Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
203
security advisorysecurity updatesecurity fixMageia 7 & 8: 2021-0120 Critical: Firejail Root Escalation Fix
Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, which could result in root privilege escalation. This update disables OverlayFS support in firejail (CVE-2021-26910). References: . MGASA-2021-0120 - Updated firejail package fixes a security vulnerability Publication date: 12 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0120.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-26910 Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, which could result in root privilege escalation. This update disables OverlayFS support in firejail (CVE-2021-26910). References: - https://bugs.mageia.org/show_bug.cgi?id=28322 - https://lists.debian.org/debian-security-announce/2021/msg00030.html - https://www.cve.org/CVERecord?id=CVE-2021-26910 SRPMS: - 8/core/firejail-0.9.64-1.1.mga8 - 7/core/firejail-0.9.56-2.3.mga7 . AppArmor security patch addresses root access vulnerability linked to OverlayFS. Update released on March 12, 2021.. Firejail Update, Mageia Security, OverlayFS Issue, Root Escalation. . Severity: Critical. LinuxSecurity.com Team
Mar 11, 2021
•Critical
Mageia
172
security advisoryadministrative accessKerberosUbuntu 18.04 LTS: USN-4530-1 Critical: Debian-LAN Admin Access Threat
Debian-LAN could be made to change Kerberos user passwords or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-4530-1 September 22, 2020 debian-lan-config vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Debian-LAN could be made to change Kerberos user passwords or run programs as an administrator. Software Description: - debian-lan-config: FAI config space for the Debian-LAN system Details: Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation. (CVE-2019-3467) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: debian-lan-config 0.23+deb9u1build0.18.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4530-1 CVE-2019-3467 Package Information: https://launchpad.net/ubuntu/+source/debian-lan-config/0.23+deb9u1build0.18.04.1 . Ubuntu-NET introduces vulnerabilities associated with LDAP and user privileges, necessitating essential patches for system security.. Debian-LAN, Ubuntu, security notice, privilege escalation, password management. . Severity: Critical. LinuxSecurity.com Team
Sep 22, 2020
•Critical
Ubuntu
91
security advisoryhigh severitygentooGentoo: GLSA-202007-31 High Severity: Icinga Root Privilege Escalation
Icinga installs files with insecure permissions allowing root privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Icinga: Root privilege escalation Date: July 27, 2020 Bugs: #638186 ID: 202007-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Icinga installs files with insecure permissions allowing root privilege escalation. Background ========= Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/icinga < 1.14.2 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Description ========== It was discovered that Icinga's installed files have insecure permissions, possibly allowing root privilege escalation. Impact ===== A local attacker could escalate privileges to root. Workaround ========= There is no known workaround at this time. Resolution ========= Gentoo has discontinued support for Icinga. We recommend that usersunmerge Icinga: # emerge --unmerge "net-analyzer/icinga" NOTE: The Gentoo developer(s) maintaining Icinga havediscontinued support at this time. It may be possible that a new Gentoo developer will update Icinga at a later date. The natural replacement is Icinga 2 (net-analyzer/icinga2). References ========= [ 1 ] CVE-2017-16882 https://nvd.nist.gov/vuln/detail/CVE-2017-16882 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-31 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jul 26, 2020
Gentoo
100
security advisorybuffer overflowimportantSUSE Linux Enterprise - 2018:3088-1 Important Kernel Security Update
An update that solves 12 vulnerabilities and has 43 fixes is now available. . SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3088-1 Rating: important References: #1045538 #1048185 #1050381 #1050431 #1057199 #1060245 #1064861 #1068032 #1080157 #1087081 #1092772 #1092903 #1093666 #1096547 #1098822 #1099922 #1100132 #1100705 #1102517 #1102870 #1103119 #1104481 #1104684 #1104818 #1104901 #1105100 #1105322 #1105348 #1105536 #1105723 #1106095 #1106105 #1106199 #1106202 #1106206 #1106209 #1106212 #1106369 #1106509 #1106511 #1106609 #1106886 #1106930 #1106995 #1107001 #1107064 #1107071 #1107650 #1107689 #1107735 #1107949 #1108096 #1108170 #1108823 #1108912 Cross-References: CVE-2018-10902 CVE-2018-10940 CVE-2018-12896 CVE-2018-14617 CVE-2018-14634 CVE-2018-14734 CVE-2018-15572 CVE-2018-15594 CVE-2018-16276 CVE-2018-16658 CVE-2018-6554 CVE-2018-6555 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 43 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a local attacker to exploit this vulnerability via a SUID-root binary and obtain full root privileges (bsc#1108912) - CVE-2018-14617: Prevent NULL pointerdereference and panic in hfsplus_lookup() when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bsc#1102870) - CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in yurex_read allowed local attackers to use user access read/writes to crash the kernel or potentially escalate privileges (bsc#1106095) - CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. This allowed a local user to cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922) - CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903) - CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that could have been used by local attackers to read kernel memory (bnc#1107689) - CVE-2018-6555: The irda_setsockopt function allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bnc#1106511) - CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bnc#1106509) - CVE-2018-15594: Ensure correct handling of indirect calls, to prevent attackers for conducting Spectre-v2 attacks against paravirtual guests (bsc#1105348) - CVE-2018-15572: Thespectre_v2_select_mitigation function did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517) - CVE-2018-10902: Protect against concurrent access to prevent double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A malicious local attacker could have used this for privilege escalation (bnc#1105322). - CVE-2018-14734: ucma_leave_multicast accessed a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bsc#1103119) The following non-security bugs were fixed: - ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bsc#1045538). - ALSA: fm801: propagate TUNER_ONLY bit when autodetected (bsc#1045538). - ALSA: pcm: Fix snd_pcm_hw_params struct copy in compat mode (bsc#1045538). - ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() (bsc#1045538). - ALSA: pcm: fix fifo_size frame calculation (bsc#1045538). - ALSA: snd-aoa: add of_node_put() in error path (bsc#1045538). - ALSA: usb-audio: Add sanity checks in v2 clock parsers (bsc#1045538). - ALSA: usb-audio: Add sanity checks to FE parser (bsc#1045538). - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bsc#1045538). - ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream() (bsc#1045538). - ALSA: usb-audio: Fix parameter block size for UAC2 control requests (bsc#1045538). - ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit (bsc#1045538). - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU (bsc#1045538). - ALSA: usb-audio: Set correct type for some UAC2 mixer controls (bsc#1045538). - ASoC: blackfin: Fix missing break (bsc#1045538). - Enforce module signatures if the kernel is locked down (bsc#1093666). - KVM: VMX: Work around kABI breakagein 'enum vmx_l1d_flush_state' (bsc#1106369). - KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369). - PCI: Fix TI816X class code quirk (bsc#1050431). - Refresh patches.xen/xen3-x86-l1tf-04-protect-PROT_NONE-ptes.patch (bsc#1105100). - TPM: Zero buffer whole after copying to userspace (bsc#1050381). - USB: serial: io_ti: fix NULL-deref in interrupt callback (bsc#1106609). - USB: serial: sierra: fix potential deadlock at close (bsc#1100132). - applicom: dereferencing NULL on error path (git-fixes). - ath5k: Change led pin configuration for compaq c700 laptop (bsc#1048185). - base: make module_create_drivers_dir race-free (git-fixes). - block: fix an error code in add_partition() (bsc#1106209). - btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096). - btrfs: scrub: Do not use inode pages for device replace (bsc#1107949). - dasd: Add IFCC notice message (bnc#1104481, LTC#170484). - drm/i915: Remove bogus __init annotation from DMI callbacks (bsc#1106886). - drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() (bsc#1106886). - drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() (bsc#1106886). - drm: crtc: integer overflow in drm_property_create_blob() (bsc#1106886). - fbdev: omapfb: off by one in omapfb_register_client() (bsc#1106886). - iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105). - iommu/amd: Fix the left value check of cmd buffer (bsc#1106105). - iommu/amd: Free domain id when free a domain of struct dma_ops_domain (bsc#1106105). - iommu/amd: Update Alias-DTE in update_device_table() (bsc#1106105). - iommu/vt-d: Do not over-free page table directories (bsc#1106105). - iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105). - ipv6: Regenerate host route according to node pointer upon loopback up (bsc#1100705). - ipv6: correctly add local routes when lo goes up (bsc#1100705). - ipv6:introduce ip6_rt_put() (bsc#1100705). - ipv6: reallocate addrconf router for ipv6 address when lo device up (bsc#1100705). - kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536). - mm/hugetlb: add migration/hwpoisoned entry check in hugetlb_change_protection (bnc#1107071). - mm/mempolicy.c: avoid use uninitialized preferred_node (bnc#1107064). - modsign: log module name in the event of an error (bsc#1093666). - modsign: print module name along with error message (bsc#1093666). - module: make it clear when we're handling the module copy in info-> hdr (bsc#1093666). - module: setup load info before module_sig_check() (bsc#1093666). - nbd: ratelimit error msgs after socket close (bsc#1106206). - ncpfs: return proper error from NCP_IOC_SETROOT ioctl (bsc#1106199). - perf/x86/intel: Add cpu_(prepare|starting|dying) for core_pmu (bsc#1104901). - powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes). - powerpc/fadump: Do not use hugepages when fadump is active (bsc#1092772, bsc#1107650). - powerpc/fadump: exclude memory holes while reserving memory in second kernel (bsc#1092772, bsc#1107650). - powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823). - powerpc/lib: Fix off-by-one in alternate feature patching (bsc#1064861). - powerpc/lib: Fix the feature fixup tests to actually work (bsc#1064861). - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes). - powerpc: Avoid code patching freed init sections (bnc#1107735). - powerpc: make feature-fixup tests fortify-safe (bsc#1064861). - ptrace: fix PTRACE_LISTEN race corrupting task-> state (bnc#1107001). - qlge: Fix netdev features configuration (bsc#1098822). - resource: fix integer overflow at reallocation (bsc#1045538). - rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199) - s390/ftrace: use expoline for indirect branches (bnc#1106930, LTC#171029). - s390/kernel: use expoline for indirect branches (bnc#1106930, LTC#171029). - s390/qeth: do not clobber buffer on async TX completion (bnc#1060245, LTC#170349). - s390: Correct register corruption in critical section cleanup (bnc#1106930, LTC#171029). - s390: add assembler macros for CPU alternatives (bnc#1106930, LTC#171029). - s390: detect etoken facility (bnc#1106930, LTC#171029). - s390: move expoline assembler macros to a header (bnc#1106930, LTC#171029). - s390: move spectre sysfs attribute code (bnc#1106930, LTC#171029). - s390: remove indirect branch from do_softirq_own_stack (bnc#1106930, LTC#171029). - sys: do not hold uts_sem while accessing userspace memory (bnc#1106995). - tpm: fix race condition in tpm_common_write() (bsc#1050381). - tracing/blktrace: Fix to allow setting same value (bsc#1106212). - tty: vt, fix bogus division in csi_J (git-fixes). - tty: vt, return error when con_startup fails (git-fixes). - uml: fix hostfs mknod() (bsc#1106202). - usb: audio-v2: Correct the comment for struct uac_clock_selector_descriptor (bsc#1045538). - usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547). - x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818). - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081). - x86/init: fix build with CONFIG_SWAP=n (bsc#1105723). - x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y (bsc#1106105). - x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bnc#1105536). - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536). - x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bnc#1105536). - x86/vdso: Fix vDSO build if a retpoline is emitted (git-fixes). - xen x86/speculation/l1tf: Fix off-by-oneerror when warning that system has too much RAM (bnc#1105536). - xen x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bnc#1105536). - xen, x86, l1tf: Protect PROT_NONE PTEs against speculation fixup (bnc#1104684, bnc#1104818). - xen: x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bnc#1087081). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-linux-kernel-13810=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-linux-kernel-13810=1 Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-69.36.1 kernel-rt-base-3.0.101.rt130-69.36.1 kernel-rt-devel-3.0.101.rt130-69.36.1 kernel-rt_trace-3.0.101.rt130-69.36.1 kernel-rt_trace-base-3.0.101.rt130-69.36.1 kernel-rt_trace-devel-3.0.101.rt130-69.36.1 kernel-source-rt-3.0.101.rt130-69.36.1 kernel-syms-rt-3.0.101.rt130-69.36.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-69.36.1 kernel-rt-debugsource-3.0.101.rt130-69.36.1 kernel-rt_debug-debuginfo-3.0.101.rt130-69.36.1 kernel-rt_debug-debugsource-3.0.101.rt130-69.36.1 kernel-rt_trace-debuginfo-3.0.101.rt130-69.36.1 kernel-rt_trace-debugsource-3.0.101.rt130-69.36.1 References: https://www.suse.com/security/cve/CVE-2018-10902.html https://www.suse.com/security/cve/CVE-2018-10940.html https://www.suse.com/security/cve/CVE-2018-12896.html https://www.suse.com/security/cve/CVE-2018-14617.html https://www.suse.com/security/cve/CVE-2018-14634.html https://www.suse.com/security/cve/CVE-2018-14734.html https://www.suse.com/security/cve/CVE-2018-15572.html https://www.suse.com/security/cve/CVE-2018-15594.html https://www.suse.com/security/cve/CVE-2018-16276.html https://www.suse.com/security/cve/CVE-2018-16658.html https://www.suse.com/security/cve/CVE-2018-6554.html https://www.suse.com/security/cve/CVE-2018-6555.html https://bugzilla.suse.com/1045538 https://bugzilla.suse.com/1048185 https://bugzilla.suse.com/1050381 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1057199 https://bugzilla.suse.com/1060245 https://bugzilla.suse.com/1064861 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1080157 https://bugzilla.suse.com/1087081 https://bugzilla.suse.com/1092772 https://bugzilla.suse.com/1092903 https://bugzilla.suse.com/1093666 https://bugzilla.suse.com/1096547 https://bugzilla.suse.com/1098822 https://bugzilla.suse.com/1099922 https://bugzilla.suse.com/1100132 https://bugzilla.suse.com/1100705 https://bugzilla.suse.com/1102517 https://bugzilla.suse.com/1102870 https://bugzilla.suse.com/1103119 https://bugzilla.suse.com/1104481 https://bugzilla.suse.com/1104684 https://bugzilla.suse.com/1104818 https://bugzilla.suse.com/1104901 https://bugzilla.suse.com/1105100 https://bugzilla.suse.com/1105322 https://bugzilla.suse.com/1105348 https://bugzilla.suse.com/1105536 https://bugzilla.suse.com/1105723 https://bugzilla.suse.com/1106095 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106199 https://bugzilla.suse.com/1106202 https://bugzilla.suse.com/1106206 https://bugzilla.suse.com/1106209 https://bugzilla.suse.com/1106212 https://bugzilla.suse.com/1106369 https://bugzilla.suse.com/1106509 https://bugzilla.suse.com/1106511 https://bugzilla.suse.com/1106609 https://bugzilla.suse.com/1106886 https://bugzilla.suse.com/1106930 https://bugzilla.suse.com/1106995 https://bugzilla.suse.com/1107001 https://bugzilla.suse.com/1107064 https://bugzilla.suse.com/1107071 https://bugzilla.suse.com/1107650 https://bugzilla.suse.com/1107689 https://bugzilla.suse.com/1107735 https://bugzilla.suse.com/1107949 https://bugzilla.suse.com/1108096 https://bugzilla.suse.com/1108170 https://bugzilla.suse.com/1108823 https://bugzilla.suse.com/1108912 _______________________________________________ sle-security-updates mailing list
Oct 09, 2018
•Important
SuSE
98
security advisoryRed Hat Enterprise LinuximportantRed Hat: RHSA-2007:0937-01 Critical: Root Privilege Escalation Issue
Updated kernel packages that fix a security issue in the Red Hat Enterprise Linux 4 kernel are now available. A flaw was found in the IA32 system call emulation provided on AMD64 and Intel 64 platforms. An improperly validated 64-bit value could be stored in the %RAX register, which could trigger an out-of-bounds system call table access. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). . - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2007:0937-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:0937.html Issue date: 2007-09-27 Updated on: 2007-09-27 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-4573 - ---------------------------------------------------------------------1. Summary: Updated kernel packages that fix a security issue in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. A flaw was found in the IA32 system call emulation provided on AMD64 and Intel 64 platforms. An improperly validated 64-bit value could be stored in the %RAX register, which could trigger an out-of-bounds system call table access. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). (CVE-2007-4573). Red Hat would like to thank Wojciech Purczynski for reporting thisissue. Red Hat Enterprise Linux 4 users are advised to upgrade to these packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 294541 - CVE-2007-4573 x86_64 syscall vulnerability 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: cb859192d2ca30ae6e314a12ec10b2e0 kernel-2.6.9-55.0.9.EL.src.rpm i386: 11f4fb3620c9db26a01ee9e201b81b9e kernel-2.6.9-55.0.9.EL.i686.rpm 13acd543e9b93a4e2e6b0342cdb46317 kernel-debuginfo-2.6.9-55.0.9.EL.i686.rpm fa5dd3ede554ab6547bc789c489b68a6 kernel-devel-2.6.9-55.0.9.EL.i686.rpm cedaf493c97ad8186cc5de391121d0a3 kernel-hugemem-2.6.9-55.0.9.EL.i686.rpm a43dd652f3ce0cf44ed2df468555ad1c kernel-hugemem-devel-2.6.9-55.0.9.EL.i686.rpm 7eecd01ca22989109a55a2ef85f6c58e kernel-smp-2.6.9-55.0.9.EL.i686.rpm 2595f2eeb9d64f43c5b2c23e09551792 kernel-smp-devel-2.6.9-55.0.9.EL.i686.rpm 7d14e719350a05bfd66273a58d4acc66 kernel-xenU-2.6.9-55.0.9.EL.i686.rpm 244de63bec04fd54afa0b02d4983bf63 kernel-xenU-devel-2.6.9-55.0.9.EL.i686.rpm ia64: 6042c74256317f1b5446be4be44269ac kernel-2.6.9-55.0.9.EL.ia64.rpm d2edfe7cba8f8c54050361251ff4ea5c kernel-debuginfo-2.6.9-55.0.9.EL.ia64.rpm bf466de49258197cfa00074760ea97b2 kernel-devel-2.6.9-55.0.9.EL.ia64.rpm 39b77015d5da3e3dc3964a70dda60958 kernel-largesmp-2.6.9-55.0.9.EL.ia64.rpm 07134f58da279a104ab31530ca014f0a kernel-largesmp-devel-2.6.9-55.0.9.EL.ia64.rpm noarch: 66fb704b5409c5d579bc7b89e963d223 kernel-doc-2.6.9-55.0.9.EL.noarch.rpm ppc: 14df044c43d69f7b41004cf0adf880f6 kernel-2.6.9-55.0.9.EL.ppc64.rpm 8db6893f6ea46d5caa3e20fff729132f kernel-2.6.9-55.0.9.EL.ppc64iseries.rpm 365cfb67506441887aea43587a983614 kernel-debuginfo-2.6.9-55.0.9.EL.ppc64.rpm b8e17c64195bf6072385fec0ff961600 kernel-debuginfo-2.6.9-55.0.9.EL.ppc64iseries.rpm a495534cdc55e7dc8c88e5bf5f356ce8 kernel-devel-2.6.9-55.0.9.EL.ppc64.rpm f07e9664fabe2c39017af7894a7ec932 kernel-devel-2.6.9-55.0.9.EL.ppc64iseries.rpm 61a93d4307acabafc9314bf2d1250155 kernel-largesmp-2.6.9-55.0.9.EL.ppc64.rpm 361fe4796a02e0349b837400789dd237 kernel-largesmp-devel-2.6.9-55.0.9.EL.ppc64.rpm s390: 6bce7ddc2948990a989e71c428862fae kernel-2.6.9-55.0.9.EL.s390.rpm f4250b70bab63f4bd9070651273b774c kernel-debuginfo-2.6.9-55.0.9.EL.s390.rpm b7a694b6d244bafe735ffc24ec530d1b kernel-devel-2.6.9-55.0.9.EL.s390.rpm s390x: 34322f4f6d95d39d85df44b924ceb97a kernel-2.6.9-55.0.9.EL.s390x.rpm 14d4fe225223c1edcc4f0dc47417b990 kernel-debuginfo-2.6.9-55.0.9.EL.s390x.rpm 3c405f3fef4292847a6980ecd19d8046 kernel-devel-2.6.9-55.0.9.EL.s390x.rpm x86_64: 16d74780480b0c66f77d00029010a142 kernel-2.6.9-55.0.9.EL.x86_64.rpm a6be7685fdd323fc34b93b2f8ef2bf6c kernel-debuginfo-2.6.9-55.0.9.EL.x86_64.rpm 895d92d775f74364c0432b1c5be80fd4 kernel-devel-2.6.9-55.0.9.EL.x86_64.rpm 527cb4fea0ac47ce22f08a54d374fa85 kernel-largesmp-2.6.9-55.0.9.EL.x86_64.rpm e8e39208db26245e3459e5ff981a9946 kernel-largesmp-devel-2.6.9-55.0.9.EL.x86_64.rpm a74166f4c34cf0a04ce8667c901f0b14 kernel-smp-2.6.9-55.0.9.EL.x86_64.rpm 20f489682aaa1bb614b3e742dad7bf19 kernel-smp-devel-2.6.9-55.0.9.EL.x86_64.rpm 2d1e8f1983b8f69145be9d79ba54a4c2 kernel-xenU-2.6.9-55.0.9.EL.x86_64.rpm 19ced825c4f52264467083dc2e2a1343 kernel-xenU-devel-2.6.9-55.0.9.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: cb859192d2ca30ae6e314a12ec10b2e0 kernel-2.6.9-55.0.9.EL.src.rpm i386: 11f4fb3620c9db26a01ee9e201b81b9e kernel-2.6.9-55.0.9.EL.i686.rpm 13acd543e9b93a4e2e6b0342cdb46317 kernel-debuginfo-2.6.9-55.0.9.EL.i686.rpm fa5dd3ede554ab6547bc789c489b68a6 kernel-devel-2.6.9-55.0.9.EL.i686.rpm cedaf493c97ad8186cc5de391121d0a3 kernel-hugemem-2.6.9-55.0.9.EL.i686.rpm a43dd652f3ce0cf44ed2df468555ad1c kernel-hugemem-devel-2.6.9-55.0.9.EL.i686.rpm 7eecd01ca22989109a55a2ef85f6c58e kernel-smp-2.6.9-55.0.9.EL.i686.rpm 2595f2eeb9d64f43c5b2c23e09551792 kernel-smp-devel-2.6.9-55.0.9.EL.i686.rpm 7d14e719350a05bfd66273a58d4acc66 kernel-xenU-2.6.9-55.0.9.EL.i686.rpm 244de63bec04fd54afa0b02d4983bf63 kernel-xenU-devel-2.6.9-55.0.9.EL.i686.rpm noarch: 66fb704b5409c5d579bc7b89e963d223 kernel-doc-2.6.9-55.0.9.EL.noarch.rpm x86_64: 16d74780480b0c66f77d00029010a142 kernel-2.6.9-55.0.9.EL.x86_64.rpm a6be7685fdd323fc34b93b2f8ef2bf6c kernel-debuginfo-2.6.9-55.0.9.EL.x86_64.rpm 895d92d775f74364c0432b1c5be80fd4 kernel-devel-2.6.9-55.0.9.EL.x86_64.rpm 527cb4fea0ac47ce22f08a54d374fa85 kernel-largesmp-2.6.9-55.0.9.EL.x86_64.rpm e8e39208db26245e3459e5ff981a9946 kernel-largesmp-devel-2.6.9-55.0.9.EL.x86_64.rpm a74166f4c34cf0a04ce8667c901f0b14 kernel-smp-2.6.9-55.0.9.EL.x86_64.rpm 20f489682aaa1bb614b3e742dad7bf19 kernel-smp-devel-2.6.9-55.0.9.EL.x86_64.rpm 2d1e8f1983b8f69145be9d79ba54a4c2 kernel-xenU-2.6.9-55.0.9.EL.x86_64.rpm 19ced825c4f52264467083dc2e2a1343 kernel-xenU-devel-2.6.9-55.0.9.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: cb859192d2ca30ae6e314a12ec10b2e0 kernel-2.6.9-55.0.9.EL.src.rpm i386: 11f4fb3620c9db26a01ee9e201b81b9e kernel-2.6.9-55.0.9.EL.i686.rpm 13acd543e9b93a4e2e6b0342cdb46317 kernel-debuginfo-2.6.9-55.0.9.EL.i686.rpm fa5dd3ede554ab6547bc789c489b68a6 kernel-devel-2.6.9-55.0.9.EL.i686.rpm cedaf493c97ad8186cc5de391121d0a3 kernel-hugemem-2.6.9-55.0.9.EL.i686.rpm a43dd652f3ce0cf44ed2df468555ad1c kernel-hugemem-devel-2.6.9-55.0.9.EL.i686.rpm 7eecd01ca22989109a55a2ef85f6c58e kernel-smp-2.6.9-55.0.9.EL.i686.rpm 2595f2eeb9d64f43c5b2c23e09551792 kernel-smp-devel-2.6.9-55.0.9.EL.i686.rpm 7d14e719350a05bfd66273a58d4acc66 kernel-xenU-2.6.9-55.0.9.EL.i686.rpm 244de63bec04fd54afa0b02d4983bf63 kernel-xenU-devel-2.6.9-55.0.9.EL.i686.rpm ia64: 6042c74256317f1b5446be4be44269ac kernel-2.6.9-55.0.9.EL.ia64.rpm d2edfe7cba8f8c54050361251ff4ea5c kernel-debuginfo-2.6.9-55.0.9.EL.ia64.rpm bf466de49258197cfa00074760ea97b2 kernel-devel-2.6.9-55.0.9.EL.ia64.rpm 39b77015d5da3e3dc3964a70dda60958 kernel-largesmp-2.6.9-55.0.9.EL.ia64.rpm 07134f58da279a104ab31530ca014f0a kernel-largesmp-devel-2.6.9-55.0.9.EL.ia64.rpm noarch: 66fb704b5409c5d579bc7b89e963d223 kernel-doc-2.6.9-55.0.9.EL.noarch.rpm x86_64: 16d74780480b0c66f77d00029010a142 kernel-2.6.9-55.0.9.EL.x86_64.rpm a6be7685fdd323fc34b93b2f8ef2bf6c kernel-debuginfo-2.6.9-55.0.9.EL.x86_64.rpm 895d92d775f74364c0432b1c5be80fd4 kernel-devel-2.6.9-55.0.9.EL.x86_64.rpm 527cb4fea0ac47ce22f08a54d374fa85 kernel-largesmp-2.6.9-55.0.9.EL.x86_64.rpm e8e39208db26245e3459e5ff981a9946 kernel-largesmp-devel-2.6.9-55.0.9.EL.x86_64.rpm a74166f4c34cf0a04ce8667c901f0b14 kernel-smp-2.6.9-55.0.9.EL.x86_64.rpm 20f489682aaa1bb614b3e742dad7bf19 kernel-smp-devel-2.6.9-55.0.9.EL.x86_64.rpm 2d1e8f1983b8f69145be9d79ba54a4c2 kernel-xenU-2.6.9-55.0.9.EL.x86_64.rpm 19ced825c4f52264467083dc2e2a1343 kernel-xenU-devel-2.6.9-55.0.9.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: cb859192d2ca30ae6e314a12ec10b2e0 kernel-2.6.9-55.0.9.EL.src.rpm i386: 11f4fb3620c9db26a01ee9e201b81b9e kernel-2.6.9-55.0.9.EL.i686.rpm 13acd543e9b93a4e2e6b0342cdb46317 kernel-debuginfo-2.6.9-55.0.9.EL.i686.rpm fa5dd3ede554ab6547bc789c489b68a6 kernel-devel-2.6.9-55.0.9.EL.i686.rpm cedaf493c97ad8186cc5de391121d0a3 kernel-hugemem-2.6.9-55.0.9.EL.i686.rpm a43dd652f3ce0cf44ed2df468555ad1c kernel-hugemem-devel-2.6.9-55.0.9.EL.i686.rpm 7eecd01ca22989109a55a2ef85f6c58e kernel-smp-2.6.9-55.0.9.EL.i686.rpm 2595f2eeb9d64f43c5b2c23e09551792 kernel-smp-devel-2.6.9-55.0.9.EL.i686.rpm 7d14e719350a05bfd66273a58d4acc66 kernel-xenU-2.6.9-55.0.9.EL.i686.rpm 244de63bec04fd54afa0b02d4983bf63 kernel-xenU-devel-2.6.9-55.0.9.EL.i686.rpm ia64: 6042c74256317f1b5446be4be44269ac kernel-2.6.9-55.0.9.EL.ia64.rpm d2edfe7cba8f8c54050361251ff4ea5c kernel-debuginfo-2.6.9-55.0.9.EL.ia64.rpm bf466de49258197cfa00074760ea97b2 kernel-devel-2.6.9-55.0.9.EL.ia64.rpm 39b77015d5da3e3dc3964a70dda60958 kernel-largesmp-2.6.9-55.0.9.EL.ia64.rpm 07134f58da279a104ab31530ca014f0a kernel-largesmp-devel-2.6.9-55.0.9.EL.ia64.rpm noarch: 66fb704b5409c5d579bc7b89e963d223 kernel-doc-2.6.9-55.0.9.EL.noarch.rpm x86_64: 16d74780480b0c66f77d00029010a142 kernel-2.6.9-55.0.9.EL.x86_64.rpm a6be7685fdd323fc34b93b2f8ef2bf6c kernel-debuginfo-2.6.9-55.0.9.EL.x86_64.rpm 895d92d775f74364c0432b1c5be80fd4 kernel-devel-2.6.9-55.0.9.EL.x86_64.rpm 527cb4fea0ac47ce22f08a54d374fa85 kernel-largesmp-2.6.9-55.0.9.EL.x86_64.rpm e8e39208db26245e3459e5ff981a9946 kernel-largesmp-devel-2.6.9-55.0.9.EL.x86_64.rpm a74166f4c34cf0a04ce8667c901f0b14 kernel-smp-2.6.9-55.0.9.EL.x86_64.rpm 20f489682aaa1bb614b3e742dad7bf19 kernel-smp-devel-2.6.9-55.0.9.EL.x86_64.rpm 2d1e8f1983b8f69145be9d79ba54a4c2 kernel-xenU-2.6.9-55.0.9.EL.x86_64.rpm 19ced825c4f52264467083dc2e2a1343 kernel-xenU-devel-2.6.9-55.0.9.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-4573 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . Critical kernel security patch available for Red Hat Enterprise Linux. Addresses a root privilege escalation vulnerability.. Kernel Update, Red Hat Enterprise Linux, Security Exposure, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team
Sep 27, 2007
•Important
Red Hat
99
security advisorySlackwarelocal access issueSlackware: 2005-251-01 Critical: Kcheckpass Local Access Flaw
New kdebase packages are available for Slackware 10.0, 10.1, and -current to fix a security issue with the kcheckpass program. Earlier versions of Slackware are not affected. A flaw in the way the program creates lockfiles could allow a local attacker to gain root privileges. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kcheckpass in kdebase (SSA:2005-251-01) New kdebase packages are available for Slackware 10.0, 10.1, and -current to fix a security issue with the kcheckpass program. Earlier versions of Slackware are not affected. A flaw in the way the program creates lockfiles could allow a local attacker to gain root privileges. For more details about the issue, see: https://kde.org/info/security/advisory-20050905-1.txt https://www.cve.org/CVERecord?id=CAN-2005-2494 Here are the details from the Slackware 10.1 ChangeLog: +--------------------------+ patches/packages/kdebase-3.3.2-i486-2.tgz: Patched a security bug in kcheckpass that could allow a local user to gain root privileges. For more information, see: https://kde.org/info/security/advisory-20050905-1.txt https://www.cve.org/CVERecord?id=CAN-2005-2494 (* Security fix *) +--------------------------+ Where to find the new package: +----------------------------+ Updated package for Slackware 10.0: Updated package for Slackware 10.1: Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 10.0 package: 89cbad3536bbfba273b2ae77a097ce89 kdebase-3.2.3-i486-3.tgz Slackware 10.1 package: 6d2d8c96dc1f5b209b5eb35425ae7952 kdebase-3.3.2-i486-2.tgz Slackware -current package: 8b7066a01eb25a8b846d2ac9a5de85e2 kdebase-3.4.2-i486-2.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg kdebase-3.3.2-i486-2.tgz +-----+ . Notice for Slackware kdebase resolves kcheckpass lockfile vulnerability enabling local root escalation. Implement the fix immediately!. kdebase, Slackware security, kcheckpass update, local privilege escalation.. Severity: Critical. LinuxSecurity.com Team
Sep 08, 2005
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!