Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » RHSA-2002:007-16-Updated 2.4 kernel available

RHSA-2002:007-16-Updated 2.4 kernel available

by Nikola Strahija on January 25th, 2002 Larry McVoy has discovered a problem in the CIPE (VPN tunnel) implementation, where a malformed packet could cause a crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0047 to this issue.


Topic:

A security vunlerability in the Linux CIPE (VPN tunnel) implementation has
been fixed.

Relevant releases/architectures:

Red Hat Linux 7.1 - alpha, alphaev6, athlon, i386, i586, i686, ia64

Red Hat Linux 7.2 - athlon, i386, i586, i686, ia64

Problem description:

Larry McVoy has discovered a problem in the CIPE (VPN tunnel)
implementation, where a malformed packet could cause a crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2002-0047 to this issue.

Andrew Griffiths has discovered a vulnerability that allows remote machines
to read random memory using a bug in the Linux ICMP implementation.
However, 2.4 kernels after version 2.4.0-test6 and 2.2 kernels after
version 2.2.18 have this bug fixed. All Red Hat Linux 2.4 kernels have this
fix are not vulnerable to this bug.

It is recommended that users running older 2.2 kernels on Red Hat Linux 6.2
or 7 upgrade to the latest available errata kernel, which includes a fix
for this problem. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-0046 to this issue.

A patch for recent 2.4 kernels is circulating to fix the bug in the Linux
ICMP implementation. Red Hat, Inc. recommends not using this patch since it
actually breaks the kernel ICMP implementation and since Red Hat Linux 2.4
kernels are not vulnerable to the bug.

In addition to the CIPE security fix, several other bugs were fixed, and
some drivers were updated:

* For Red Hat Linux 7.1: DRM/DRI (3D support) for the XFree86 erratum
RHEA-2002:010
* New aacraid driver rewritten by Alan Cox
* New DAC960 driver
* Additional Qlogic 2200 driver
* LM_Sensors driver upgrade

Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied. Red Hat Linux 7.1 users should
update the packages in the XFree86 Erratum (RHEA-2002:010).

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

Bug IDs fixed

(http://bugzilla.redhat.com/bugzilla for more info):

55476 - Kernel 2.4.9-7 crashes Dell PE2500 with aacraid on startup
55605 - kernel 2.4.9-7 constantly outputs messages to syslog about clock timer
54855 - i810 audio problem after up2date4d kernel 2.4.9-6

RPMs required:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.9-21.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/modutils-2.4.10-1.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/tux-2.2.0-1.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-smp-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-source-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-BOOT-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-headers-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/kernel-doc-2.4.9-21.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/modutils-2.4.10-1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tux-2.2.0-1.alpha.rpm

athlon:
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.9-21.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.9-21.athlon.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-headers-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/modutils-2.4.10-1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tux-2.2.0-1.i386.rpm

i586:
ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.9-21.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.9-21.i586.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-enterprise-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/kernel-debug-2.4.9-21.i686.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-smp-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-source-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-headers-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/kernel-doc-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/modutils-2.4.10-1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tux-2.2.0-1.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.9-21.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/modutils-2.4.10-1.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/tux-2.2.0-1.src.rpm

athlon:
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.9-21.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.9-21.athlon.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-headers-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.9-21.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/modutils-2.4.10-1.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/tux-2.2.0-1.i386.rpm

i586:
ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.9-21.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.9-21.i586.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-enterprise-2.4.9-21.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/kernel-debug-2.4.9-21.i686.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/kernel-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/kernel-smp-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/kernel-source-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/kernel-headers-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/kernel-doc-2.4.9-21.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/tux-2.2.0-1.ia64.rpm

References:

http://www.securityfocus.com/archive/1/251418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0047



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »