[FLSA-2006:157459-2] Updated kernel packages fix security issues

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [FLSA-2006:157459-2] Updated kernel packages fix security issues
From: Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
Date: Thu, 16 Mar 2006 19:53:07 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Mozilla Thunderbird 1.0.7-1.1.fc4 (X11/20050929)

---------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:          Updated kernel packages fix security issues
Advisory ID:       FLSA:157459-2
Issue date:        2006-03-16
Product:           Fedora Core
Keywords:          Bugfix
CVE Names:         CVE-2002-2185 CVE-2004-0791 CVE-2005-0756
                   CVE-2005-1762 CVE-2005-2553 CVE-2005-1263
                   CVE-2005-2458 CVE-2005-2490 CVE-2005-2708
                   CVE-2005-2709 CVE-2005-2973 CVE-2005-3044
                   CVE-2005-3180 CVE-2005-3275 CVE-2005-3276
                   CVE-2005-3806 CVE-2005-3857
---------------------------------------------------------------------


---------------------------------------------------------------------
1. Topic:

Updated kernel packages that fix several security issues are now
available.

The Linux kernel handles the basic functions of the operating system.

2. Relevant releases/architectures:

Fedora Core 1 - i386

3. Problem description:

These new kernel packages contain fixes for the security issues
described below:

- a flaw in network IGMP processing that a allowed a remote user on the
local network to cause a denial of service (disabling of multicast
reports) if the system is running multicast applications (CVE-2002-2185)

- a recent Internet Draft by Fernando Gont recommended that ICMP Source
Quench messages be ignored by hosts. A patch to ignore these messages is
included. (CVE-2004-0791)

- flaws in ptrace() syscall handling on AMD64 and Intel EM64T systems
that allowed a local user to cause a denial of service (crash)
(CVE-2005-0756, CVE-2005-1762, CVE-2005-2553)

- a flaw between execve() syscall handling and core dumping of
ELF-format executables allowed local unprivileged users to cause a
denial of service (system crash) or possibly gain privileges
(CVE-2005-1263)

- a flaw in gzip/zlib handling internal to the kernel that may allow a
local user to cause a denial of service (crash) (CVE-2005-2458)

- a flaw in sendmsg() syscall handling on 64-bit systems that allowed
a local user to cause a denial of service or potentially gain
privileges (CVE-2005-2490)

- a flaw in exec() handling on some 64-bit architectures that allowed
a local user to cause a denial of service (crash) (CVE-2005-2708)

- a flaw in procfs handling during unloading of modules that allowed a
local user to cause a denial of service or potentially gain privileges
(CVE-2005-2709)

- a flaw in IPv6 network UDP port hash table lookups that allowed a
local user to cause a denial of service (hang) (CVE-2005-2973)

- a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed
a local user to cause a denial of service (crash) (CVE-2005-3044)

- a network buffer info leak using the orinoco driver that allowed
a remote user to possibly view uninitialized data (CVE-2005-3180)

- a flaw in IPv4 network TCP and UDP netfilter handling that allowed
a local user to cause a denial of service (crash) (CVE-2005-3275)

- a minor info leak with the get_thread_area() syscall that allowed
a local user to view uninitialized kernel stack data (CVE-2005-3276)

- a flaw in the IPv6 flowlabel code that allowed a local user to cause a
denial of service (crash) (CVE-2005-3806)

- a flaw in file lease time-out handling that allowed a local user to
cause a denial of service (log file overflow) (CVE-2005-3857)

All users are advised to upgrade their kernels to the packages
associated with their machine architectures and configurations as listed
in this erratum.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To install kernel packages manually, use "rpm -ivh <package>" and modify
system settings to boot the kernel you have installed. To do this, edit
/boot/grub/grub.conf and change the default entry to "default=0" (or, if
you have chosen to use LILO as your boot loader, edit /etc/lilo.conf and
run lilo)

Please note that this update is also available via yum and apt.  Many
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.  This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

Note that this may not automatically pull the new kernel in if you have
configured apt/yum to ignore kernels. If so, follow the manual
instructions above.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=157459

6. RPMs required:

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/kernel-2.4.22-1.2199.8.legacy.nptl.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-BOOT-2.4.22-1.2199.8.legacy.nptl.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-doc-2.4.22-1.2199.8.legacy.nptl.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-source-2.4.22-1.2199.8.legacy.nptl.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i586.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i586.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i686.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i686.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.athlon.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.athlon.rpm

7. Verification:

SHA1 sum                                 Package Name
---------------------------------------------------------------------

5ec641496db89906ce3e587bda826b38f0e2b2b4
fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.athlon.rpm
70e345e1ff5427a4aa41fb4b72155e6ba73fcc38
fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i586.rpm
a8b7fe13256306a237f7bbbcbabd9f20223d4ed9
fedora/1/updates/i386/kernel-2.4.22-1.2199.8.legacy.nptl.i686.rpm
3917adb45e830432e875092aca7c7447eb2c8363
fedora/1/updates/i386/kernel-BOOT-2.4.22-1.2199.8.legacy.nptl.i386.rpm
337feb3c89f824fe1191cdf9332497e84effe122
fedora/1/updates/i386/kernel-doc-2.4.22-1.2199.8.legacy.nptl.i386.rpm
e015d687b7cb7ce56396d0199686e9ea182adb1e
fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.athlon.rpm
157b2e6c26d187f9706d201e60ee1ea025cbec1c
fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i586.rpm
987d9826216bdeadfdc364aaa1a8272a11a5c478
fedora/1/updates/i386/kernel-smp-2.4.22-1.2199.8.legacy.nptl.i686.rpm
4d4b7eae72326f73abb03a6833b767ab1170e3e9
fedora/1/updates/i386/kernel-source-2.4.22-1.2199.8.legacy.nptl.i386.rpm
973e0e5c1916951e9fac3dcf02999969e6da102d
fedora/1/updates/SRPMS/kernel-2.4.22-1.2199.8.legacy.nptl.src.rpm

These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3857

9. Contact:

The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------

Attachment: signature.asc
Description: OpenPGP digital signature

Prev by Date: Re: Linux zero IP ID vulnerability?
Next by Date: Microsoft Commerce Server 2002: Logon as known user with a false password
Previous by thread: [FLSA-2006:174479] Updated libungif packages fix security issues
Next by thread: Microsoft Commerce Server 2002: Logon as known user with a false password
Index(es):
- Date
- Thread