Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 509
Alerts This Week
Warning Icon 1 509

Red Hat 2.1 RHSA-2004:044-01 Critical Privilege Escalation

red hat
Calendar Grey February 3, 2004
Scroller Redhat Esm H88
Kernel updates resolve security flaws and enhance NFS performance on Red Hat Enterprise Linux 2.1 systems, including privilege escalation issues.
Updated kernel packages are now available that fix a few security issues.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website:

https://access.redhat.com

5. Bug IDs fixed ( for more info):

112766 - e.34 kernel breaks UDP NFS badly 113602 - CAN-2004-0003 r128 DRI 113305 - CAN-2003-0700 CMedia additional get_user issues 113300 - CAN-2002-1574 ixj telephony card driver overflow 112914 - After upgraded the latest kenerl e.34 or e.35, the Intel Pro/100 module did not load during the reboot. 113498 - modules.dep points to the wrong driver

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:


athlon: Available from Red Hat Network: kernel-2.4.9-e.37.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.athlon.rpm

i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.37.i386.rpm

i686: Available from Red Hat Network: kernel-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-summit-2.4.9-e.37.i686.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:


athlon: Available from Red Hat Network: kernel-2.4.9-e.37.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.athlon.rpm

i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.37.i386.rpm

i686: Available from Red Hat Network: kernel-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.i686.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:


athlon: Available from Red Hat Network: kernel-2.4.9-e.37.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.athlon.rpm

i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.37.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.37.i386.rpm

i686: Available from Red Hat Network: kernel-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.37.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.37.i686.rpm



7. Verification:

MD5 sum Package Name

1ea5a1908a6562967b0595e06bd4bd93 2.1AS/en/os/SRPMS/kernel-2.4.9-e.37.src.rpm 030f252f56b1914712a10882637a791c 2.1AS/en/os/athlon/kernel-2.4.9-e.37.athlon.rpm 1d819b13b87cf66ee7bdae9c4ca0ec77 2.1AS/en/os/athlon/kernel-smp-2.4.9-e.37.athlon.rpm 07204ea9a97d0650ae17607b39e3c410 2.1AS/en/os/i386/kernel-BOOT-2.4.9-e.37.i386.rpm 08f7567fe94f61c7e59072a016757906 2.1AS/en/os/i386/kernel-doc-2.4.9-e.37.i386.rpm 6c76c386fbc5afc0aba21774905845e3 2.1AS/en/os/i386/kernel-headers-2.4.9-e.37.i386.rpm 0c49a0f4868c814b15e1fd60c1adaa78 2.1AS/en/os/i386/kernel-source-2.4.9-e.37.i386.rpm cfc5e061933e32ece12333502e97bb22 2.1AS/en/os/i686/kernel-2.4.9-e.37.i686.rpm c3c3578babc860faa895bf6256052140 2.1AS/en/os/i686/kernel-debug-2.4.9-e.37.i686.rpm 2d4959d95a723cb67fa5d3ebe905cee2 2.1AS/en/os/i686/kernel-enterprise-2.4.9-e.37.i686.rpm 0d26a9639bdad7a9e84387ea731156bc 2.1AS/en/os/i686/kernel-smp-2.4.9-e.37.i686.rpm cc565e3f28776f37809536f7dd39f573 2.1AS/en/os/i686/kernel-summit-2.4.9-e.37.i686.rpm 1ea5a1908a6562967b0595e06bd4bd93 2.1ES/en/os/SRPMS/kernel-2.4.9-e.37.src.rpm 030f252f56b1914712a10882637a791c 2.1ES/en/os/athlon/kernel-2.4.9-e.37.athlon.rpm 1d819b13b87cf66ee7bdae9c4ca0ec77 2.1ES/en/os/athlon/kernel-smp-2.4.9-e.37.athlon.rpm 07204ea9a97d0650ae17607b39e3c410 2.1ES/en/os/i386/kernel-BOOT-2.4.9-e.37.i386.rpm 08f7567fe94f61c7e59072a016757906 2.1ES/en/os/i386/kernel-doc-2.4.9-e.37.i386.rpm 6c76c386fbc5afc0aba21774905845e3 2.1ES/en/os/i386/kernel-headers-2.4.9-e.37.i386.rpm 0c49a0f4868c814b15e1fd60c1adaa78 2.1ES/en/os/i386/kernel-source-2.4.9-e.37.i386.rpm cfc5e061933e32ece12333502e97bb22 2.1ES/en/os/i686/kernel-2.4.9-e.37.i686.rpm c3c3578babc860faa895bf6256052140 2.1ES/en/os/i686/kernel-debug-2.4.9-e.37.i686.rpm 0d26a9639bdad7a9e84387ea731156bc 2.1ES/en/os/i686/kernel-smp-2.4.9-e.37.i686.rpm 1ea5a1908a6562967b0595e06bd4bd93 2.1WS/en/os/SRPMS/kernel-2.4.9-e.37.src.rpm 030f252f56b1914712a10882637a791c 2.1WS/en/os/athlon/kernel-2.4.9-e.37.athlon.rpm 1d819b13b87cf66ee7bdae9c4ca0ec77 2.1WS/en/os/athlon/kernel-smp-2.4.9-e.37.athlon.rpm 07204ea9a97d0650ae17607b39e3c410 2.1WS/en/os/i386/kernel-BOOT-2.4.9-e.37.i386.rpm 08f7567fe94f61c7e59072a016757906 2.1WS/en/os/i386/kernel-doc-2.4.9-e.37.i386.rpm 6c76c386fbc5afc0aba21774905845e3 2.1WS/en/os/i386/kernel-headers-2.4.9-e.37.i386.rpm 0c49a0f4868c814b15e1fd60c1adaa78 2.1WS/en/os/i386/kernel-source-2.4.9-e.37.i386.rpm cfc5e061933e32ece12333502e97bb22 2.1WS/en/os/i686/kernel-2.4.9-e.37.i686.rpm c3c3578babc860faa895bf6256052140 2.1WS/en/os/i686/kernel-debug-2.4.9-e.37.i686.rpm 2d4959d95a723cb67fa5d3ebe905cee2 2.1WS/en/os/i686/kernel-enterprise-2.4.9-e.37.i686.rpm 0d26a9639bdad7a9e84387ea731156bc 2.1WS/en/os/i686/kernel-smp-2.4.9-e.37.i686.rpm

These packages are GPG signed by Red Hat for security. Our key is available from https://access.redhat.com/security/team/key

You can verify each package with the following command:

rpm --checksig -v

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

md5sum


Summary

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2004:044-01
Issue date: 2004-02-03
Updated on: 2004-02-03
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2003:408

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686

Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686

Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.