-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0623 -- [RedHat]
                Moderate: kernel security and bugfix update
                              17 August 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux 3
Impact:               Denial of Service
                      Increased Privileges
                      Reduced Security
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-1353 CVE-2007-1217

Ref:                  ESB-2007.0607

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0671.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: kernel security and bugfix update
Advisory ID:       RHSA-2007:0671-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0671.html
Issue date:        2007-08-16
Updated on:        2007-08-16
Product:           Red Hat Enterprise Linux
Keywords:          taroon kernel security errata
Obsoletes:         RHSA-2007:0436
CVE Names:         CVE-2007-1217 CVE-2007-1353 
- - ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues and bugs in the
Red Hat Enterprise Linux 3 kernel are now available.

This security advisory has been rated as having moderate security impact
by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

* a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a
denial of service or potential privilege escalation. (CVE-2007-1217, Moderate)

* a flaw in the Bluetooth subsystem that allowed a local user to trigger an
information leak. (CVE-2007-1353, Low) 

In addition to the security issues described above, fixes for the following
have been included:

* a race condition in the e1000 network driver that could cause ESB2
systems to be started without the RX unit being turned on. 

* a related e1000 bug on ESB2 systems that could cause rlogin to fail.

Red Hat would like to thank Ilja van Sprundel for reporting an issue fixed
in this erratum. 

Note: The kernel-unsupported package contains various drivers and modules
that are unsupported and therefore might contain security problems that
have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels
to the packages associated with their machine architecture and
configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

231069 - CVE-2007-1217 Overflow in CAPI subsystem
234294 - CVE-2007-1353 Bluetooth setsockopt() information leaks

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm
3e94648c83b62fb9cc401b53ca5f6096  kernel-2.4.21-51.EL.src.rpm

i386:
1b001b9748c4626e16e3eec657b65e1b  kernel-2.4.21-51.EL.athlon.rpm
81412b55ba69d85064b55114fc4cadd3  kernel-2.4.21-51.EL.i686.rpm
45e16d49aa290a4bd0efe33bba627f5b  kernel-BOOT-2.4.21-51.EL.i386.rpm
fded238337854d3044eb5004996b36a6  kernel-debuginfo-2.4.21-51.EL.athlon.rpm
db091f1f057aa3aeb3134352151e6246  kernel-debuginfo-2.4.21-51.EL.i386.rpm
953fb8b53bf60d64a250c2d9cd6e956d  kernel-debuginfo-2.4.21-51.EL.i686.rpm
32eb10ebb7e3c890cea0da9f49c6d56a  kernel-doc-2.4.21-51.EL.i386.rpm
d5bffec510ed2d2c09edb881bcbb19bb  kernel-hugemem-2.4.21-51.EL.i686.rpm
9e4729d4981d0f371b9e34d3b04badd6  kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm
3336bf85d01e863d41a021a348088216  kernel-smp-2.4.21-51.EL.athlon.rpm
b98cf89374f00c81691ee57392b1d768  kernel-smp-2.4.21-51.EL.i686.rpm
f1e7de77a0acbe3d007571d38b84947a  kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm
2ad659821179db2f3a78d44ce62990de  kernel-smp-unsupported-2.4.21-51.EL.i686.rpm
4a2dcd9e3b3c1db9152f4415e5a1699a  kernel-source-2.4.21-51.EL.i386.rpm
6aa9025e30a16389480c4ccadaa9057f  kernel-unsupported-2.4.21-51.EL.athlon.rpm
c442a88cf82f11be01e0a335cc3c0856  kernel-unsupported-2.4.21-51.EL.i686.rpm

ia64:
f43eba731b22b5956aabaccff6c70abe  kernel-2.4.21-51.EL.ia64.rpm
80ed8856d2713f931b8543926d29d4a8  kernel-debuginfo-2.4.21-51.EL.ia64.rpm
2209a4a2680c0eb7acee8df8d47d4028  kernel-doc-2.4.21-51.EL.ia64.rpm
863b02755f6641944114f052ad3e9a0e  kernel-source-2.4.21-51.EL.ia64.rpm
8f84b0001c83b99fddbd28bcde5f806f  kernel-unsupported-2.4.21-51.EL.ia64.rpm

ppc:
5da6c0c9a5f0ac9c328fdb4b711299ad  kernel-2.4.21-51.EL.ppc64iseries.rpm
f5400b322cfaee4392aaf3771e73d157  kernel-2.4.21-51.EL.ppc64pseries.rpm
01b2f5c1155fb3f0774eda66571b3666  kernel-debuginfo-2.4.21-51.EL.ppc64.rpm
08805438592e26ae2ba699ea1196ee1e  kernel-debuginfo-2.4.21-51.EL.ppc64iseries.rpm
fe6024efc0f249d880059deca27a4cf2  kernel-debuginfo-2.4.21-51.EL.ppc64pseries.rpm
5ce4268e6403de5f971457ea229e451d  kernel-doc-2.4.21-51.EL.ppc64.rpm
e2cddede0dbeadb64bea2266ed2a0a8d  kernel-source-2.4.21-51.EL.ppc64.rpm
08561aeefce58d9a685da5da95118348  kernel-unsupported-2.4.21-51.EL.ppc64iseries.rpm
41003f17bf7da307c97b2c754a4b5621  kernel-unsupported-2.4.21-51.EL.ppc64pseries.rpm

s390:
18e99d6dd147612fa221ed6c64345ed7  kernel-2.4.21-51.EL.s390.rpm
98808ddf3c5566588819ef8fc9eae930  kernel-debuginfo-2.4.21-51.EL.s390.rpm
c0061a5cae943a826d56e996a22d4c1b  kernel-doc-2.4.21-51.EL.s390.rpm
1e94e756a1ad2778f384639abeaac3cf  kernel-source-2.4.21-51.EL.s390.rpm
3125a4e5c820acb28307d5dd1d8b624a  kernel-unsupported-2.4.21-51.EL.s390.rpm

s390x:
86cc02e371c1253ec2fa7ba31cb17595  kernel-2.4.21-51.EL.s390x.rpm
fcf253f707acf26b668444f426c792d2  kernel-debuginfo-2.4.21-51.EL.s390x.rpm
a49b8aed89e64f29505369bde2ea7e62  kernel-doc-2.4.21-51.EL.s390x.rpm
62d185eb16102d2aa8d2a82601d8768e  kernel-source-2.4.21-51.EL.s390x.rpm
5968a0d4b0a129445ee801b82f3c2321  kernel-unsupported-2.4.21-51.EL.s390x.rpm

x86_64:
a2c87d889cbd620e5ef6012dd565785f  kernel-2.4.21-51.EL.ia32e.rpm
6be6ea30748554962f126c81441768ed  kernel-2.4.21-51.EL.x86_64.rpm
572777549a1530d34b8cc1c66e715471  kernel-debuginfo-2.4.21-51.EL.ia32e.rpm
9d1251676ba50ba4b4ba80b4b18d2ec4  kernel-debuginfo-2.4.21-51.EL.x86_64.rpm
21c16e560705f14421a1d669a27a54df  kernel-doc-2.4.21-51.EL.x86_64.rpm
aecd821b741c859535a6e2e6cf3ab0f5  kernel-smp-2.4.21-51.EL.x86_64.rpm
70a8d74ffc53e619fd8948ae76309f1b  kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm
66cbc0771e3be71408cae29636881ca7  kernel-source-2.4.21-51.EL.x86_64.rpm
13078e7d42ad160d1c304f722ac0f721  kernel-unsupported-2.4.21-51.EL.ia32e.rpm
ca57b82d95a3f1c3b32e632175f46898  kernel-unsupported-2.4.21-51.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm
3e94648c83b62fb9cc401b53ca5f6096  kernel-2.4.21-51.EL.src.rpm

i386:
1b001b9748c4626e16e3eec657b65e1b  kernel-2.4.21-51.EL.athlon.rpm
81412b55ba69d85064b55114fc4cadd3  kernel-2.4.21-51.EL.i686.rpm
45e16d49aa290a4bd0efe33bba627f5b  kernel-BOOT-2.4.21-51.EL.i386.rpm
fded238337854d3044eb5004996b36a6  kernel-debuginfo-2.4.21-51.EL.athlon.rpm
db091f1f057aa3aeb3134352151e6246  kernel-debuginfo-2.4.21-51.EL.i386.rpm
953fb8b53bf60d64a250c2d9cd6e956d  kernel-debuginfo-2.4.21-51.EL.i686.rpm
32eb10ebb7e3c890cea0da9f49c6d56a  kernel-doc-2.4.21-51.EL.i386.rpm
d5bffec510ed2d2c09edb881bcbb19bb  kernel-hugemem-2.4.21-51.EL.i686.rpm
9e4729d4981d0f371b9e34d3b04badd6  kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm
3336bf85d01e863d41a021a348088216  kernel-smp-2.4.21-51.EL.athlon.rpm
b98cf89374f00c81691ee57392b1d768  kernel-smp-2.4.21-51.EL.i686.rpm
f1e7de77a0acbe3d007571d38b84947a  kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm
2ad659821179db2f3a78d44ce62990de  kernel-smp-unsupported-2.4.21-51.EL.i686.rpm
4a2dcd9e3b3c1db9152f4415e5a1699a  kernel-source-2.4.21-51.EL.i386.rpm
6aa9025e30a16389480c4ccadaa9057f  kernel-unsupported-2.4.21-51.EL.athlon.rpm
c442a88cf82f11be01e0a335cc3c0856  kernel-unsupported-2.4.21-51.EL.i686.rpm

x86_64:
a2c87d889cbd620e5ef6012dd565785f  kernel-2.4.21-51.EL.ia32e.rpm
6be6ea30748554962f126c81441768ed  kernel-2.4.21-51.EL.x86_64.rpm
572777549a1530d34b8cc1c66e715471  kernel-debuginfo-2.4.21-51.EL.ia32e.rpm
9d1251676ba50ba4b4ba80b4b18d2ec4  kernel-debuginfo-2.4.21-51.EL.x86_64.rpm
21c16e560705f14421a1d669a27a54df  kernel-doc-2.4.21-51.EL.x86_64.rpm
aecd821b741c859535a6e2e6cf3ab0f5  kernel-smp-2.4.21-51.EL.x86_64.rpm
70a8d74ffc53e619fd8948ae76309f1b  kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm
66cbc0771e3be71408cae29636881ca7  kernel-source-2.4.21-51.EL.x86_64.rpm
13078e7d42ad160d1c304f722ac0f721  kernel-unsupported-2.4.21-51.EL.ia32e.rpm
ca57b82d95a3f1c3b32e632175f46898  kernel-unsupported-2.4.21-51.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm
3e94648c83b62fb9cc401b53ca5f6096  kernel-2.4.21-51.EL.src.rpm

i386:
1b001b9748c4626e16e3eec657b65e1b  kernel-2.4.21-51.EL.athlon.rpm
81412b55ba69d85064b55114fc4cadd3  kernel-2.4.21-51.EL.i686.rpm
45e16d49aa290a4bd0efe33bba627f5b  kernel-BOOT-2.4.21-51.EL.i386.rpm
fded238337854d3044eb5004996b36a6  kernel-debuginfo-2.4.21-51.EL.athlon.rpm
db091f1f057aa3aeb3134352151e6246  kernel-debuginfo-2.4.21-51.EL.i386.rpm
953fb8b53bf60d64a250c2d9cd6e956d  kernel-debuginfo-2.4.21-51.EL.i686.rpm
32eb10ebb7e3c890cea0da9f49c6d56a  kernel-doc-2.4.21-51.EL.i386.rpm
d5bffec510ed2d2c09edb881bcbb19bb  kernel-hugemem-2.4.21-51.EL.i686.rpm
9e4729d4981d0f371b9e34d3b04badd6  kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm
3336bf85d01e863d41a021a348088216  kernel-smp-2.4.21-51.EL.athlon.rpm
b98cf89374f00c81691ee57392b1d768  kernel-smp-2.4.21-51.EL.i686.rpm
f1e7de77a0acbe3d007571d38b84947a  kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm
2ad659821179db2f3a78d44ce62990de  kernel-smp-unsupported-2.4.21-51.EL.i686.rpm
4a2dcd9e3b3c1db9152f4415e5a1699a  kernel-source-2.4.21-51.EL.i386.rpm
6aa9025e30a16389480c4ccadaa9057f  kernel-unsupported-2.4.21-51.EL.athlon.rpm
c442a88cf82f11be01e0a335cc3c0856  kernel-unsupported-2.4.21-51.EL.i686.rpm

ia64:
f43eba731b22b5956aabaccff6c70abe  kernel-2.4.21-51.EL.ia64.rpm
80ed8856d2713f931b8543926d29d4a8  kernel-debuginfo-2.4.21-51.EL.ia64.rpm
2209a4a2680c0eb7acee8df8d47d4028  kernel-doc-2.4.21-51.EL.ia64.rpm
863b02755f6641944114f052ad3e9a0e  kernel-source-2.4.21-51.EL.ia64.rpm
8f84b0001c83b99fddbd28bcde5f806f  kernel-unsupported-2.4.21-51.EL.ia64.rpm

x86_64:
a2c87d889cbd620e5ef6012dd565785f  kernel-2.4.21-51.EL.ia32e.rpm
6be6ea30748554962f126c81441768ed  kernel-2.4.21-51.EL.x86_64.rpm
572777549a1530d34b8cc1c66e715471  kernel-debuginfo-2.4.21-51.EL.ia32e.rpm
9d1251676ba50ba4b4ba80b4b18d2ec4  kernel-debuginfo-2.4.21-51.EL.x86_64.rpm
21c16e560705f14421a1d669a27a54df  kernel-doc-2.4.21-51.EL.x86_64.rpm
aecd821b741c859535a6e2e6cf3ab0f5  kernel-smp-2.4.21-51.EL.x86_64.rpm
70a8d74ffc53e619fd8948ae76309f1b  kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm
66cbc0771e3be71408cae29636881ca7  kernel-source-2.4.21-51.EL.x86_64.rpm
13078e7d42ad160d1c304f722ac0f721  kernel-unsupported-2.4.21-51.EL.ia32e.rpm
ca57b82d95a3f1c3b32e632175f46898  kernel-unsupported-2.4.21-51.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm
3e94648c83b62fb9cc401b53ca5f6096  kernel-2.4.21-51.EL.src.rpm

i386:
1b001b9748c4626e16e3eec657b65e1b  kernel-2.4.21-51.EL.athlon.rpm
81412b55ba69d85064b55114fc4cadd3  kernel-2.4.21-51.EL.i686.rpm
45e16d49aa290a4bd0efe33bba627f5b  kernel-BOOT-2.4.21-51.EL.i386.rpm
fded238337854d3044eb5004996b36a6  kernel-debuginfo-2.4.21-51.EL.athlon.rpm
db091f1f057aa3aeb3134352151e6246  kernel-debuginfo-2.4.21-51.EL.i386.rpm
953fb8b53bf60d64a250c2d9cd6e956d  kernel-debuginfo-2.4.21-51.EL.i686.rpm
32eb10ebb7e3c890cea0da9f49c6d56a  kernel-doc-2.4.21-51.EL.i386.rpm
d5bffec510ed2d2c09edb881bcbb19bb  kernel-hugemem-2.4.21-51.EL.i686.rpm
9e4729d4981d0f371b9e34d3b04badd6  kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm
3336bf85d01e863d41a021a348088216  kernel-smp-2.4.21-51.EL.athlon.rpm
b98cf89374f00c81691ee57392b1d768  kernel-smp-2.4.21-51.EL.i686.rpm
f1e7de77a0acbe3d007571d38b84947a  kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm
2ad659821179db2f3a78d44ce62990de  kernel-smp-unsupported-2.4.21-51.EL.i686.rpm
4a2dcd9e3b3c1db9152f4415e5a1699a  kernel-source-2.4.21-51.EL.i386.rpm
6aa9025e30a16389480c4ccadaa9057f  kernel-unsupported-2.4.21-51.EL.athlon.rpm
c442a88cf82f11be01e0a335cc3c0856  kernel-unsupported-2.4.21-51.EL.i686.rpm

ia64:
f43eba731b22b5956aabaccff6c70abe  kernel-2.4.21-51.EL.ia64.rpm
80ed8856d2713f931b8543926d29d4a8  kernel-debuginfo-2.4.21-51.EL.ia64.rpm
2209a4a2680c0eb7acee8df8d47d4028  kernel-doc-2.4.21-51.EL.ia64.rpm
863b02755f6641944114f052ad3e9a0e  kernel-source-2.4.21-51.EL.ia64.rpm
8f84b0001c83b99fddbd28bcde5f806f  kernel-unsupported-2.4.21-51.EL.ia64.rpm

x86_64:
a2c87d889cbd620e5ef6012dd565785f  kernel-2.4.21-51.EL.ia32e.rpm
6be6ea30748554962f126c81441768ed  kernel-2.4.21-51.EL.x86_64.rpm
572777549a1530d34b8cc1c66e715471  kernel-debuginfo-2.4.21-51.EL.ia32e.rpm
9d1251676ba50ba4b4ba80b4b18d2ec4  kernel-debuginfo-2.4.21-51.EL.x86_64.rpm
21c16e560705f14421a1d669a27a54df  kernel-doc-2.4.21-51.EL.x86_64.rpm
aecd821b741c859535a6e2e6cf3ab0f5  kernel-smp-2.4.21-51.EL.x86_64.rpm
70a8d74ffc53e619fd8948ae76309f1b  kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm
66cbc0771e3be71408cae29636881ca7  kernel-source-2.4.21-51.EL.x86_64.rpm
13078e7d42ad160d1c304f722ac0f721  kernel-unsupported-2.4.21-51.EL.ia32e.rpm
ca57b82d95a3f1c3b32e632175f46898  kernel-unsupported-2.4.21-51.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGxB/yXlSAg2UNWIIRAuz8AJoDfmeOASkJPPZGe7MTwM9k4lU0TQCglp5/
SU92SN7NS47OjUUSedWqIpM=
=hMKB
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRsUAqCh9+71yA2DNAQKMTgP/cVT/IRQRM6P3TWqqs8AOX3zyA8XmNQaY
6hraWc/F7PNOph5aOJnixV1gCIW0MYSYMHweV/2msdihhZceHfOs0sjA8coaSo8G
yKmxfjtVfFcHm/ck8R/rSkNXkKmGYoz9/jiHleTERRXzlS3loUAGQdWUE+sj5SlX
diYlZ3jrhjo=
=uAdY
-----END PGP SIGNATURE-----