Oval Definition:oval:com.redhat.rhsa:def:20040689
Revision Date:2004-12-23Version:502
Title:RHSA-2004:689: kernel security update (Important)
Description:The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues:

Petr Vandrovec discovered a flaw in the 32bit emulation code affecting the Linux 2.4 kernel on the AMD64 architecture. A local attacker could use this flaw to gain privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1144 to this issue.

ISEC security research discovered multiple vulnerabilities in the IGMP functionality which was backported in the Red Hat Enterprise Linux 3 kernels. These flaws could allow a local user to cause a denial of service (crash) or potentially gain privileges. Where multicast applications are being used on a system, these flaws may also allow remote users to cause a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1137 to this issue.

ISEC security research and Georgi Guninski independantly discovered a flaw in the scm_send function in the auxiliary message layer. A local user could create a carefully crafted auxiliary message which could cause a denial of service (system hang). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1016 to this issue.

A floating point information leak was discovered in the ia64 architecture context switch code. A local user could use this flaw to read register values of other processes by setting the MFH bit. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0565 to this issue.

Kirill Korotaev found a flaw in load_elf_binary affecting kernels prior to 2.4.26. A local user could create a carefully crafted binary in such a way that it would cause a denial of service (system crash). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1234 to this issue.

These packages also fix issues in the io_edgeport driver, and a memory leak in ip_options_get.

Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
Family:unixClass:patch
Status:Reference(s):CVE-2004-0565
CVE-2004-1016
CVE-2004-1017
CVE-2004-1137
CVE-2004-1144
CVE-2004-1234
CVE-2004-1335
RHSA-2004:689-01
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux 3 is installed
  • AND Package Information
  • kernel-source is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-source is signed with Red Hat master key
  • OR
  • kernel is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel is signed with Red Hat master key
  • OR
  • kernel-doc is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-doc is signed with Red Hat master key
  • OR
  • kernel-hugemem-unsupported is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-hugemem-unsupported is signed with Red Hat master key
  • OR
  • kernel-hugemem is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-hugemem is signed with Red Hat master key
  • OR
  • kernel-BOOT is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-BOOT is signed with Red Hat master key
  • OR
  • kernel-smp-unsupported is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-smp-unsupported is signed with Red Hat master key
  • OR
  • kernel-unsupported is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-unsupported is signed with Red Hat master key
  • OR
  • kernel-smp is earlier than 0:2.4.21-27.0.1.EL
  • AND kernel-smp is signed with Red Hat master key
    • BACK