From marcdeslauriers@videotron.ca Thu Mar 16 19:53:27 2006 From: Marc Deslauriers To: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk Date: Thu, 16 Mar 2006 19:54:07 -0500 Subject: [Full-disclosure] [FLSA-2006:157459-4] Updated kernel packages fix security issues --------------------------------------------------------------------- Fedora Legacy Update Advisory Synopsis: Updated kernel packages fix security issues Advisory ID: FLSA:157459-4 Issue date: 2006-03-16 Product: Fedora Core Keywords: Bugfix CVE Names: CVE-2002-2185 CVE-2005-2709 CVE-2005-3044 CVE-2005-3274 CVE-2005-3356 CVE-2005-3358 CVE-2005-3527 CVE-2005-3784 CVE-2005-3805 CVE-2005-3806 CVE-2005-3807 CVE-2005-3857 CVE-2005-4605 CVE-2006-0095 CVE-2006-0454 --------------------------------------------------------------------- --------------------------------------------------------------------- 1. Topic: Updated kernel packages that fix several security issues are now available. The Linux kernel handles the basic functions of the operating system. 2. Relevant releases/architectures: Fedora Core 3 - i386, x86_64 3. Problem description: These new kernel packages contain fixes for the security issues described below: - a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185) - a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges (CVE-2005-2709) - a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed a local user to cause a denial of service (crash) (CVE-2005-3044) - a race condition in ip_vs_conn_flush that allowed a local user to cause a denial of service (CVE-2005-3274) - a flaw in mq_open system call that allowed a local user to cause a denial of service (crash) (CVE-2005-3356) - a flaw in set_mempolicy that allowed a local user on some 64-bit architectures to cause a denial of service (crash) (CVE-2005-3358) - a race condition in do_coredump in signal.c that allowed a local user to cause a denial of service (crash) (CVE-2005-3527) - a flaw in the auto-reap of child processes that allowed a local user to cause a denial of service (crash) (CVE-2005-3784) - a flaw in the POSIX timer cleanup handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3805) - a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806) - a memory leak in the VFS file lease handling that allowed a local user to cause a denial of service (CVE-2005-3807) - a flaw in file lease time-out handling that allowed a local user to cause a denial of service (log file overflow) (CVE-2005-3857) - a flaw in procfs handling that allowed a local user to read kernel memory (CVE-2005-4605) - a memory disclosure flaw in dm-crypt that allowed a local user to obtain sensitive information about a cryptographic key (CVE-2006-0095) - a flaw while constructing an ICMP response that allowed remote users to cause a denial of service (crash) (CVE-2006-0454) All users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To install kernel packages manually, use "rpm -ivh " and modify system settings to boot the kernel you have installed. To do this, edit /boot/grub/grub.conf and change the default entry to "default=0" (or, if you have chosen to use LILO as your boot loader, edit /etc/lilo.conf and run lilo) Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue: yum update or to use apt: apt-get update; apt-get upgrade This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get. Note that this may not automatically pull the new kernel in if you have configured apt/yum to ignore kernels. If so, follow the manual instructions above. 5. Bug IDs fixed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157459 6. RPMs required: Fedora Core 3: SRPM: http://download.fedoralegacy.org/fedora/3/updates/SRPMS/kernel-2.6.12-2.3.legacy_FC3.src.rpm i386: http://download.fedoralegacy.org/fedora/3/updates/i386/kernel-2.6.12-2.3.legacy_FC3.i586.rpm http://download.fedoralegacy.org/fedora/3/updates/i386/kernel-2.6.12-2.3.legacy_FC3.i686.rpm http://download.fedoralegacy.org/fedora/3/updates/i386/kernel-doc-2.6.12-2.3.legacy_FC3.noarch.rpm http://download.fedoralegacy.org/fedora/3/updates/i386/kernel-smp-2.6.12-2.3.legacy_FC3.i586.rpm http://download.fedoralegacy.org/fedora/3/updates/i386/kernel-smp-2.6.12-2.3.legacy_FC3.i686.rpm x86_64: http://download.fedoralegacy.org/fedora/3/updates/x86_64/kernel-2.6.12-2.3.legacy_FC3.x86_64.rpm http://download.fedoralegacy.org/fedora/3/updates/x86_64/kernel-doc-2.6.12-2.3.legacy_FC3.noarch.rpm http://download.fedoralegacy.org/fedora/3/updates/x86_64/kernel-smp-2.6.12-2.3.legacy_FC3.x86_64.rpm 7. Verification: SHA1 sum Package Name --------------------------------------------------------------------- b9e37d94319ce74e98aa053d9da798437b979a5e fedora/3/updates/i386/kernel-2.6.12-2.3.legacy_FC3.i586.rpm e8698e932795b5a8c9ecc97e95fab42f55d71ac9 fedora/3/updates/i386/kernel-2.6.12-2.3.legacy_FC3.i686.rpm 58e7014a387ef6e17bf9f68d26eb1242a9dab3f2 fedora/3/updates/i386/kernel-doc-2.6.12-2.3.legacy_FC3.noarch.rpm d09fb6f194558505d8d52fb22a60420cd35a06f1 fedora/3/updates/i386/kernel-smp-2.6.12-2.3.legacy_FC3.i586.rpm 640077c447f1ac5edf5e21000c916bb750006f84 fedora/3/updates/i386/kernel-smp-2.6.12-2.3.legacy_FC3.i686.rpm 3341ee0cc5e61d464a9982a5f96ec802d9121965 fedora/3/updates/x86_64/kernel-2.6.12-2.3.legacy_FC3.x86_64.rpm 58e7014a387ef6e17bf9f68d26eb1242a9dab3f2 fedora/3/updates/x86_64/kernel-doc-2.6.12-2.3.legacy_FC3.noarch.rpm ab4a29a3ec0bceda378319476b6ce46613805f90 fedora/3/updates/x86_64/kernel-smp-2.6.12-2.3.legacy_FC3.x86_64.rpm 725204fe5e8fb35b54083be1a6757cc8be43cf9d fedora/3/updates/SRPMS/kernel-2.6.12-2.3.legacy_FC3.src.rpm These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command: sha1sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3274 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3356 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3527 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4605 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0454 9. Contact: The Fedora Legacy security contact is . More project details at http://www.fedoralegacy.org --------------------------------------------------------------------- [ Part 1.2, "OpenPGP digital signature" Application/PGP-SIGNATURE ] [ 198bytes. ] [ Unable to print this part. ] [ Part 2: "Attached Text" ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/