Slackware alert: Kernel security update (SSA:2004-049-01)

Posted by dave on Feb 18, 2004 3:37 AM EDT
Mailing list
Mail this story
Print this story

New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] Kernel security update (SSA:2004-049-01)

New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January.

The kernels in Slackware 8.1 and 9.0 that were updated in January are not vulnerable to this new issue because the patch from Solar Designer that was used to fix the CAN-2003-0985 bugs also happened to fix the problem that was discovered later.

Sites running Slackware 9.1 or -current should upgrade to a new kernel. After installing the new kernel, be sure to run 'lilo'.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077

Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Feb 18 03:44:42 PST 2004 patches/kernels/: Recompiled to fix another bounds-checking error in the kernel mremap() code. (this is not the same issue that was fixed on Jan 6) This bug could be used by a local attacker to gain root privileges. Sites should upgrade to a new kernel. After installing the new kernel, be sure to run 'lilo'. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077 Thanks to Paul Starzetz for finding and researching this issue. (* Security fix *) patches/packages/kernel-ide-2.4.24-i486-2.tgz: Patched, recompiled. (* Security fix *) patches/packages/kernel-source-2.4.24-noarch-2.tgz: Patched the kernel source with a fix for the mremap() problem from Solar Designer, and updated the Speakup driver (not pre-applied). (* Security fix *) +--------------------------+

WHERE TO FIND THE NEW PACKAGES: +-----------------------------+

Updated packages for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.24-i486-2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.24-noarch-2.tgz

An alternate kernel may be installed. Those are found in this directory: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/

Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.24-i486-2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.24-noarch-2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-current/bootdisks/ ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/

MD5 SIGNATURES: +-------------+

MD5 signatures may be downloaded from our FTP server:

Slackware 9.1 packages: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/CHECKSUMS.md5

To verify authenticity, this file has been signed with the Slackware GPG key (use 'gpg --verify'):

ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/CHECKSUMS.md5.asc

Slackware -current packages: ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5 ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5.asc

INSTALLATION INSTRUCTIONS: +------------------------+

Use upgradepkg to install the new kernel package. After installing the kernel-ide package you will need to run lilo ('lilo' at a command prompt) or create a new system boot disk ('makebootdisk'), and reboot.

If desired, a kernel from the kernels/ directory may be used instead. For example, to use the kernel in kernels/scsi.s/, you would copy it to the boot directory like this:

cd kernels/scsi.s cp bzImage /boot/vmlinuz-scsi.s-2.4.24

Create a symbolic link: ln -sf /boot/vmlinuz-scsi.s-2.4.24 /boot/vmlinuz

Then, run 'lilo' or create a new system boot disk and reboot.

+-----+

Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

+------------------------------------------------------------------------+ | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! | +------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAM1gqakRjwEAQIjMRAsidAJwO3KmM+Jtccw5zPLovpCcnpxqH3ACbBJy6 kzvkk6HtdbiQ1o2hjlOiUlI= =ydJs -----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.