Fedora Security Update Notification
FEDORA-2004-186
2004-06-23
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : kernel
Version     : 2.4.22                      
Release     : 1.2194.nptl                  
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of your
Fedora Core Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

Numerous problems referencing userspace memory were identified in several
device drivers by Al Viro using the sparse tool.  The Common Vulnerabilities
and Exposures project (cve.mitre.org) assigned the name CAN-2004-0495 to this issue.

A problem was found where userspace code could execute certain floating
point instructions from signal handlers which would cause the kernel
to lock up.  The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CAN-2004-0554 to this issue.

Previous kernels contained a patch against the framebuffer ioctl
code which turned out to be unnecessary. This has been dropped
in this update.

A memory leak in the E1000 network card driver has been fixed.
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2004-0535 to this issue.

Previously, inappropriate permissions were set on /proc/scsi/qla2300/HbaApiNode
The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2004-0587 to this issue.

Support for systems with more than 4GB of memory was previously unavailable.
The 686 SMP kernel now supports this configuration. (Bugzilla #122960)
Support for SMP on 586's was also previously not included.
This has also been rectified. (Bugzilla #111871)

---------------------------------------------------------------------


---------------------------------------------------------------------
This update can be downloaded from:
   
afbebd8faf6000a21ccb31b9d79cc42d  SRPMS/kernel-2.4.22-1.2194.nptl.src.rpm
d096e20bef069c9f8c134bc490d7b1c0  x86_64/kernel-2.4.22-1.2194.nptl.x86_64.rpm
2e2f20c4090f09591c1c2fda395766a1  x86_64/kernel-source-2.4.22-1.2194.nptl.x86_64.rpm
ba9315c99099ae2ea50faad7efbc7a57  x86_64/kernel-doc-2.4.22-1.2194.nptl.x86_64.rpm
030f29ae64f0bfbe4c99a45e5077e40c  x86_64/kernel-smp-2.4.22-1.2194.nptl.x86_64.rpm
372301d42349cb0568ce7d6b71ce078b  x86_64/debug/kernel-debuginfo-2.4.22-1.2194.nptl.x86_64.rpm
4b2105dd045d9cb57eabe18d1047a6de  i386/kernel-source-2.4.22-1.2194.nptl.i386.rpm
a59e186147f73c15d96d0a806e06fcbc  i386/kernel-doc-2.4.22-1.2194.nptl.i386.rpm
d90babb412eef5a6dd24bd53ceab38a9  i386/kernel-BOOT-2.4.22-1.2194.nptl.i386.rpm
d8ec8ec23c17058c24ce4bbe5eb59275  i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i386.rpm
7d70b95d0cd5b4a93bc1ce90e57762f6  i386/kernel-2.4.22-1.2194.nptl.i586.rpm
370fa73f7b82c79b03aa7b865671df3a  i386/kernel-smp-2.4.22-1.2194.nptl.i586.rpm
413f46ceee286f874d7cebdf0694a5ef  i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i586.rpm
6839a7a334a2980b036b09c8a4ad20a9  i386/kernel-2.4.22-1.2194.nptl.i686.rpm
e33e1bd82d52502298e9b24fe53f9acf  i386/kernel-smp-2.4.22-1.2194.nptl.i686.rpm
a1bbd9f5bfe7aaa27a561e2b663842ba  i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i686.rpm
fe4595933f55899f1341c8b167c3720f  i386/kernel-2.4.22-1.2194.nptl.athlon.rpm
8df5e29195d4c779d60938b740b2b777  i386/kernel-smp-2.4.22-1.2194.nptl.athlon.rpm
597b43d471f2fedad519a059d66dc72f  i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.

Fedora: 1: kernel Multiple vulnerabilities

June 25, 2004
This patch fixes a large number of bugs, including the famous evil.c kernel crash.

Summary

The kernel package contains the Linux kernel (vmlinuz), the core of your

Fedora Core Linux operating system. The kernel handles the basic functions

of the operating system: memory allocation, process allocation, device

input and output, etc.

Numerous problems referencing userspace memory were identified in several

device drivers by Al Viro using the sparse tool. The Common Vulnerabilities

and Exposures project (cve.mitre.org) assigned the name CAN-2004-0495 to this issue.

A problem was found where userspace code could execute certain floating

point instructions from signal handlers which would cause the kernel

to lock up. The Common Vulnerabilities and Exposures project (cve.mitre.org)

assigned the name CAN-2004-0554 to this issue.

Previous kernels contained a patch against the framebuffer ioctl

code which turned out to be unnecessary. This has been dropped

in this update.

A memory leak in the E1000 network card driver has been fixed.

The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned

the name CAN-2004-0535 to this issue.

Previously, inappropriate permissions were set on /proc/scsi/qla2300/HbaApiNode

The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned

the name CAN-2004-0587 to this issue.

Support for systems with more than 4GB of memory was previously unavailable.

The 686 SMP kernel now supports this configuration. (Bugzilla #122960)

Support for SMP on 586's was also previously not included.

This has also been rectified. (Bugzilla #111871)

This update can be downloaded from:

afbebd8faf6000a21ccb31b9d79cc42d SRPMS/kernel-2.4.22-1.2194.nptl.src.rpm

d096e20bef069c9f8c134bc490d7b1c0 x86_64/kernel-2.4.22-1.2194.nptl.x86_64.rpm

2e2f20c4090f09591c1c2fda395766a1 x86_64/kernel-source-2.4.22-1.2194.nptl.x86_64.rpm

ba9315c99099ae2ea50faad7efbc7a57 x86_64/kernel-doc-2.4.22-1.2194.nptl.x86_64.rpm

030f29ae64f0bfbe4c99a45e5077e40c x86_64/kernel-smp-2.4.22-1.2194.nptl.x86_64.rpm

372301d42349cb0568ce7d6b71ce078b x86_64/debug/kernel-debuginfo-2.4.22-1.2194.nptl.x86_64.rpm

4b2105dd045d9cb57eabe18d1047a6de i386/kernel-source-2.4.22-1.2194.nptl.i386.rpm

a59e186147f73c15d96d0a806e06fcbc i386/kernel-doc-2.4.22-1.2194.nptl.i386.rpm

d90babb412eef5a6dd24bd53ceab38a9 i386/kernel-BOOT-2.4.22-1.2194.nptl.i386.rpm

d8ec8ec23c17058c24ce4bbe5eb59275 i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i386.rpm

7d70b95d0cd5b4a93bc1ce90e57762f6 i386/kernel-2.4.22-1.2194.nptl.i586.rpm

370fa73f7b82c79b03aa7b865671df3a i386/kernel-smp-2.4.22-1.2194.nptl.i586.rpm

413f46ceee286f874d7cebdf0694a5ef i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i586.rpm

6839a7a334a2980b036b09c8a4ad20a9 i386/kernel-2.4.22-1.2194.nptl.i686.rpm

e33e1bd82d52502298e9b24fe53f9acf i386/kernel-smp-2.4.22-1.2194.nptl.i686.rpm

a1bbd9f5bfe7aaa27a561e2b663842ba i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i686.rpm

fe4595933f55899f1341c8b167c3720f i386/kernel-2.4.22-1.2194.nptl.athlon.rpm

8df5e29195d4c779d60938b740b2b777 i386/kernel-smp-2.4.22-1.2194.nptl.athlon.rpm

597b43d471f2fedad519a059d66dc72f i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

Fedora Security Update Notification FEDORA-2004-186 2004-06-23 Product : Fedora Core 1 Name : kernel Version : 2.4.22 Release : 1.2194.nptl Summary : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of your Fedora Core Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. Numerous problems referencing userspace memory were identified in several device drivers by Al Viro using the sparse tool. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2004-0495 to this issue. A problem was found where userspace code could execute certain floating point instructions from signal handlers which would cause the kernel to lock up. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2004-0554 to this issue. Previous kernels contained a patch against the framebuffer ioctl code which turned out to be unnecessary. This has been dropped in this update. A memory leak in the E1000 network card driver has been fixed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2004-0535 to this issue. Previously, inappropriate permissions were set on /proc/scsi/qla2300/HbaApiNode The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2004-0587 to this issue. Support for systems with more than 4GB of memory was previously unavailable. The 686 SMP kernel now supports this configuration. (Bugzilla #122960) Support for SMP on 586's was also previously not included. This has also been rectified. (Bugzilla #111871) This update can be downloaded from: afbebd8faf6000a21ccb31b9d79cc42d SRPMS/kernel-2.4.22-1.2194.nptl.src.rpm d096e20bef069c9f8c134bc490d7b1c0 x86_64/kernel-2.4.22-1.2194.nptl.x86_64.rpm 2e2f20c4090f09591c1c2fda395766a1 x86_64/kernel-source-2.4.22-1.2194.nptl.x86_64.rpm ba9315c99099ae2ea50faad7efbc7a57 x86_64/kernel-doc-2.4.22-1.2194.nptl.x86_64.rpm 030f29ae64f0bfbe4c99a45e5077e40c x86_64/kernel-smp-2.4.22-1.2194.nptl.x86_64.rpm 372301d42349cb0568ce7d6b71ce078b x86_64/debug/kernel-debuginfo-2.4.22-1.2194.nptl.x86_64.rpm 4b2105dd045d9cb57eabe18d1047a6de i386/kernel-source-2.4.22-1.2194.nptl.i386.rpm a59e186147f73c15d96d0a806e06fcbc i386/kernel-doc-2.4.22-1.2194.nptl.i386.rpm d90babb412eef5a6dd24bd53ceab38a9 i386/kernel-BOOT-2.4.22-1.2194.nptl.i386.rpm d8ec8ec23c17058c24ce4bbe5eb59275 i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i386.rpm 7d70b95d0cd5b4a93bc1ce90e57762f6 i386/kernel-2.4.22-1.2194.nptl.i586.rpm 370fa73f7b82c79b03aa7b865671df3a i386/kernel-smp-2.4.22-1.2194.nptl.i586.rpm 413f46ceee286f874d7cebdf0694a5ef i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i586.rpm 6839a7a334a2980b036b09c8a4ad20a9 i386/kernel-2.4.22-1.2194.nptl.i686.rpm e33e1bd82d52502298e9b24fe53f9acf i386/kernel-smp-2.4.22-1.2194.nptl.i686.rpm a1bbd9f5bfe7aaa27a561e2b663842ba i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.i686.rpm fe4595933f55899f1341c8b167c3720f i386/kernel-2.4.22-1.2194.nptl.athlon.rpm 8df5e29195d4c779d60938b740b2b777 i386/kernel-smp-2.4.22-1.2194.nptl.athlon.rpm 597b43d471f2fedad519a059d66dc72f i386/debug/kernel-debuginfo-2.4.22-1.2194.nptl.athlon.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Change Log

References

Update Instructions

Severity
Product : Fedora Core 1
Name : kernel
Version : 2.4.22
Release : 1.2194.nptl
Summary : The Linux kernel (the core of the Linux operating system)

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved