From security@linux-mandrake.com Mon Jul 21 19:58:22 2003 From: Mandrake Linux Security Team To: full-disclosure@lists.netsys.com Date: 21 Jul 2003 23:16:53 -0000 Subject: [Full-Disclosure] MDKSA-2003:066-1 - Updated kernel packages fix multiple vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Mandrake Linux Security Update Advisory ________________________________________________________________________ Package name: kernel Advisory ID: MDKSA-2003:066-1 Date: July 21st, 2003 Original Advisory Date: June 11th, 2003 Affected versions: 9.1 ________________________________________________________________________ Problem Description: Multiple vulnerabilities were discovered and fixed in the Linux kernel. * CAN-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets. * CAN-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain. * CAN-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. * CAN-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS. * CAN-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address. As well, a number of bug fixes were made in the 9.1 kernel including: * Support for more machines that did not work with APIC * Audigy2 support * New/updated modules: prims25, adiusbadsl, thinkpad, ieee1394, orinoco, via-rhine, * Fixed SiS IOAPIC * IRQ balancing has been fixed for SMP * Updates to ext3 * The previous ptrace fix has been redone to work better MandrakeSoft encourages all users to upgrade to these new kernels. Updated kernels will be available shortly for other supported platforms and architectures. For full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php. Update: These new packages fix some bugs with compiling kernels using xconfig and also fix problems with XFS ACLs not being present in the kernel. Problems with ipsec have also been corrected. A problem with gdb not working on systems where XFS was used for the root filesystem has also been corrected. They also address CAN-2003-0476: A file read race existed in the execve() system call. 9.1/PPC kernels are now also available. ________________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0476 http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2 ________________________________________________________________________ Updated Packages: Mandrake Linux 9.1: de26b46560fd8c94f198201bb8d9d64a 9.1/RPMS/kernel-2.4.21.0.24mdk-1-1mdk.i586.rpm 26aa70b3cda0ec6a01e4beba8b2dcf52 9.1/RPMS/kernel-BOOT-2.4.21.0.24mdk-1-1mdk.i586.rpm 7bb22382a913e4c68a8ecbc3bd5ab68b 9.1/RPMS/kernel-doc-2.4.21-0.24mdk.i586.rpm 0fa207b6d896878a88fb13b2dad0c47e 9.1/RPMS/kernel-enterprise-2.4.21.0.24mdk-1-1mdk.i586.rpm d5ea0fa59457a2751c48f2442e14e463 9.1/RPMS/kernel-secure-2.4.21.0.24mdk-1-1mdk.i586.rpm eef8908074ce54a62c267f313e4cb166 9.1/RPMS/kernel-smp-2.4.21.0.24mdk-1-1mdk.i586.rpm bf8b9b0db8b2d7c835730bfe083739dc 9.1/RPMS/kernel-source-2.4.21-0.24mdk.i586.rpm 7da367a51f5a0f11c642be2a6f6249d6 9.1/SRPMS/kernel-2.4.21.0.24mdk-1-1mdk.src.rpm Mandrake Linux 9.1/PPC: ee35a54f64dc5f5d4d3f3f98e77837a7 ppc/9.1/RPMS/kernel-2.4.21.0.24mdk-1-1mdk.ppc.rpm d47813ca471e45164452af47402e92eb ppc/9.1/RPMS/kernel-doc-2.4.21-0.24mdk.ppc.rpm 753c0854e112ef6d8db829279915a9bd ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.24mdk-1-1mdk.ppc.rpm 5b59c4607068150a82a353e4fee4a329 ppc/9.1/RPMS/kernel-smp-2.4.21.0.24mdk-1-1mdk.ppc.rpm 22956b70bba1abe85dc859b850a966da ppc/9.1/RPMS/kernel-source-2.4.21-0.24mdk.ppc.rpm 7da367a51f5a0f11c642be2a6f6249d6 ppc/9.1/SRPMS/kernel-2.4.21.0.24mdk-1-1mdk.src.rpm ________________________________________________________________________ Bug IDs fixed (see https://qa.mandrakesoft.com for more information): 3615 - no acls in XFS 4059 - xconfig aborts with an error 4060 - xconfig unable to disable certain options ________________________________________________________________________ To upgrade automatically, use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. A list of FTP mirrors can be obtained from: http://www.mandrakesecure.net/en/ftp.php All packages are signed by MandrakeSoft for security. You can obtain the GPG public key of the Mandrake Linux Security Team by executing: gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98 Please be aware that sometimes it takes the mirrors a few hours to update. You can view other update advisories for Mandrake Linux at: http://www.mandrakesecure.net/en/advisories/ MandrakeSoft has several security-related mailing list services that anyone can subscribe to. Information on these lists can be obtained by visiting: http://www.mandrakesecure.net/en/mlist.php If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/HHRlmqjQ0CJFipgRArpsAKDljwBrJyyCj51H4PEtrL/2bDdcCACgnXsq i/PPEbCfdX19SsIiuBPC5n0= =XjK3 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html