebea97232 kernel-2.6.18-8.1.1.el5.ppc64.rpm 690a4c1c19744caff06cbcdab223b07d kernel-debuginfo-2.6.18-8.1.1.el5.ppc64.rpm 57c57d363cb309a212b96dc5172d70a2 kernel-debuginfo-common-2.6.18-8.1.1.el5.ppc64.rpm ba5d5adbc2026218f3a5cd5f8eeba504 kernel-devel-2.6.18-8.1.1.el5.ppc64.rpm 2245c81f05272e33663a1730c6aeabdb kernel-headers-2.6.18-8.1.1.el5.ppc.rpm c6ab8bde7c3587a776763075b5fcc697 kernel-headers-2.6.18-8.1.1.el5.ppc64.rpm d0c2637b7452cbb5d96173ec5b706a3e kernel-kdump-2.6.18-8.1.1.el5.ppc64.rpm b3ab64773b3ab428cb82a7f07152e522 kernel-kdump-debuginfo-2.6.18-8.1.1.el5.ppc64.rpm 64fe4b732f36c36d8132f257ee13510d kernel-kdump-devel-2.6.18-8.1.1.el5.ppc64.rpm s390x: fcc9f91e038e5eb07d5aa1945e5a13c0 kernel-2.6.18-8.1.1.el5.s390x.rpm cf0e1211688ce1cab455a17824bf3996 kernel-debuginfo-2.6.18-8.1.1.el5.s390x.rpm f709be36f5639feeb905061ee4af627f kernel-debuginfo-common-2.6.18-8.1.1.el5.s390x.rpm 3495075c9d16f20ffc93f4cb1f0d3492 kernel-devel-2.6.18-8.1.1.el5.s390x.rpm 553a860b06c29d549eb2da4ff345542a kernel-headers-2.6.18-8.1.1.el5.s390x.rpm x86_64: ff57af3ca7970d24428155c5cd0c42ef kernel-2.6.18-8.1.1.el5.x86_64.rpm 41cbaa96be6d2e8edf5556f7aa827b49 kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm af0186afbfddf6cacb41648d26687242 kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm e9db5d366e74227fc07122d97fec7b95 kernel-devel-2.6.18-8.1.1.el5.x86_64.rpm 57a6db9809542db62551864b92a944f7 kernel-headers-2.6.18-8.1.1.el5.x86_64.rpm c456f6bc5801e67a88c59be81019116f kernel-xen-2.6.18-8.1.1.el5.x86_64.rpm 022bd557cfcede11e7547c05d944b32d kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm a5ea0c18641105e334229134225a78de kernel-xen-devel-2.6.18-8.1.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0958 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF+Ba3XlSAg2UNWIIRAiJFAJ9WpKlmJDZ/dOrFc15AvSczu78gHQCfbSuf NbBnLywxwu+CccNecVS1ty4= =jYrU - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRfin5ih9+71yA2DNAQIbTQP+IeSbhSZV/ns8DJynqoU+CrBJUkt/sIiw dmPBo96SbbM1UKf1iC+Dbf3Df5tu01vUAkkAMNf9Bty0WE2B5Cbq56/JDPLtDwRk Cjn9NI6VpqYCy/4Couq+vMTDt8M2FSq7UQY1Mj4odNV+dGL+XKrUMx26w2lK1+9e 7+agecUtDsA= =bZ1w -----END PGP SIGNATURE-----