Linux Security
    Linux Security
    Linux Security

    Fedora: kernel 2.4.x Privilege escalation vulnerability

    Date
    2933
    Posted By
    Rollup rpms fix recently reported kernel vulnerabilities in Red Hat 7.2-8.
    
    Fedora Legacy Update Advisory
    
    Synopsis:          Updated kernel resolves security vulnerabilities
    Advisory ID:       FLSA:1284
    Issue date:        2004-03-02
    Product:           Red Hat Linux
    Keywords:          Security
    Cross references:  https://bugzilla.fedora.us/show_bug.cgi?id=1284
    CVE Names:         CAN-2004-0077, CAN-2004-0075, CAN-2004-0010, 
    CAN-2004-0003
    -----------------------------------------------------------------------
    
    
    ---------------------------------------------------------------------
    1. Topic:
    
    Updated kernel packages that fix security vulnerabilities which may 
    allow local users to gain root privileges are now available. These 
    packages also resolve other minor issues.
    
    2. Relevent releases/architectures:
    
    Red Hat Linux 7.2 - i386, i586, i686, athlon
    Red Hat Linux 7.3 - i386, i586, i686, athlon
    Red Hat Linux 8.0 - i386, i586, i686, athlon
    
    3. Problem description:
    
    The Linux kernel handles the basic functions of the operating system.
    
    Paul Starzetz discovered a flaw in return value checking in mremap() in 
    the Linux kernel versions 2.4.24 and previous that may allow a local 
    attacker to gain root privileges. No exploit is currently available; 
    however this issue is exploitable. The Common Vulnerabilities and 
    Exposures project (cve.mitre.org) has assigned the name CAN-2004-0077 
    to this issue.
    
    The Vicam USB driver in kernel versions prior to 2.4.25 does not use the 
    copy_from_user function to access userspace, which crosses security 
    boundaries. The Common Vulnerabilities and Exposures project 
    (cve.mitre.org) has assigned the name CAN-2004-0075 to this issue.
    
    Arjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could
    allow local privilege escalation. ncpfs is only used to allow a system 
    to mount volumes of NetWare servers or print to NetWare printers. The 
    Common Vulnerabilities and Exposures project (cve.mitre.org) has 
    assigned the name CAN-2004-0010 to this issue.
    
    Alan Cox found issues in the R128 Direct Render Infrastructure that 
    could allow local privilege escalation. The Common Vulnerabilities and 
    Exposures project (cve.mitre.org) has assigned the name CAN-2004-0003 
    to this issue.
    
    All users are advised to upgrade to these errata packages, which contain
    backported security patches that correct these issues.
    
    Fedora Legacy would like to thank Paul Starzetz from ISEC for reporting 
    the issue CAN-2004-0077, and Dominic Hargreaves for providing 
    backported rpms for all issues.
    
    4. Solution:
    
    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.
    
    To update all RPMs for your particular architecture, run:
    
    rpm -Fvh [filenames]
    
    where [filenames] is a list of the RPMs you wish to upgrade.  Only those
    RPMs which are currently installed will be updated.  Those RPMs which 
    are not installed but included in the list will not be updated.  Note 
    that you can also use wildcards (*.rpm) if your current directory 
    *only* contains the desired RPMs.
    
    Please note that this update is also available via yum and apt.  Many
    people find this an easier way to apply updates.  To use yum issue:
    
    yum update
    
    or to use apt:
    
    apt-get update; apt-get upgrade
    
    This will start an interactive process that will result in the 
    appropriate RPMs being upgraded on your system.  This assumes that you 
    have yum or apt-get configured for obtaining Fedora Legacy content. 
    Please visit  https://www.fedoralegacy.org/download for directions on how 
    to configure yum and apt-get.
    
    5. Bug IDs fixed:
     
    https://bugzilla.fedora.us - 1284 - KERNEL: r128 dri AND do_mremap VMA 
    limit local privilege escalation vulnerability
    
    6. RPMs required:
    
    Red Hat Linux 7.2:
    
    SRPM: 
    https://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/kernel-2.4.20-30.7.legacy.src.rpm
    
    i386: 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-BOOT-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-doc-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-source-2.4.20-30.7.legacy.i386.rpm
    
    i568: 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-2.4.20-30.7.legacy.i586.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.i586.rpm
    
    i686: 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-2.4.20-30.7.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-bigmem-2.4.20-30.7.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.i686.rpm
    
    athlon: 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-2.4.20-30.7.legacy.athlon.rpm 
    https://download.fedoralegacy.org/redhat/7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.athlon.rpm
    
    Red Hat Linux 7.3:
    
    SRPM: 
    https://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/kernel-2.4.20-30.7.legacy.src.rpm
    
    i386: 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-BOOT-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-doc-2.4.20-30.7.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-source-2.4.20-30.7.legacy.i386.rpm
    
    i568: 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-2.4.20-30.7.legacy.i586.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.i586.rpm
    
    i686: 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-2.4.20-30.7.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-bigmem-2.4.20-30.7.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.i686.rpm
    
    athlon: 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-2.4.20-30.7.legacy.athlon.rpm 
    https://download.fedoralegacy.org/redhat/7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.athlon.rpm
    
    Red Hat Linux 8.0:
    
    SRPM: 
    https://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/kernel-2.4.20-30.8.legacy.src.rpm
    
    i386: 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-2.4.20-30.8.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-BOOT-2.4.20-30.8.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-doc-2.4.20-30.8.legacy.i386.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-source-2.4.20-30.8.legacy.i386.rpm
    
    i568: 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-2.4.20-30.8.legacy.i586.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.i586.rpm
    
    i686: 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-2.4.20-30.8.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-bigmem-2.4.20-30.8.legacy.i686.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.i686.rpm
    
    athlon: 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-2.4.20-30.8.legacy.athlon.rpm 
    https://download.fedoralegacy.org/redhat/8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.athlon.rpm
    
    7. Verification:
    
    SHA1 sum                                 Package Name
    ---------------------------------------------------------------------------
    
    4b1d86c6b9c706d5ed9561a2c4fc0628528ddc86  
    7.2/updates/SRPMS/kernel-2.4.20-30.7.legacy.src.rpm
    f97d96d3238aa1bb314896699e280a31ed85529d  
    7.2/updates/i386/kernel-2.4.20-30.7.legacy.athlon.rpm
    cf0e03315d942140fbb439521684705d25e59a8f  
    7.2/updates/i386/kernel-2.4.20-30.7.legacy.i386.rpm
    d3e0a7b68e06af4045cd4f66d0a5864920dbd5b5  
    7.2/updates/i386/kernel-2.4.20-30.7.legacy.i586.rpm
    debfa2741248dccffdade72b8efe3b94d0e2483c  
    7.2/updates/i386/kernel-2.4.20-30.7.legacy.i686.rpm
    989873968805dca5a7abd47dfb0c6dfca8a110b4  
    7.2/updates/i386/kernel-BOOT-2.4.20-30.7.legacy.i386.rpm
    17a5a3b267339f1b20870cdcf586f5784b632358  
    7.2/updates/i386/kernel-bigmem-2.4.20-30.7.legacy.i686.rpm
    15c40d84c061917f08e0c6b540bc49999ed18599  
    7.2/updates/i386/kernel-doc-2.4.20-30.7.legacy.i386.rpm
    f1460dafa968105647f38983d795b2693692fbfd  
    7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.athlon.rpm
    15f1ac18efcf20c6f7c2f1fdcd803562704e507f  
    7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.i586.rpm
    3c0fdeb92cd1d549b643bf91429dd1b79a067e77  
    7.2/updates/i386/kernel-smp-2.4.20-30.7.legacy.i686.rpm
    c64a8cef6e9ec35454a397229b2a15a60bba5322  
    7.2/updates/i386/kernel-source-2.4.20-30.7.legacy.i386.rpm
    
    4b1d86c6b9c706d5ed9561a2c4fc0628528ddc86  
    7.3/updates/SRPMS/kernel-2.4.20-30.7.legacy.src.rpm
    f97d96d3238aa1bb314896699e280a31ed85529d  
    7.3/updates/i386/kernel-2.4.20-30.7.legacy.athlon.rpm
    cf0e03315d942140fbb439521684705d25e59a8f  
    7.3/updates/i386/kernel-2.4.20-30.7.legacy.i386.rpm
    d3e0a7b68e06af4045cd4f66d0a5864920dbd5b5  
    7.3/updates/i386/kernel-2.4.20-30.7.legacy.i586.rpm
    debfa2741248dccffdade72b8efe3b94d0e2483c  
    7.3/updates/i386/kernel-2.4.20-30.7.legacy.i686.rpm
    989873968805dca5a7abd47dfb0c6dfca8a110b4  
    7.3/updates/i386/kernel-BOOT-2.4.20-30.7.legacy.i386.rpm
    17a5a3b267339f1b20870cdcf586f5784b632358  
    7.3/updates/i386/kernel-bigmem-2.4.20-30.7.legacy.i686.rpm
    15c40d84c061917f08e0c6b540bc49999ed18599  
    7.3/updates/i386/kernel-doc-2.4.20-30.7.legacy.i386.rpm
    f1460dafa968105647f38983d795b2693692fbfd  
    7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.athlon.rpm
    15f1ac18efcf20c6f7c2f1fdcd803562704e507f  
    7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.i586.rpm
    3c0fdeb92cd1d549b643bf91429dd1b79a067e77  
    7.3/updates/i386/kernel-smp-2.4.20-30.7.legacy.i686.rpm
    c64a8cef6e9ec35454a397229b2a15a60bba5322  
    7.3/updates/i386/kernel-source-2.4.20-30.7.legacy.i386.rpm
    
    8eea381f80412a9421d25b1466d084cbbf5e1cee  
    8.0/updates/SRPMS/kernel-2.4.20-30.8.legacy.src.rpm
    77ee4d29f593a4746e70a6ac55f9791d3183803e  
    8.0/updates/i386/kernel-2.4.20-30.8.legacy.athlon.rpm
    b1ba3b73d03294d4b31756eb6086bfffd4ef9958  
    8.0/updates/i386/kernel-2.4.20-30.8.legacy.i386.rpm
    cd49df62f704ed4e11be197fdae0920de1e1c584  
    8.0/updates/i386/kernel-2.4.20-30.8.legacy.i586.rpm
    467c2613862985f16e07db103d7d88ab914ea73c  
    8.0/updates/i386/kernel-2.4.20-30.8.legacy.i686.rpm
    63e243113b85a57ccaaaf0bcdf1468d7f8290001  
    8.0/updates/i386/kernel-BOOT-2.4.20-30.8.legacy.i386.rpm
    ea960ffbacd83cdb2b0ae78e612da5099121f77c  
    8.0/updates/i386/kernel-bigmem-2.4.20-30.8.legacy.i686.rpm
    842cea04dad3976173afb6609c19615eff88aa8a  
    8.0/updates/i386/kernel-doc-2.4.20-30.8.legacy.i386.rpm
    e07e04ffef20d0f3fd66cd8cc46d7f2d7d1c2af0  
    8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.athlon.rpm
    a2a81a0ebe3e7433e339881bd1ba6177f75599c8  
    8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.i586.rpm
    8625244b0dca1a71fe9b74769f6376af9495b333  
    8.0/updates/i386/kernel-smp-2.4.20-30.8.legacy.i686.rpm
    4f6b05bc2296a0b37bc9528fd0e36d4e8f69ff67  
    8.0/updates/i386/kernel-source-2.4.20-30.8.legacy.i386.rpm
    
    These packages are GPG signed by Fedora Legacy for security.  Our key is
    available from  https://www.fedoralegacy.org/about/security.php
    
    You can verify each package with the following command:
    
        rpm --checksig -v 
    
    If you only wish to verify that each package has not been corrupted or
    tampered with, examine only the sha1sum with the following command:
    
        sha1sum 
    
    8. References:
     
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0003 
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0010 
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0075 
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077
    https://rhn.redhat.com/errata/RHSA-2004-065.html
    https://bugzilla.fedora.us/show_bug.cgi?id=1284
    
    
    9. Contact:
    
    The Fedora Legacy security contact is <This email address is being protected from spambots. You need JavaScript enabled to view it.>. More
    project details at  https://www.fedoralegacy.org
    
    10. Special Notes:
    
    If you use lilo, you will have to edit your lilo.conf file and shorten 
    the label of this kernel.  The label is too long for lilo, but not for 
    grub.
    
    ---------------------------------------------------------------------
    
    --
    Jesse Keating RHCE	 (https://geek.j2solutions.net)
    Fedora Legacy Team	 (https://www.fedoralegacy.org)
    
    

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.