From bugzilla@redhat.com Tue Feb 4 14:54:08 2003 From: bugzilla@redhat.com To: redhat-watch-list@redhat.com, redhat-announce-list@redhat.com Date: Tue, 4 Feb 2003 13:09 -0500 Subject: [RHSA-2003:025-20] Updated 2.4 kernel fixes various vulnerabilities [ The following text is in the "iso-8859-1" character set. ] [ Your display is set for the "US-ASCII" character set. ] [ Some characters may be displayed incorrectly. ] --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated 2.4 kernel fixes various vulnerabilities Advisory ID: RHSA-2003:025-20 Issue date: 2003-01-24 Updated on: 2003-02-03 Product: Red Hat Linux Keywords: ethernet frame padding O_DIRECT Cross references: Obsoletes: RHBA-2002:292 CVE Names: CAN-2003-0001 CAN-2003-0018 --------------------------------------------------------------------- 1. Topic: Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are now available that fix an information leak from several ethernet drivers, and a file system issue. 2. Relevant releases/architectures: Red Hat Linux 7.1 - athlon, i386, i586, i686 Red Hat Linux 7.2 - athlon, i386, i586, i686 Red Hat Linux 7.3 - athlon, i386, i586, i686 Red Hat Linux 8.0 - athlon, i386, i586, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. Vulnerabilities have been found in version 2.4.18 of the kernel. This advisory deals with updates to Red Hat Linux 7.1, 7.2, 7.3, and 8.0. Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0001 to this issue. A vulnerability exists in O_DIRECT handling in Linux kernels 2.4.10 and later that can create a limited information leak where any user on the system with write privileges to a file system can read information from that file system (from previously deleted files), and can create minor file system corruption (easily repaired by fsck). Red Hat Linux in its default configuration is not affected by this bug, because the ext3 file system (the default file system in Red Hat Linux 7.2 and later) does not support the O_DIRECT feature. Of the kernels Red Hat has released, only the 2.4.18 kernels have this bug. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0018 to this issue. Users of the ext2 file system can migrate to the ext3 file system using the tune2fs program as described in the white paper at http://www.redhat.com/support/wpapers/redhat/ext3/ All users of Red Hat Linux 7.1, 7.2, 7.3, and 8.0 should upgrade to these errata packages, which contain patches to ethernet drivers to remove the information leak and a patch to fix O_DIRECT handling. In addition, the following drivers are upgraded to support newer hardware: 3c59x, e100, e1000, tg3 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied, especially the additional packages from RHSA-2002:205 and RHSA-2002:206 respectively. The procedure for upgrading the kernel manually is documented at: http://www.redhat.com/support/docs/howto/kernel-upgrade/ Please read the directions for your architecture carefully before proceeding with the kernel upgrade. Please note that this update is also available via Red Hat Network. Many people find this to be an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Note that you need to select the kernel explicitly on default configurations of up2date. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 76159 - Errata kernel 2.4.18-17.8.0 fails PCI resource allocation 6. RPMs required: Red Hat Linux 7.1: SRPMS: ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm athlon: ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm i386: ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm i586: ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm i686: ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.1/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm Red Hat Linux 7.2: SRPMS: ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm athlon: ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm i386: ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm i586: ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm i686: ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.2/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm Red Hat Linux 7.3: SRPMS: ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm athlon: ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm i386: ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm i586: ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm i686: ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm ftp://updates.redhat.com/7.3/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm Red Hat Linux 8.0: SRPMS: ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.18-24.8.0.src.rpm athlon: ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.18-24.8.0.athlon.rpm ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.18-24.8.0.athlon.rpm i386: ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.18-24.8.0.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.18-24.8.0.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.18-24.8.0.i386.rpm ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.18-24.8.0.i386.rpm i586: ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.18-24.8.0.i586.rpm ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.18-24.8.0.i586.rpm i686: ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.18-24.8.0.i686.rpm ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.18-24.8.0.i686.rpm ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.18-24.8.0.i686.rpm ftp://updates.redhat.com/8.0/en/os/i686/kernel-debug-2.4.18-24.8.0.i686.rpm 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 4d0a3a9f1bcdfec8a014c5666a4c4501 7.1/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm 7179efeb266bba7aa633a01267e24e74 7.1/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm fcd9c11db5c7c02bd8ac16c12260c0e6 7.1/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm 63f1217de153ff63217515e1b016da33 7.1/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm 03a071c1c7252869382d683b1ceefa9f 7.1/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm 18dd6648f9d77d3d266e584c7c2feca4 7.1/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm 040aafbd075ad5f4041fa086a8179c80 7.1/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm 0a6684bc40e9f9f06d934dd806e182b3 7.1/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm 35e33d5b3746db33bdf747bf4a866e00 7.1/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm e0f9b4ae807dd4ee026a026f8233e977 7.1/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ef2c961e676946329d5221fda16e2846 7.1/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm 13e60edc74a4e9ae6efe396acab4eb70 7.1/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm c7b78cdeb9e72d94cfa80bbe49303241 7.1/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm 4d0a3a9f1bcdfec8a014c5666a4c4501 7.2/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm 7179efeb266bba7aa633a01267e24e74 7.2/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm fcd9c11db5c7c02bd8ac16c12260c0e6 7.2/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm 63f1217de153ff63217515e1b016da33 7.2/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm 03a071c1c7252869382d683b1ceefa9f 7.2/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm 18dd6648f9d77d3d266e584c7c2feca4 7.2/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm 040aafbd075ad5f4041fa086a8179c80 7.2/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm 0a6684bc40e9f9f06d934dd806e182b3 7.2/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm 35e33d5b3746db33bdf747bf4a866e00 7.2/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm e0f9b4ae807dd4ee026a026f8233e977 7.2/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ef2c961e676946329d5221fda16e2846 7.2/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm 13e60edc74a4e9ae6efe396acab4eb70 7.2/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm c7b78cdeb9e72d94cfa80bbe49303241 7.2/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm 4d0a3a9f1bcdfec8a014c5666a4c4501 7.3/en/os/SRPMS/kernel-2.4.18-24.7.x.src.rpm 7179efeb266bba7aa633a01267e24e74 7.3/en/os/athlon/kernel-2.4.18-24.7.x.athlon.rpm fcd9c11db5c7c02bd8ac16c12260c0e6 7.3/en/os/athlon/kernel-smp-2.4.18-24.7.x.athlon.rpm 63f1217de153ff63217515e1b016da33 7.3/en/os/i386/kernel-2.4.18-24.7.x.i386.rpm 03a071c1c7252869382d683b1ceefa9f 7.3/en/os/i386/kernel-BOOT-2.4.18-24.7.x.i386.rpm 18dd6648f9d77d3d266e584c7c2feca4 7.3/en/os/i386/kernel-doc-2.4.18-24.7.x.i386.rpm 040aafbd075ad5f4041fa086a8179c80 7.3/en/os/i386/kernel-source-2.4.18-24.7.x.i386.rpm 0a6684bc40e9f9f06d934dd806e182b3 7.3/en/os/i586/kernel-2.4.18-24.7.x.i586.rpm 35e33d5b3746db33bdf747bf4a866e00 7.3/en/os/i586/kernel-smp-2.4.18-24.7.x.i586.rpm e0f9b4ae807dd4ee026a026f8233e977 7.3/en/os/i686/kernel-2.4.18-24.7.x.i686.rpm ef2c961e676946329d5221fda16e2846 7.3/en/os/i686/kernel-bigmem-2.4.18-24.7.x.i686.rpm 13e60edc74a4e9ae6efe396acab4eb70 7.3/en/os/i686/kernel-debug-2.4.18-24.7.x.i686.rpm c7b78cdeb9e72d94cfa80bbe49303241 7.3/en/os/i686/kernel-smp-2.4.18-24.7.x.i686.rpm 3ab26ebfd1c80ba101b5b86bf5cd6421 8.0/en/os/SRPMS/kernel-2.4.18-24.8.0.src.rpm 6e12213933aac18036ecbec4e9d0b0ac 8.0/en/os/athlon/kernel-2.4.18-24.8.0.athlon.rpm 619979740d16881959d5f888aefaf195 8.0/en/os/athlon/kernel-smp-2.4.18-24.8.0.athlon.rpm 2be552e4025aba02877ca21a0bd64007 8.0/en/os/i386/kernel-2.4.18-24.8.0.i386.rpm 232613b661b5dc806647935bbab16cb0 8.0/en/os/i386/kernel-BOOT-2.4.18-24.8.0.i386.rpm b0dddbebe98c52bdeb737473319008a0 8.0/en/os/i386/kernel-doc-2.4.18-24.8.0.i386.rpm 43ffe5e9be347b2da60d83cc03d64923 8.0/en/os/i386/kernel-source-2.4.18-24.8.0.i386.rpm d69f50521cb66ce09a9cefde417e8107 8.0/en/os/i586/kernel-2.4.18-24.8.0.i586.rpm 91e3b03e57e7df41d1472b45ad151719 8.0/en/os/i586/kernel-smp-2.4.18-24.8.0.i586.rpm 5ccc7bd0668a144b91580490ae487744 8.0/en/os/i686/kernel-2.4.18-24.8.0.i686.rpm 551569c64e64b83c145dc17b08dd505b 8.0/en/os/i686/kernel-bigmem-2.4.18-24.8.0.i686.rpm 56fafedd2ee58f288327fb56eaafd884 8.0/en/os/i686/kernel-debug-2.4.18-24.8.0.i686.rpm b125aab060782242428bdafb05edab93 8.0/en/os/i686/kernel-smp-2.4.18-24.8.0.i686.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at http://www.redhat.com/about/contact/pgpkey.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://www.atstake.com/research/advisories/2003/a010603-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0018 9. Contact: The Red Hat security contact is . More contact details at http://www.redhat.com/solutions/security/news/contact.html Copyright 2003 Red Hat, Inc.