[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : Errata Alert: Updated kernel packages fix security



Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
     https://rhn.redhat.com/network/errata/errata_details.pxt?eid=2230

Security Advisory - RHSA-2004:413-07
------------------------------------------------------------------------------
Summary:
Updated kernel packages fix security vulnerabilities

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

Description:
The Linux kernel handles the basic functions of the operating system.

Paul Starzetz discovered flaws in the Linux kernel when handling file
offset pointers.  These consist of invalid conversions of 64 to 32-bit file
offset pointers and possible race conditions.  A local unprivileged user
could make use of these flaws to access large portions of kernel memory. 
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0415 to this issue.  

These packages contain a patch written by Al Viro to correct these flaws. 
Red Hat would like to thank iSEC Security Research for disclosing this
issue and a number of vendor-sec participants for reviewing and working on
the patch to this issue.

In addition, these packages correct a number of minor security issues:

An bug in the e1000 network driver.  This bug could be used by local users
to leak small amounts of kernel memory (CAN-2004-0535).

A bug in the SoundBlaster 16 code which does not properly handle certain
sample sizes.  This flaw could be used by local users to crash a system 
(CAN-2004-0178).

A possible NULL-pointer dereference in the Linux kernel prior to 2.4.26 on
the Itanium platform could allow a local user to crash a system
(CAN-2004-0447).

Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587).

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:
           https://rhn.redhat.com/network/systemlist/system_list.pxt

     - run the Update Agent on each affected server.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

        URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.

There are 82 affected systems registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).

Release   Arch       Profile Name
--------  --------   ------------
3AS       i686       durian.nac.uci.edu                      
3AS       i686       mas1.nac.uci.edu                        
3AS       i686       br.nac.uci.edu                          
3AS       i686       pong.nac.uci.edu                        
3WS       x86_64     m33.ps.uci.edu                          
3WS       i686       montana.nac.uci.edu                     
3AS       i686       hydra.nac.uci.edu                       
3AS       i686       p02.es.uci.edu                          
3AS       i686       cons1.es.uci.edu                        
3AS       x86_64     mpc64.nacs.uci.edu                      
3AS       i686       sedna.nac.uci.edu                       
3AS       athlon     a06.es.uci.edu                          
3AS       athlon     a16.es.uci.edu                          
3AS       i686       fedaykin.nac.uci.edu                    
3AS       i686       clarkii.nac.uci.edu                     
3AS       i686       shibtest.nac.uci.edu                    
3AS       i686       dhcp2.reshsg.uci.edu                    
3AS       i686       mothra.nac.uci.edu                      
3AS       i686       dagobah.acs.uci.edu                     
3AS       x86_64     narg.nac.uci.edu                        
3AS       i686       iwtweb2.nac.uci.edu                     
3AS       i686       iwtweb1.nac.uci.edu                     
3AS       i686       nsp81.nac.uci.edu                       
3AS       i686       nr2d2.nac.uci.edu                       
3WS       x86_64     bgcluster01                             
3WS       x86_64     bgcluster02                             
3WS       x86_64     bgcluster03                             
3AS       i686       nebraska.nac.uci.edu                    
3AS       i686       w2kdns2.nacs.uci.edu                    
3AS       i686       w2kdns.nacs.uci.edu                     
3AS       i686       media.nacs.uci.edu                      
3AS       athlon     cyclop.nac.uci.edu                      
3AS       i686       network-stats-collector-1.nacs.uci.edu  
3AS       i686       nsp82.nac.uci.edu                       
3AS       athlon     blee.nac.uci.edu                        
3WS       athlon     carmel.nac.uci.edu                      
3AS       i686       network-stats-collector-3.nacs.uci.edu  
3AS       i686       vesta.nac.uci.edu                       
3WS       i686       mae2.eng.uci.edu                        
3AS       i686       ist-linux2.nacs.uci.edu                 
3AS       i686       bounce2.nac.uci.edu                     
3AS       i686       cpl-console.nac.uci.edu                 
3AS       x86_64     pxe.es.uci.edu                          
3AS       i686       consrv2.nac.uci.edu                     
3AS       athlon     nomad.nac.uci.edu                       
3WS       i686       compute5.bic.uci.edu                    
3WS       i686       compute6.bic.uci.edu                    
3AS       athlon     halfdome.nac.uci.edu                    
3AS       i686       p09.es.uci.edu                          
3AS       x86_64     slog.nac.uci.edu                        
3AS       x86_64     sql1.es.uci.edu                         
3AS       i686       grad-ea-1.nacs.uci.edu                  
3WS       i686       node-xeon-3                             
3WS       i686       node-xeon-4                             
3WS       i686       node-xeon-5                             
3WS       i686       node-xeon-6                             
3WS       i686       node-xeon-7                             
3WS       i686       node-xeon-8                             
3WS       i686       node-xeon-9                             
3WS       i686       node-xeon-10                            
3WS       i686       node-xeon-11                            
3WS       athlon     node-opteron-1                          
3WS       athlon     node-opteron-2                          
3WS       athlon     node-opteron-3                          
3WS       athlon     node-opteron-4                          
3WS       athlon     node-opteron-5                          
3WS       athlon     node-opteron-6                          
3WS       athlon     node-opteron-7                          
3WS       athlon     node-opteron-8                          
3AS       x86_64     dcs.nac.uci.edu                         
3AS       athlon     a14.es.uci.edu                          
3AS       i686       seal.ps.uci.edu                         
3AS       i686       relay1.es.uci.edu                       
3AS       athlon     rama.nac.uci.edu                        
3AS       athlon     a17.es.uci.edu                          
3AS       athlon     a13.es.uci.edu                          
3AS       athlon     a08.es.uci.edu                          
3AS       i686       node-xeon-2                             
3AS       i686       loki.nac.uci.edu                        
3AS       i686       esmfgw.nac.uci.edu                      
3WS       i686       silico.acs.uci.edu                      
3AS       i686       bill.ps.uci.edu                         


The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
    RHN user login:        ucinacs
    Email address on file: <root@rhn.nacs.uci.edu>

If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:
    https://rhn.redhat.com/forgot_password.pxt

To cancel these notices, go to:
    https://rhn.redhat.com/oo.pxt?uid=3145121&oid=3699264