Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

If you don't have an account yet, visit the registration page to sign up.

If you already have an account, you may login here:

Today's Big Story

Zed: A Next-Gen Rust-Based Open Source Code Editor With AI

LXer Features

Linux That's Small

Encryption, Trust, and the Hidden Dangers of Vendor-Controlled Data

My Linux Mint Tribute

How I Turned My Chromebook Into A "Mintbook"

Adventures With My New Chromebook

My Linux Laptop

Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

Publish it here.

DaniWeb Linux Community
An exciting professional discussion group about software development, php, shell scripting, networking, ruby, and more.

Latest Discussions

See Activation Cube feature on Fedora 41 KDE Spin in VENV

You don't need AI to know how this goes

Should be a SNL skit

Please add https to lxer.com

Anyone remember Distrotest.net? I found a new one!

Site Menu

Other News

- LWN.net
Their weekly coverage of Linux news is unmatched in this community.

- LinuxGizmos.com
Excellent news for embedded Linux.

- LinuxQuestions.org
Discussion forums for Linux users.

LinuxQuestions.org is a friendly and active Linux Community with forums, reviews, a hardware compatibility list, a wiki, tutorials, a download site, a podcast and more.

Immunix alert: Immunix Secured OS 7+ kernel update

Posted by dave on Feb 26, 2004 11:52 AM EDT
Mailing list

Mail this story
Print this story

Paul Starzetz and Wojciech Purczynski report finding a flaw in the mremap(2) system call due to a missing function return value check. While they found the flaw on the 2.4 series of Linux kernels, the 2.2 series of Linux kernels is also vulnerable to the same problem.

-----------------------------------------------------------------------
        Immunix Secured OS Security Advisory

Packages updated:       Immunix OS 7+
Affected products:      kernel
Bugs fixed:             CAN-2004-0077
Date:                   Thu Feb 26 2004
Advisory ID:            IMNX-2004-7+-001-01
Author:                 Seth Arnold 
-----------------------------------------------------------------------

Description:
  Paul Starzetz and Wojciech Purczynski report finding a flaw in the
  mremap(2) system call due to a missing function return value check.
  While they found the flaw on the 2.4 series of Linux kernels, the 2.2
  series of Linux kernels is also vulnerable to the same problem.

  This updated package includes a patch from Solar Designer to address
  this flaw, as well as some additional uninitialized memory leaking to
  userspace fixes.

  Immunix, Inc., would like to remind Immunix OS 7+ users that support
  for 7+ will be terminated on March 1, 2004. We will be happy to host
  updated packages sent to us by users; contact the immunix-users mail
  list for further information. Users may purchase Immunix OS 7.3 at:
  http://www.immunix.com/products/immunixos/ 
  Immunix OS 7.3 includes StackGuard, FormatGuard, SubDomain, the 2.4
  version of the Linux kernel with better scalability and device
  support, and up2date. More information on Immunix OS 7.3 is at:
  http://www.immunix.org/immunix73.html

Package names and locations:
  Precompiled binary packages for Immunix 7+ are available at:
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-2.2.19-16_imnx_29.i586.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-2.2.19-16_imnx_29.i686.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-enterprise-2.2.19-16_imnx_29.i686.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-ibcs-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-pcmcia-cs-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-smp-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-smp-2.2.19-16_imnx_29.i586.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-smp-2.2.19-16_imnx_29.i686.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-source-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel-utils-2.2.19-16_imnx_29.i386.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/RPMS/kernel...[/url]

  Source packages for Immunix 7+ are available at:
  [url=http://download.immunix.org/ImmunixOS/7 /Updates/SRPMS/kernel-2.2.19-16_imnx_29.src.rpm]http://download.immunix.org/ImmunixOS/7 /Updates/SRPMS/kerne...[/url]

Immunix OS 7+ md5sums:
  c2b9a8f0ab3026491fa8fb04234208ba RPMS/kernel-2.2.19-16_imnx_29.i386.rpm
  454c4eb51de6d229c85c33900f85de84  RPMS/kernel-2.2.19-16_imnx_29.i586.rpm
  448a88fb052a9e9c1afcecbbbfddc74e  RPMS/kernel-2.2.19-16_imnx_29.i686.rpm
  4468c2dc2f6c9138d18760699128eb19  RPMS/kernel-BOOT-2.2.19-16_imnx_29.i386.rpm
  bc740f31f66f7edbb5b4d5305b61012a  RPMS/kernel-doc-2.2.19-16_imnx_29.i386.rpm
  78c7b0fa3cabf9519174611f0f9413ae  RPMS/kernel-enterprise-2.2.19-16_imnx_29.i686.rpm
  a1f34f891a53601b2ece582f8dea184d  RPMS/kernel-ibcs-2.2.19-16_imnx_29.i386.rpm
  6bc9e0872791f84f7475e4955215652a  RPMS/kernel-pcmcia-cs-2.2.19-16_imnx_29.i386.rpm
  74e32963fe41ad4a24dc0e8c00a2af2f  RPMS/kernel-smp-2.2.19-16_imnx_29.i386.rpm
  0599c5197b64db2711f71545de6db67e  RPMS/kernel-smp-2.2.19-16_imnx_29.i586.rpm
  30ba663d45fc6d7f0b4646b74ac5807b  RPMS/kernel-smp-2.2.19-16_imnx_29.i686.rpm
  0bdb57e7c70b45add66fdae520e2772a  RPMS/kernel-source-2.2.19-16_imnx_29.i386.rpm
  a7c4640d6d4a0ad2cf3cbb638bd6c35f  RPMS/kernel-utils-2.2.19-16_imnx_29.i386.rpm
  cc0d6ab4a6aec94565649bbf7a1926b8  SRPMS/kernel-2.2.19-16_imnx_29.src.rpm


GPG verification:                                                               
  Our public keys are available at http://download.immunix.org/GPG_KEY
  Immunix, Inc., has changed policy with GPG keys. We maintain several
  keys now: C53B2B53 for Immunix 7+ package signing, D3BA6C17 for
  Immunix 7.3 package signing, and 1B7456DA for general security issues.


NOTE:
  Ibiblio is graciously mirroring our updates, so if the links above are
  slow, please try:
    ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
  or one of the many mirrors available at:
    http://www.ibiblio.org/pub/Linux/MIRRORS.html

  ImmunixOS 7.3 will not be officially supported after March 31 2005.
  ImmunixOS 7+ will not be officially supported after March 1 2004.
  ImmunixOS 7.0 is no longer officially supported.
  ImmunixOS 6.2 is no longer officially supported.

Contact information:
  To report vulnerabilities, please contact security@immunix.com.
  Immunix attempts to conform to the RFP vulnerability disclosure protocol
  http://www.wiretrip.net/rfp/policy.html.

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software