Oval Definition:oval:com.redhat.rhsa:def:20040360
Revision Date:2004-07-02Version:502
Title:RHSA-2004:360: kernel security update (Moderate)
Description:The Linux kernel handles the basic functions of the operating system.

During an audit of the Linux kernel, SUSE discovered a flaw that allowed a user to make unauthorized changes to the group ID of files in certain circumstances. In the 2.4 kernel, as shipped with Red Hat Enterprise Linux, the only way this could happen is through the kernel nfs server. A user on a system that mounted a remote file system from a vulnerable machine may be able to make unauthorized changes to the group ID of exported files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0497 to this issue.

Only Red Hat Enterprise Linux systems that are configured to share file systems via NFS are affected by this issue.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
Family:unixClass:patch
Status:Reference(s):CVE-2004-0497
RHSA-2004:360-01
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 3 is installed
  • AND Package Information
  • kernel-source is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-source is signed with Red Hat master key
  • OR
  • kernel is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel is signed with Red Hat master key
  • OR
  • kernel-doc is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-doc is signed with Red Hat master key
  • OR
  • kernel-hugemem-unsupported is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-hugemem-unsupported is signed with Red Hat master key
  • OR
  • kernel-hugemem is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-hugemem is signed with Red Hat master key
  • OR
  • kernel-BOOT is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-BOOT is signed with Red Hat master key
  • OR
  • kernel-smp-unsupported is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-smp-unsupported is signed with Red Hat master key
  • OR
  • kernel-unsupported is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-unsupported is signed with Red Hat master key
  • OR
  • kernel-smp is earlier than 0:2.4.21-15.0.3.EL
  • AND kernel-smp is signed with Red Hat master key
  • BACK