Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 414
Alerts This Week
Warning Icon 1 414

Red Hat: BSA-2022:408-01 Urgent: Remote DoS and Local Privilege Fixes

red hat
Calendar Grey May 14, 2003
Dist Redhat Esm H88
Attention Red Hat users: the latest kernel updates have been issued to fix security flaws concerning remote DoS attacks and local privilege elevation.
Updated kernel packages that fix a remote denial of service vulnerability in the TCP/IP stack, and a local privilege vulnerability, are now available.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To use Red Hat Network to upgrade the kernel, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly if you are using the default configuration of up2date.

To install kernel packages manually, use "rpm -ivh " and modify system settings to boot the kernel you have installed. To do this, edit /boot/grub/grub.conf and change the default entry to "default=0" (or, if you have chosen to use LILO as your boot loader, edit /etc/lilo.conf and run lilo)

Do not use "rpm -Uvh" as that will remove your running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

5. Bug IDs fixed ( for more info):

89743 - usb-uhci Kernel freeze with one-shot interrupt transfers81282 - No pcmcia devices found (HP OmniBook XT6050) after upgrade. 89686 - V.110 doesn't work with HFC_PCI cards. 89049 - ALi M5451 doesn't work 89732 - Installer hangs when loading aic7xxx module 89554 - Kernel needs dell inspiron 8500 support 88847 - Sound card AZT1008 not initialized by ad1848.o 86180 - orinoco_cs periodically drops connection with linksys wpc11v3 88550 - Acer 351tev fails loading trident.o module 88047 - /proc//cmdline is empty 90276 - Some drivers are missing a copy_from_user() function call

6. RPMs required:

Red Hat Linux 7.1:

SRPMS:


athlon:



i386:





i586:



i686:




Red Hat Linux 7.2:

SRPMS:


athlon:



i386:





i586:



i686:




Red Hat Linux 7.3:

SRPMS:


athlon:



i386:





i586:



i686:




Red Hat Linux 8.0:

SRPMS:



athlon:



i386:






i586:



i686:




Red Hat Linux 9:

SRPMS:


athlon:



i386:





i586:



i686:






7. Verification:

MD5 sum Package Name d1799a2701cd94e64dd7217fd4d1e666 7.1/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.1/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.1/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.1/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.1/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.1/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.1/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.1/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.1/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f6 7.1/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.1/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.1/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm d1799a2701cd94e64dd7217fd4d1e666 7.2/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.2/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.2/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.2/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.2/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.2/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.2/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.2/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.2/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f6 7.2/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.2/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.2/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm d1799a2701cd94e64dd7217fd4d1e666 7.3/en/os/SRPMS/kernel-2.4.20-13.7.src.rpm 1ed2234cddcf1a5eb18f8dd9abd2585b 7.3/en/os/athlon/kernel-2.4.20-13.7.athlon.rpm 4ec891edbd9340da904fd6a8d1d98043 7.3/en/os/athlon/kernel-smp-2.4.20-13.7.athlon.rpm 02347832231e93183581c3dbb8e46c4a 7.3/en/os/i386/kernel-2.4.20-13.7.i386.rpm 49c156feaa21c6b847813f3a087b5ae3 7.3/en/os/i386/kernel-BOOT-2.4.20-13.7.i386.rpm 702f8a04e66fdfd8f41a4319fe604e0a 7.3/en/os/i386/kernel-doc-2.4.20-13.7.i386.rpm 36437fe4edf013dc89aa9d226f20fd01 7.3/en/os/i386/kernel-source-2.4.20-13.7.i386.rpm b5533475a0fd9b383f56945d64dea185 7.3/en/os/i586/kernel-2.4.20-13.7.i586.rpm 592733320530871511e9c5d636563533 7.3/en/os/i586/kernel-smp-2.4.20-13.7.i586.rpm 77316b8f05f6fd1e352679f56b9992f6 7.3/en/os/i686/kernel-2.4.20-13.7.i686.rpm 408d19fa437c5e452167f2c8c1f362ce 7.3/en/os/i686/kernel-bigmem-2.4.20-13.7.i686.rpm 24168061d6bffb12a1fc150eaea6b1b9 7.3/en/os/i686/kernel-smp-2.4.20-13.7.i686.rpm 1eac6e546a88e479821b0c64fafd076c 8.0/en/os/SRPMS/kernel-2.4.20-13.8.src.rpm 5cdd690b2c0b8b275a4d048a95d8bf8b 8.0/en/os/SRPMS/oprofile-0.4-44.8.1.src.rpm 20f2ec3996100d5c4b5a5cf609cbf96c 8.0/en/os/athlon/kernel-2.4.20-13.8.athlon.rpm bcdbbbe42fee19a74d993c9eb0b5c2e0 8.0/en/os/athlon/kernel-smp-2.4.20-13.8.athlon.rpm 04a3edfdf82d73de6e58fcf2254b7fd4 8.0/en/os/i386/kernel-2.4.20-13.8.i386.rpm cbc978d4e686f0e2f8d4bb91a527ee59 8.0/en/os/i386/kernel-BOOT-2.4.20-13.8.i386.rpm 7061fe2b7d9a9e04d7d799590871d2fc 8.0/en/os/i386/kernel-doc-2.4.20-13.8.i386.rpm 96429c0d8185bb1672ed3530877e9e9c 8.0/en/os/i386/kernel-source-2.4.20-13.8.i386.rpm 88440b86e921dce49f05b0c1a0344cc9 8.0/en/os/i386/oprofile-0.4-44.8.1.i386.rpm be7d58a03d9a28db072b99c57fe80f0b 8.0/en/os/i586/kernel-2.4.20-13.8.i586.rpm 23fb8e7b7c895205314be4abd10b0474 8.0/en/os/i586/kernel-smp-2.4.20-13.8.i586.rpm 08584687dae702a02c9603fb95f5275c 8.0/en/os/i686/kernel-2.4.20-13.8.i686.rpm d336ee0403d4d8ffccdbed5fd460693f 8.0/en/os/i686/kernel-bigmem-2.4.20-13.8.i686.rpm f4f693c588d9519b26ec912e1e58419b 8.0/en/os/i686/kernel-smp-2.4.20-13.8.i686.rpm 5a39e35dfea5b4b79c8be444bf49dcc5 9/en/os/SRPMS/kernel-2.4.20-13.9.src.rpm 6b3e0a56fb8977818b0802f64a91dbb3 9/en/os/athlon/kernel-2.4.20-13.9.athlon.rpm 0460a0cc4bf91467fc3b26a979a8d658 9/en/os/athlon/kernel-smp-2.4.20-13.9.athlon.rpm b46c026c49d52da7b9f971f4a8a13908 9/en/os/i386/kernel-2.4.20-13.9.i386.rpm 794415512835127e0a7c7a99e56aa986 9/en/os/i386/kernel-BOOT-2.4.20-13.9.i386.rpm 5a1e0fd284dc69896c25f8c31bea6513 9/en/os/i386/kernel-doc-2.4.20-13.9.i386.rpm 9367405b84ff5bb55cef17c879cf9ce0 9/en/os/i386/kernel-source-2.4.20-13.9.i386.rpm c0957a0fe3c04594c9b5489877a7c570 9/en/os/i586/kernel-2.4.20-13.9.i586.rpm 6d9a641dadcc0abce2584f9f92f20552 9/en/os/i586/kernel-smp-2.4.20-13.9.i586.rpm ac8410ce50e12268cc07e6dfb80a08f0 9/en/os/i686/kernel-2.4.20-13.9.i686.rpm 21ca6ca4b4d4aada6ce90dbb700145b3 9/en/os/i686/kernel-bigmem-2.4.20-13.9.i686.rpm bac56b09e64cbe6befa0f134f9c7ab53 9/en/os/i686/kernel-smp-2.4.20-13.9.i686.rpm


These packages are GPG signed by Red Hat for security. Our key is available at All Red Hat products

You can verify each package with the following command:

rpm --checksig -v

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

md5sum


Summary

References

http://marc.theaimsgroup.com/?l=bk-commits-24&m=105217616607144&w=2 703 – Security vulnerability in "ioperm" system call CVE -CVE-2003-0244 CVE -CVE-2003-0246

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2003:172-00
Issue date: 2003-05-14
Updated on: 2003-05-14
Product: Red Hat Linux
Keywords: dos
Cross references: RHSA-2003-098 RHBA-2003-135
Obsoletes: RHSA-2003-098 RHBA-2003-135

Topic

Relevant Releases Architectures

Red Hat Linux 7.1 - athlon, i386, i586, i686

Red Hat Linux 7.2 - athlon, i386, i586, i686

Red Hat Linux 7.3 - athlon, i386, i586, i686

Red Hat Linux 8.0 - athlon, i386, i586, i686

Red Hat Linux 9 - athlon, i386, i586, i686

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.