Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
98
security advisoryRed HatDoSRed Hat Linux 7.x: RHSA-2003:187-01 Critical DoS And Driver Issues
Several security issues have been found that affect the Linux kernel. This update also fixes some driver issues.. ` --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated 2.4 kernel fixes vulnerabilities and driver bugs Advisory ID: RHSA-2003:187-01 Issue date: 2003-05-22 Updated on: 2003-06-03 Product: Red Hat Linux Keywords: DoS Cross references: Obsoletes: RHSA-2003:098 RHBA-2003:135 RHSA-2003:172 CVE Names: CAN-2003-0247 CAN-2003-0248 CAN-2003-0364 --------------------------------------------------------------------- 1. Topic: Updated kernel packages are now available that contain fixes for security vulnerabilities as well as fixes for bugs in the audigy, cmd640 IDE, and USB drivers. 2. Relevant releases/architectures: Red Hat Linux 7.1 - athlon, i386, i586, i686 Red Hat Linux 7.2 - athlon, i386, i586, i686 Red Hat Linux 7.3 - athlon, i386, i586, i686 Red Hat Linux 8.0 - athlon, i386, i586, i686 Red Hat Linux 9 - athlon, i386, i586, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. Several security issues have been found that affect the Linux kernel: Al Viro found a security issue in the tty layer whereby any user could cause a kernel oops. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0247 to this issue. Andrea Arcangeli found an issue in the low-level mxcsr code in which a malformed address would leave garbage in cpu state registers. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0248 to this issue. The TCP/IP fragment reassembly handling allows remote attackers to cause a denial of service (CPU consumption) via packets that cause a large number of hash table collisions, a vulnerability similar to CAN-2003-0244. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the nameCAN-2003-0364 to this issue. It is recommended that users upgrade to these erratum kernels, which contain patches to correct these vulnerabilities. In addition, these kernels fix a number of bugs: Driver bugs fixes are included for the Silicon Image IDE driver, the USB ohci driver, the Audigy driver, and the driver for the Olympus Camedia digital camera. A fix written by Andrew Morton is included to address a system stall caused by file I/O in rare cases. An updated fix corrects some bugs in the ptrace security fix for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. Note that these bugs were functionality limitations, not additional security vulnerabilities. Updated fixes for the ioperm security issue are also included. A potential data corruption scenario has been identified. This scenario can occur under heavy, complex I/O loads. The scenario only occurs while performing memory mapped file I/O, where the file is simultaneously unlinked and the corresponding file blocks reallocated. Furthermore, the memory mapped writes must be to a partial page at the end of a file on an ext3 file system. As such, Red Hat considers this an unlikely scenario. Red Hat Linux kernel erratum RHSA-2003:172 exposed a bug in the quota packages for Red Hat Linux 7.1, 7.2 and 7.3; a fixed quota package is also included in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To use Red Hat Network to upgrade the kernel, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly if you are using the default configuration of up2date. To install kernel packages manually, use "rpm -ivh " and modify system settings to boot the kernel you have installed. To do this, edit /boot/grub/grub.conf and change the default entry to "default=0" (or, if you have chosen to use LILO as yourboot loader, edit /etc/lilo.conf and run lilo) Do not use "rpm -Uvh" as that will remove your running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bug IDs fixed ( for more info): 91432 - quota-3.03-1 doesn't initialize after applying the latest kernel update, that is 2.4.20-13.7 90939 - Quotas problem with new kernel 2.4.20-13.7 72604 - USB patch to allow Olympus digital cameras to work 91650 - jfs without debug 91585 - ioperm security fix is flawed, still uses uninitialized memory 91580 - no pcmcia found 91561 - kernel 2.4.20-13.7 drops pcmcia support on Toshiba 8100 laptop 91489 - Faulty SB Audigy drivers in kernel 2.4.20-13.9? 91248 - pcmcia subsystem startup failes to load pcmcia modules 91112 - Kernel upgrade 2.4.20-13.7 kills pcmcia 91099 - line 84 config.in in /linux-2.4.20-13.9/drivers/net/wan is incorrect 90985 - quotas fail with kernel-2.4.20-13.7 90982 - audigy oops in rhl8.0 kernel errata 90979 - SoundBlaster Audigy Oops with 2.4.20-13.8 kernel 90936 - New kernel errata removes /lib/modules/`uname -r`/pcmcia symlinks which breaks this package 90922 - Bad: PCMCIA unrecognized after upgrade to kernel 2.4.20-13.7 90920 - pcmcia init script no longer works with 2.4.20-13.7 90890 - kernel-2.4.20-13.9 breaks Soundcard, Mozilla, ETH0 6. RPMs required: Red Hat Linux 7.1: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.2: SRPMS: athlon: i386: i586: i686: Red Hat Linux 7.3: SRPMS: athlon: i386: i586: i686: Red Hat Linux 8.0: SRPMS: athlon: i386: i586: i686: Red Hat Linux 9: SRPMS: athlon: i386: i586: i686: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- c82f56812527104e74c697824af1ac73 7.1/en/os/SRPMS/kernel-2.4.20-18.7.src.rpm 2846936e75a817d3780da62451c09c56 7.1/en/os/SRPMS/quota-3.06-9.71.src.rpm 7681a5d0f9498bf6b26ee90a45269aff 7.1/en/os/athlon/kernel-2.4.20-18.7.athlon.rpm 6a267cab0213dbc7df5218b83c74e809 7.1/en/os/athlon/kernel-smp-2.4.20-18.7.athlon.rpm 0d84746b58a0440c9b13a5428c38367e 7.1/en/os/i386/kernel-2.4.20-18.7.i386.rpm 87f59bb0acb3d7a6475830a17c16eaa2 7.1/en/os/i386/kernel-BOOT-2.4.20-18.7.i386.rpm 356bb8fd1f5ac3ca2af8aa51e6fd2051 7.1/en/os/i386/kernel-doc-2.4.20-18.7.i386.rpm a94c4a9e7e17ef5624e9be24d0359af3 7.1/en/os/i386/kernel-source-2.4.20-18.7.i386.rpm 2a2c696d179b30acb490508ee57518e5 7.1/en/os/i386/quota-3.06-9.71.i386.rpm 040d0ceb9752d2be91136ea600400388 7.1/en/os/i586/kernel-2.4.20-18.7.i586.rpm a68072f1a88c16cc1fe18ecb0a30d4d1 7.1/en/os/i586/kernel-smp-2.4.20-18.7.i586.rpm f074b41ecede502a15306ebf3afdd5a4 7.1/en/os/i686/kernel-2.4.20-18.7.i686.rpm f6acd4f21af98ae692ca0ca53ef590f2 7.1/en/os/i686/kernel-bigmem-2.4.20-18.7.i686.rpm 39fc8a07d3dd636629da6775b69ee063 7.1/en/os/i686/kernel-smp-2.4.20-18.7.i686.rpm c82f56812527104e74c697824af1ac73 7.2/en/os/SRPMS/kernel-2.4.20-18.7.src.rpm 041ab80f63c9ab1c808414655bc65432 7.2/en/os/SRPMS/quota-3.06-9.7.src.rpm 7681a5d0f9498bf6b26ee90a45269aff 7.2/en/os/athlon/kernel-2.4.20-18.7.athlon.rpm 6a267cab0213dbc7df5218b83c74e809 7.2/en/os/athlon/kernel-smp-2.4.20-18.7.athlon.rpm 0d84746b58a0440c9b13a5428c38367e 7.2/en/os/i386/kernel-2.4.20-18.7.i386.rpm 87f59bb0acb3d7a6475830a17c16eaa2 7.2/en/os/i386/kernel-BOOT-2.4.20-18.7.i386.rpm 356bb8fd1f5ac3ca2af8aa51e6fd2051 7.2/en/os/i386/kernel-doc-2.4.20-18.7.i386.rpm a94c4a9e7e17ef5624e9be24d0359af3 7.2/en/os/i386/kernel-source-2.4.20-18.7.i386.rpm a20126b952697b5ea5ba614b5fc2dbc3 7.2/en/os/i386/quota-3.06-9.7.i386.rpm 040d0ceb9752d2be91136ea600400388 7.2/en/os/i586/kernel-2.4.20-18.7.i586.rpm a68072f1a88c16cc1fe18ecb0a30d4d17.2/en/os/i586/kernel-smp-2.4.20-18.7.i586.rpm f074b41ecede502a15306ebf3afdd5a4 7.2/en/os/i686/kernel-2.4.20-18.7.i686.rpm f6acd4f21af98ae692ca0ca53ef590f2 7.2/en/os/i686/kernel-bigmem-2.4.20-18.7.i686.rpm 39fc8a07d3dd636629da6775b69ee063 7.2/en/os/i686/kernel-smp-2.4.20-18.7.i686.rpm c82f56812527104e74c697824af1ac73 7.3/en/os/SRPMS/kernel-2.4.20-18.7.src.rpm 041ab80f63c9ab1c808414655bc65432 7.3/en/os/SRPMS/quota-3.06-9.7.src.rpm 7681a5d0f9498bf6b26ee90a45269aff 7.3/en/os/athlon/kernel-2.4.20-18.7.athlon.rpm 6a267cab0213dbc7df5218b83c74e809 7.3/en/os/athlon/kernel-smp-2.4.20-18.7.athlon.rpm 0d84746b58a0440c9b13a5428c38367e 7.3/en/os/i386/kernel-2.4.20-18.7.i386.rpm 87f59bb0acb3d7a6475830a17c16eaa2 7.3/en/os/i386/kernel-BOOT-2.4.20-18.7.i386.rpm 356bb8fd1f5ac3ca2af8aa51e6fd2051 7.3/en/os/i386/kernel-doc-2.4.20-18.7.i386.rpm a94c4a9e7e17ef5624e9be24d0359af3 7.3/en/os/i386/kernel-source-2.4.20-18.7.i386.rpm a20126b952697b5ea5ba614b5fc2dbc3 7.3/en/os/i386/quota-3.06-9.7.i386.rpm 040d0ceb9752d2be91136ea600400388 7.3/en/os/i586/kernel-2.4.20-18.7.i586.rpm a68072f1a88c16cc1fe18ecb0a30d4d1 7.3/en/os/i586/kernel-smp-2.4.20-18.7.i586.rpm f074b41ecede502a15306ebf3afdd5a4 7.3/en/os/i686/kernel-2.4.20-18.7.i686.rpm f6acd4f21af98ae692ca0ca53ef590f2 7.3/en/os/i686/kernel-bigmem-2.4.20-18.7.i686.rpm 39fc8a07d3dd636629da6775b69ee063 7.3/en/os/i686/kernel-smp-2.4.20-18.7.i686.rpm 2a683e3a5fdd1c256f569575db838c56 8.0/en/os/SRPMS/kernel-2.4.20-18.8.src.rpm d28682bcca89100d2b1f1e7d541ad374 8.0/en/os/athlon/kernel-2.4.20-18.8.athlon.rpm 7d2f1d08d3d6599e6a5946521a278986 8.0/en/os/athlon/kernel-smp-2.4.20-18.8.athlon.rpm 782adf3197f3fea6597d604f5f094ec7 8.0/en/os/i386/kernel-2.4.20-18.8.i386.rpm 29dac8f60ee2a1a4006f9359ed3c6017 8.0/en/os/i386/kernel-BOOT-2.4.20-18.8.i386.rpm d8c695a172e6230402876a8924210b08 8.0/en/os/i386/kernel-doc-2.4.20-18.8.i386.rpm 8ee44c17fa3cd00441378675e47fba02 8.0/en/os/i386/kernel-source-2.4.20-18.8.i386.rpm 0ac54f19c74a9011a0aacd54c33cf2cf8.0/en/os/i586/kernel-2.4.20-18.8.i586.rpm 6e190b9b2754bd37874d99602b00a6a7 8.0/en/os/i586/kernel-smp-2.4.20-18.8.i586.rpm 47692793117cdfa9fafdd430569a3739 8.0/en/os/i686/kernel-2.4.20-18.8.i686.rpm 3018e4d29d255cfe8c8f32a4aaed044c 8.0/en/os/i686/kernel-bigmem-2.4.20-18.8.i686.rpm e06aac3bfaafbc2c167dc8281ae9379b 8.0/en/os/i686/kernel-smp-2.4.20-18.8.i686.rpm 1fa4951227acbf5eafe81a1b24b38997 9/en/os/SRPMS/kernel-2.4.20-18.9.src.rpm 059647419aa13dae133a5903f42a5e98 9/en/os/athlon/kernel-2.4.20-18.9.athlon.rpm 49f0696aac0f1ce33b6f5f3192f272e8 9/en/os/athlon/kernel-smp-2.4.20-18.9.athlon.rpm 353f255cee3a920303d36cdd8fd0b576 9/en/os/i386/kernel-2.4.20-18.9.i386.rpm ab6dc3aef544abd4dbb211a556969f6b 9/en/os/i386/kernel-BOOT-2.4.20-18.9.i386.rpm 9e0efa8c2bc28306c426eec4b4bbd538 9/en/os/i386/kernel-doc-2.4.20-18.9.i386.rpm f47a7e87a44f4f8b1c810cecea6e14bf 9/en/os/i386/kernel-source-2.4.20-18.9.i386.rpm a03ecef3fc7be61fd5bac7dec7c6e8f8 9/en/os/i586/kernel-2.4.20-18.9.i586.rpm 8d8224a7476ca2cea4715bdd11501d36 9/en/os/i586/kernel-smp-2.4.20-18.9.i586.rpm 3a25931ea51efc6f79d672bb1243f166 9/en/os/i686/kernel-2.4.20-18.9.i686.rpm dc36d66e123ab19fa5a83064b8cb9aa9 9/en/os/i686/kernel-bigmem-2.4.20-18.9.i686.rpm 1687b82fd84c28bdd321edd5e7a48cac 9/en/os/i686/kernel-smp-2.4.20-18.9.i686.rpm These packages are GPG signed by Red Hat for security. Our key is available at All Red Hat products You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: CVE -CVE-2003-0247 CVE -CVE-2003-0248 CVE -CVE-2003-0364 9. Contact: The Red Hat security contact is . More contact details at All Red Hat products Copyright 2003 Red Hat, Inc. _______________________________________________ Red Hat-watch-list mailing list To unsubscribe, visit: Hat-watch-list `. The new Fedora 34 kernel release includes updates addressingsecurity flaws and driver issues, enhancing overall stability and functionality for users.. Red Hat Kernel Update, Linux Fixes, Security Updates. . Severity: Critical. LinuxSecurity.com Team
Jun 03, 2003
•Critical
Red Hat
98
security advisoryRed Hat Linuxmoderate severityRed Hat Linux 7.3 RHSA-2002:158-09 moderate: Kernel i810 Issues
This kernel update also fixes a difficult to trigger race inthe dcache (filesystem cache) code, as well as some potential securityholes, although we are not currently aware of any exploits.. --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: New kernel update available, fixes i810 video oops, several security issues Advisory ID: RHSA-2002:158-09 Issue date: 2002-07-26 Updated on: 2002-08-20 Product: Red Hat Linux Keywords: Cross references: Obsoletes: RHBA-2002:110 --------------------------------------------------------------------- 1. Topic: Updated kernel packages are now available which fix an oops in the i810 3D kernel code. This kernel update also fixes a difficult to trigger race in the dcache (filesystem cache) code, as well as some potential security holes, although we are not currently aware of any exploits. 2. Relevant releases/architectures: Red Hat Linux 7.3 - athlon, i386, i586, i686 3. Problem description: The 2.4.18-5 kernel introduced some safety checks in the VM subsystem that were triggered when exiting an X session while using 3D acceleration with the Intel i810/i815 chipset. Additionally, there was a difficult to trigger race in the dcache of the file system subsystem. This kernel update addresses both of these issues. In addition, there are fixes for potential security holes in the following drivers: stradis rio500 se401 usbvideo apm Finally, this kernel fixes a few files in the /proc file system which had the capability to expose kernel memory when abused. All of the security issues found during an audit and none of them, at the time of this writing, have any known exploits. We would like to thank Silvio Cesare, Stas Sergeev, Andi Kleen, Solar Designer, and others for their auditing work. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Theprocedure for upgrading the kernel manually is documented at: Support Please read the directions for your architecture carefully before proceeding with the kernel upgrade. Please note that this update is also available via Red Hat Network. Many people find this to be an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly on default configurations of up2date. 5. RPMs required: Red Hat Linux 7.3: SRPMS: athlon: i386: i586: i686: 6. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 4473420c7f9bf2b9c83e6c1ec69f597f 7.3/en/os/SRPMS/kernel-2.4.18-10.src.rpm 1b836ea01aa4aef62cc3c185e8547952 7.3/en/os/athlon/kernel-2.4.18-10.athlon.rpm b88c661fddd81194503be2acd168bff5 7.3/en/os/athlon/kernel-smp-2.4.18-10.athlon.rpm b2bacd0954832353ecddb507f087b338 7.3/en/os/i386/kernel-2.4.18-10.i386.rpm d105a7cc4d3e21bc9c5ace02f0b0152e 7.3/en/os/i386/kernel-BOOT-2.4.18-10.i386.rpm 91a1978068ee80c53a7500d4486b66e4 7.3/en/os/i386/kernel-doc-2.4.18-10.i386.rpm 51bc76e8c016e00aa26d798a85f53759 7.3/en/os/i386/kernel-source-2.4.18-10.i386.rpm 2cd340835d9acb309ccd61cb7581fc2d 7.3/en/os/i586/kernel-2.4.18-10.i586.rpm a0925e2445b68abe21225a4d3842c1a2 7.3/en/os/i586/kernel-smp-2.4.18-10.i586.rpm 32b3df55a27018ea85cf8ebcad6186dd 7.3/en/os/i686/kernel-2.4.18-10.i686.rpm 96df823d6e481142b446f278abb91a70 7.3/en/os/i686/kernel-bigmem-2.4.18-10.i686.rpm 2c3ac524c7da4188905a28a37acd8afd 7.3/en/os/i686/kernel-debug-2.4.18-10.i686.rpm 51ba272488114c3b61d7c0fdc63ee04b 7.3/en/os/i686/kernel-smp-2.4.18-10.i686.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 7. References: Copyright(c) 2000, 2001, 2002 Red Hat, Inc. . Kernel update addresses i810 video crashes, race in dcache, and mitigates security holes for Red Hat Linux 7.3.. Kernel Security Update, Red Hat Linux Security, Driver Vulnerabilities. . LinuxSecurity.com Team
Aug 21, 2002
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!