[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : Errata Alert: Updated kernel packages fix security

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:

Security Advisory - RHSA-2004:413-07
Updated kernel packages fix security vulnerabilities

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

The Linux kernel handles the basic functions of the operating system.

Paul Starzetz discovered flaws in the Linux kernel when handling file
offset pointers.  These consist of invalid conversions of 64 to 32-bit file
offset pointers and possible race conditions.  A local unprivileged user
could make use of these flaws to access large portions of kernel memory. 
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0415 to this issue.  

These packages contain a patch written by Al Viro to correct these flaws. 
Red Hat would like to thank iSEC Security Research for disclosing this
issue and a number of vendor-sec participants for reviewing and working on
the patch to this issue.

In addition, these packages correct a number of minor security issues:

An bug in the e1000 network driver.  This bug could be used by local users
to leak small amounts of kernel memory (CAN-2004-0535).

A bug in the SoundBlaster 16 code which does not properly handle certain
sample sizes.  This flaw could be used by local users to crash a system 

A possible NULL-pointer dereference in the Linux kernel prior to 2.4.26 on
the Itanium platform could allow a local user to crash a system

Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587).

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

Taking Action
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:

     - run the Update Agent on each affected server.

Changing Notification Preferences
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

        URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.

Affected Systems List
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.

There are 28 affected systems registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).

Release   Arch       Profile Name
--------  --------   ------------
3AS       i686       pong.nac.uci.edu                        
3WS       x86_64     m33.ps.uci.edu                          
3WS       i686       montana.nac.uci.edu                     
3AS       i686       fedaykin.nac.uci.edu                    
3AS       i686       dhcp2.reshsg.uci.edu                    
3WS       x86_64     bgcluster01                             
3WS       x86_64     bgcluster02                             
3WS       x86_64     bgcluster03                             
3AS       athlon     cyclop.nac.uci.edu                      
3AS       i686       network-stats-collector-1.nacs.uci.edu  
3AS       athlon     blee.nac.uci.edu                        
3WS       athlon     carmel.nac.uci.edu                      
3AS       i686       network-stats-collector-3.nacs.uci.edu  
3WS       i686       mae2.eng.uci.edu                        
3AS       i686       bounce2.nac.uci.edu                     
3AS       i686       consrv2.nac.uci.edu                     
3AS       athlon     nomad.nac.uci.edu                       
3WS       i686       compute5.bic.uci.edu                    
3WS       i686       compute6.bic.uci.edu                    
3AS       athlon     halfdome.nac.uci.edu                    
3AS       i686       grad-ea-1.nacs.uci.edu                  
3AS       x86_64     dcs.nac.uci.edu                         
3AS       i686       seal.ps.uci.edu                         
3AS       athlon     rama.nac.uci.edu                        
3AS       i686       loki.nac.uci.edu                        
3AS       i686       esmfgw.nac.uci.edu                      
3WS       i686       silico.acs.uci.edu                      
3AS       i686       bill.ps.uci.edu                         

The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
    RHN user login:        ucidcs
    Email address on file: <dcs@hydra.acs.uci.edu>

If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:

To cancel these notices, go to: