Lucene search

K
certCERTVU:973654
HistoryJun 15, 2004 - 12:00 a.m.

Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"

2004-06-1500:00:00
www.kb.cert.org
29

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

Overview

The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts.

Description

Several versions of the Linux kernel contain a defect in their use of the Intel processor instruction set. The “fsave” and “frstor” instructions are used to store and restore the state of the processor’s floating point unit (FPU), respectively. Typically, manipulation of the FPU is handled by the compiler of a high-level programming language, but some languages allow programmers to invoke assembly instructions directly.

By using a combination of calls to fsave and frstor, it is possible to write a simple program that will force the Linux kernel into an infinite signal handling loop. When this occurs, the kernel will fail to operate properly or respond to input, causing a denial-of-service condition. Such a program does not require specialized tools or privileged system access, so it is possible for any local user to exploit this vulnerability.


Impact

This vulnerability allows local users to disable the Linux kernel on affected hosts, resulting in a denial-of-service condition.


Solution

Apply a patch from your vendor

The Systems Affected section of this document contains a list of vendors that have been notified of this issue, as well as their responses.


Vendor Information

973654

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Conectiva __ Affected

Notified: June 15, 2004 Updated: August 18, 2004

Status

Affected

Vendor Statement

`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE : kernel
SUMMARY : Fixes for kernel vulnerabilities
DATE : 2004-06-22 10:12:00
ID : CLA-2004:845
RELEVANT
RELEASES : 8, 9


DESCRIPTION
The Linux kernel is responsible for handling the basic functions of
the GNU/Linux operating system.

This announcement fixes the following vulnerabilities:

  1. Local denial of service vulnerability (CAN-2004-0554[1])

Stian Skjelstad found[2] a vulnerability[1] in the fpu controller
code that can be used by local attackers to cause a denial of service
(DoS) on the system.

  1. Local memory disclosure vulnerability (CAN-2004-0535[3])

Chris Wright found a vulnerability[3] in the Intel® PRO/1000
ethernet card driver that could allow a local attacker to read some
bytes of kernel memory.

  1. Sparse vulnerabilities (CAN-2004-0495[4])

Al Viro, by using Sparse[5] (a code inspection tool), found several
vulnerabilities which, in the worst case, might allow local attackers
to obtain root privileges.

SOLUTION
It is recommended that all Conectiva Linux users upgrade the kernel
package.

IMPORTANT: exercise caution and preparation when upgrading the
kernel, since it will require a reboot after the new packages are
installed. In particular, Conectiva Linux 9 will most likely require
an initrd file (which is automatically created in the /boot directory
after the new packages are installed). Generic kernel update
instructions can be obtained in the manuals and in our updates
page[6]. More detailed instructions are also available in Portuguese
at our Moin[7] page.

REFERENCES:
1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
2.http://marc.theaimsgroup.com/?l=linux-kernel&m=108681568931323&w=2
3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
5.http://sparse.bkbits.net:8080/sparse/
6.https://moin.conectiva.com.br/UpdatingKernelPackages
7.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html

UPDATED PACKAGES
<ftp://atualizacoes.conectiva.com.br/8/SRPMS/kernel-2.4.19-1U80_22cl.src.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/devfsd-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i586.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-BOOT-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-doc-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-enterprise-2.4.19-1U80_22cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-headers-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-rbc-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i586.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-source-2.4.19-1U80_22cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/SRPMS/kernel24-2.4.21-31301U90_16cl.src.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/devfsd-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.athlon.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i586.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.pentium4.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-BOOT-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-doc-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.athlon.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.pentium4.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-headers-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-rbc-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.athlon.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i386.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i586.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i686.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.pentium4.rpm&gt;
<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-source-2.4.21-31301U90_16cl.i386.rpm&gt;

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples
can be found at <http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en&gt;


All packages are signed with Conectiva’s GPG key. The key and instructions
on how to import it can be found at
<http://distro.conectiva.com.br/seguranca/chave/?idioma=en&gt;
Instructions on how to check the signatures of the RPM packages can be
found at <http://distro.conectiva.com.br/seguranca/politica/?idioma=en&gt;


All our advisories and generic update instructions can be viewed at
<http://distro.conectiva.com.br/atualizacoes/?idioma=en&gt;


Copyright © 2004 Conectiva Inc.
<http://www.conectiva.com>


subscribe: [email protected]
unsubscribe: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see <http://www.gnupg.org>

iD8DBQFA2DCq42jd0JmAcZARAg49AJ9sqVjI/FsSEeWfws1iPyJ0szUIPgCfZ9kw
y6YY+kD2FTucN7+WNLkZZKg=
=NSse
-----END PGP SIGNATURE-----`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Guardian Digital Inc. __ Affected

Notified: June 15, 2004 Updated: August 18, 2004

Status

Affected

Vendor Statement

`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

±-----------------------------------------------------------------------+
| Guardian Digital Security Advisory June 21, 2004 |
| <http://www.guardiandigital.com> ESA-20040621-005 |
| |
| Package: kernel |
| Summary: Several vulnerabilities. |
±-----------------------------------------------------------------------+

EnGarde Secure Linux is an enterprise class Linux platform engineered
to enable corporations to quickly and cost-effectively build a complete
and secure Internet presence while preventing Internet threats.

OVERVIEW


This update fixes several security vulnerabilities in the Linux Kernel
shipped with EnGarde Secure Linux, most notably the “fsave/frstor”
vulnerability (CAN-2004-0554) and an information leak in the e1000
driver (CAN-2004-0535).

Guardian Digital products affected by this issue include:

EnGarde Secure Community 2
EnGarde Secure Professional v1.5

It is recommended that all users apply this update as soon as possible.

SOLUTION


Guardian Digital Secure Network subscribers may automatically update
affected systems by accessing their account from within the Guardian
Digital WebTool.

To modify your GDSN account and contact preferences, please go to:

<https://www.guardiandigital.com/account/&gt;

REFERENCES


Guardian Digital’s public key:
<http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY&gt;

Official Web Site of the Linux Kernel:
<http://www.kernel.org/&gt;

Guardian Digital Advisories:
<http://infocenter.guardiandigital.com/advisories/&gt;

Security Contact: [email protected]


Author: Ryan W. Maple <[email protected]>
Copyright 2004, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA1xEMHD5cqd57fu0RAimkAJ91QQbdq0KTPMApdbuBk0W4VaHQUQCfXTgV
CEwu6/nwrjKh4msuRNWV4g0=
=plmV
-----END PGP SIGNATURE-----`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

MandrakeSoft __ Affected

Notified: June 15, 2004 Updated: August 18, 2004

Status

Affected

Vendor Statement

`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Mandrakelinux Security Update Advisory


Package name: kernel
Advisory ID: MDKSA-2004:062
Date: June 23rd, 2004

Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2


Problem Description:

A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and
earlier was discovered by Chris Wright. The e1000 driver does not
properly reset memory or restrict the maximum length of a data
structure, which can allow a local user to read portions of kernel
memory (CAN-2004-0535).

A vulnerability was also discovered in the kernel were a certain C
program would trigger a floating point exception that would crash the
kernel. This vulnerability can only be triggered locally by users with
shell access (CAN-2004-0554).


References:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535&gt;
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554&gt;
<http://www.kb.cert.org/vuls/id/973654&gt;


Updated Packages:

Mandrakelinux 10.0:
4d206822c79940210133a7480d21e3df 10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.i586.rpm
68bcd25169105b157075c49ae1afc652 10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.i586.rpm
abf8ad1259bf4f92a49e36dfcf3c9c39 10.0/RPMS/kernel-enterprise-2.4.25.6mdk-1-1mdk.i586.rpm
312e78a0c775dbb7b9cbef0d99a04fcd 10.0/RPMS/kernel-enterprise-2.6.3.14mdk-1-1mdk.i586.rpm
e488a38369863ce174eedaf556cb3b89 10.0/RPMS/kernel-i686-up-4GB-2.4.25.6mdk-1-1mdk.i586.rpm
4793fe40b2af0fdd5864f72db0615e50 10.0/RPMS/kernel-i686-up-4GB-2.6.3.14mdk-1-1mdk.i586.rpm
762657bdede72b9a35acb17b395ee1ff 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.6mdk-1-1mdk.i586.rpm
20aef99ab5994559227cbd7010d24e3a 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.14mdk-1-1mdk.i586.rpm
08196ea86336c42d850916038a6b40ba 10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.i586.rpm
98edb621bf6194742b9f4acf41ac798a 10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.i586.rpm
97b43a5beecc427cec5339f7b230937b 10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.i586.rpm
c61995bd80f09c18d644b63574830564 10.0/RPMS/kernel-source-2.4.25-6mdk.i586.rpm
a595b55173adb08a6ee525aba7a11bcf 10.0/RPMS/kernel-source-2.6.3-14mdk.i586.rpm
356ca3809548835c8d1543b1c5bd2c78 10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.i586.rpm
84c88cb9db5910bf541d69d041d146a2 10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8 10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm

Mandrakelinux 10.0/AMD64:
0bbe2751bf80eb4cd0b62d577e580c44 amd64/10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.amd64.rpm
2ed3cdb8d1d5a9da83e068c4be01f91f amd64/10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.amd64.rpm
aa4eee1b7d2e75100e9fac4f60484c2d amd64/10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.amd64.rpm
6c68464ee6a8f8e6abfd4aec1bc01c2a amd64/10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.amd64.rpm
acc109c127a3c52cf1d2e0f86834a62a amd64/10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.amd64.rpm
fdd0f9614d7fe27508319c021e83a41e amd64/10.0/RPMS/kernel-source-2.4.25-6mdk.amd64.rpm
dfc6b8544787e556a30d1165cce8bfbc amd64/10.0/RPMS/kernel-source-2.6.3-14mdk.amd64.rpm
23f827e67259b79381a9e8dd454880fa amd64/10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.amd64.rpm
84c88cb9db5910bf541d69d041d146a2 amd64/10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8 amd64/10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm

Corporate Server 2.1:
46927be757f70a59c86cdf11b3e43c92 corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.i586.rpm
d08b40244502502acadf9ba1b0e9762b corporate/2.1/RPMS/kernel-enterprise-2.4.19.41mdk-1-1mdk.i586.rpm
66749baa06773ce3942e2f770140502c corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
32a44dfa574bbbc50d316a5c8a4ef6ba corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.i586.rpm
40213434e41fefe88d20f4231a1f9734 corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm

Corporate Server 2.1/x86_64:
db88d345b01e85d2c6cfb01f1e28c3f1 x86_64/corporate/2.1/RPMS/kernel-2.4.19.42mdk-1-1mdk.x86_64.rpm
eaa43fee45b287b47e59a17206040308 x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.42mdk-1-1mdk.x86_64.rpm
88db1fa53a907a7ae59b561501053963 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.42mdk-1-1mdk.x86_64.rpm
a63ab72190d8214f8e242fe298c49a41 x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-42mdk.x86_64.rpm
b175ee4e191ff0f4098793413dd63c71 x86_64/corporate/2.1/SRPMS/kernel-2.4.19.42mdk-1-1mdk.src.rpm

Mandrakelinux 9.1:
71a8d1ae72fb050e3f4a07fcecf2f6f6 9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.i586.rpm
30998cdc47a6005198d7bff758c15fa8 9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.i586.rpm
2d50a264c7578cb525ffef5b9c6c256c 9.1/RPMS/kernel-secure-2.4.21.0.31mdk-1-1mdk.i586.rpm
d380dafaea573b0f8d135f442ac84085 9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.i586.rpm
fef500ffec1c0ec7e63daa040cea2d3e 9.1/RPMS/kernel-source-2.4.21-0.31mdk.i586.rpm
f3c09dcecb57b158e7e064b58be290fc 9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm

Mandrakelinux 9.1/PPC:
0ae9dba70be3135ed2d58b18744d5c88 ppc/9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.ppc.rpm
32c60b01cdc16a585ddd75c00f0f1b99 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.ppc.rpm
444be2eb864edc3e71de2a80ff1707c5 ppc/9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.ppc.rpm
0defa0d78d83de206b45d3e0f6f8c6b2 ppc/9.1/RPMS/kernel-source-2.4.21-0.31mdk.ppc.rpm
f3c09dcecb57b158e7e064b58be290fc ppc/9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm

Mandrakelinux 9.2:
f8d407d6b8c33d23e1869b192d86c581 9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.i586.rpm
eb13e94eb20684ac0a28d61f06f7d55b 9.2/RPMS/kernel-enterprise-2.4.22.35mdk-1-1mdk.i586.rpm
ed513e7698ee869227bb178239e4fd6b 9.2/RPMS/kernel-i686-up-4GB-2.4.22.35mdk-1-1mdk.i586.rpm
19382a345801c54d057569d4cd238457 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.35mdk-1-1mdk.i586.rpm
1eff108d820b8eaaf4aa30dc57037e38 9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.i586.rpm
554f24dd143cef8e46db249210ee6698 9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.i586.rpm
0e4a8b55bfc63b9c69bd3ffcbf36deb3 9.2/RPMS/kernel-source-2.4.22-35mdk.i586.rpm
9aada28aa2b9f835d3dc4cc30f856ca6 9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm

Mandrakelinux 9.2/AMD64:
445f0184ca8c02e0a3f915408c6e8f2c amd64/9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.amd64.rpm
dc7be7702ba82ca3e5e1c5c07ec5a7a7 amd64/9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.amd64.rpm
7249a64585c3fdb4e0c819274ffa5d6b amd64/9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.amd64.rpm
36684fff4f1d13784af9d539df01ba67 amd64/9.2/RPMS/kernel-source-2.4.22-35mdk.amd64.rpm
9aada28aa2b9f835d3dc4cc30f856ca6 amd64/9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm

Multi Network Firewall 8.2:
fdd6ea13be5777eb4ac69ae4a15149eb mnf8.2/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c mnf8.2/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

<http://www.mandrakesoft.com/security/advisories&gt;

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA2dQumqjQ0CJFipgRAvsvAJwKYoGaMGxqb9ZWhapI96NYwd9+uQCghmDy
OB/7YIx91p7173icwYh3Ito=
=FVyW
-----END PGP SIGNATURE-----`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Red Hat Inc. __ Affected

Notified: June 15, 2004 Updated: August 18, 2004

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerabilities
Advisory ID: RHSA-2004:255-01
Issue date: 2004-06-17
Updated on: 2004-06-17
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:188
CVE Names: CAN-2004-0427 CAN-2004-0495 CAN-2004-0554
- ---------------------------------------------------------------------

1. Topic:

Updated kernel packages for Red Hat Enterprise Linux 3 that fix security
vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

A flaw was found in Linux kernel versions 2.4 and 2.6 for x86 and x86_64
that allowed local users to cause a denial of service (system crash) by
triggering a signal handler with a certain sequence of fsave and frstor
instructions. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0554 to this issue.

Another flaw was discovered in an error path supporting the clone()
system call that allowed local users to cause a denial of service
(memory leak) by passing invalid arguments to clone() running in an
infinite loop of a user’s program. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0427
to this issue.

Enhancements were committed to the 2.6 kernel by Al Viro which enabled the
Sparse source code checking tool to check for a certain class of kernel
bugs. A subset of these fixes also applies to various drivers in the 2.4
kernel. Although the majority of these resides in drivers unsupported in
Red Hat Enterprise Linux 3, the flaws could lead to privilege escalation or
access to kernel memory. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0495 to these issues.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum. These packages contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory only contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

<https://rhn.redhat.com/help/latest-up2date.pxt&gt;

5. Bug IDs fixed (<http://bugzilla.redhat.com/bugzilla&gt; for more info):

125794 - CAN-2004-0554 local user can get the kernel to hang
125901 - [PATCH] CAN-2004-0554: FPU exception handling local DoS
125968 - last RH kernel affected bug
126121 - CAN-2004-0495 Sparse security fixes backported for 2.4 kernel

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
<ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm&gt;

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

ppc64:
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ppc64.rpm

ppc64iseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm

ppc64pseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm

s390:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm

s390x:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
<ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm&gt;

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
<ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm&gt;

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
<ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm&gt;

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

7. Verification:

MD5 sum Package Name
- --------------------------------------------------------------------------
05b0bcb454ac5454479481d0288fbf20 kernel-2.4.21-15.0.2.EL.athlon.rpm
a3073219b60cbb7ce447a22e5103e097 kernel-2.4.21-15.0.2.EL.i686.rpm
90dabcf0bb591756e5f04f397cf8a156 kernel-2.4.21-15.0.2.EL.ia32e.rpm
24ddfb9f957028d3bbc5cfff2b25bc67 kernel-2.4.21-15.0.2.EL.ia64.rpm
495a1c8f85e0e237643fd2e3f89ddaed kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
6ad188ae0c61a077dede364c59448f61 kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
1b9d329e2b074616239a91fd967871c8 kernel-2.4.21-15.0.2.EL.s390.rpm
a8bab06e561ac8b6ab473b4e722a570b kernel-2.4.21-15.0.2.EL.s390x.rpm
669d77609b1c47ff49c939c1ea7bbc45 kernel-2.4.21-15.0.2.EL.src.rpm
13aabc1c96dfee65f73246051a955ba8 kernel-2.4.21-15.0.2.EL.x86_64.rpm
4635f8c6555f3b3e52feb9444b2e230d kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
6cf6c39a83dfe7cca9c9a79f02dc3fa8 kernel-doc-2.4.21-15.0.2.EL.i386.rpm
cc60f06bdd3ad6a05040df8ba40d41a1 kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
3f21dd578af78ed576c7cbf6e17a3f16 kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm
5e27cc65020dbb1c92368e79c3edcbe6 kernel-doc-2.4.21-15.0.2.EL.s390.rpm
860944b6a4e8384a0b344dc96ea48b6d kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
608d072210521af17c455f7754a6e352 kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
6c8dad84abc4dd1892c9dc862c329273 kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
426c517d35a53546138b0d72a0515909 kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
96eb477ac938da01b729b5ac5ed36e3b kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
bece09ba4a651196758380372dc4c593 kernel-smp-2.4.21-15.0.2.EL.i686.rpm
82154d7551d6e4947af70b3044c9d4d2 kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
9d24273cc70bb6be810984cb3f3d0a36 kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
775338e099c3bdf36a586d29e55dbd3e kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
8fde60be45154b7722893feb65506f42 kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
3c690c54909996d3bba3da7c8d8f894a kernel-source-2.4.21-15.0.2.EL.i386.rpm
a8fc2a1042ee3e580881b50c97a3241d kernel-source-2.4.21-15.0.2.EL.ia64.rpm
937a05a7666f14f95d20be19fc461f05 kernel-source-2.4.21-15.0.2.EL.ppc64.rpm
282bb4f0e5bfbec228a742ab6666665d kernel-source-2.4.21-15.0.2.EL.s390.rpm
6e9628389fa69aafc9c910e4b37a425a kernel-source-2.4.21-15.0.2.EL.s390x.rpm
44be30f820be806621b47786ebff1844 kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
17f10f04cffc9751afb1499aaff00fdc kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm
89ee51cb60f7a1f34e66cbb16abcba07 kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm
144943d76b23470572326c84b57c0dd9 kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm
60e5c1f1efa438a658b12e16543214cd kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm
57f0111e6443fd5a39099731cc0856e8 kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm
22f38c0c1abee45e0ac24caa19e06311 kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm
8f67e244ba867a103e6b211d3d0d1fba kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm
3522c33c18eb876b5033ef12398707fe kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm
aa060423c3136a26ca31a7aafa337380 kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key is
available from <https://www.redhat.com/security/team/key.html&gt;

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:

md5sum <filename>

8. References:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0427&gt;
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495&gt;
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554&gt;

9. Contact:

The Red Hat security contact is <[email protected]>. More contact
details at <https://www.redhat.com/security/team/contact.html&gt;

Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA0pQzXlSAg2UNWIIRAnebAJ92x5UDw32uwjVFVe9Eat4cQQqXAwCgkRtl
OG3QYv33e4XJlyE9npuygvs=
=Joca
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Slackware __ Affected

Notified: June 15, 2004 Updated: June 16, 2004

Status

Affected

Vendor Statement

`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] kernel DoS (SSA:2004-167-01)

New kernel packages are available for Slackware 8.1, 9.0, 9.1,
and -current to fix a denial of service security issue. Without
a patch to asm-i386/i387.h, a local user can crash the machine.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554&gt;

Here are the details from the Slackware 9.1 ChangeLog:
±-------------------------+
Tue Jun 15 02:11:41 PDT 2004
patches/packages/kernel-ide-2.4.26-i486-3.tgz: Patched local DoS
(CAN-2004-0554). Without this patch to asm-i386/i387.h a local user
can crash the kernel.
(* Security fix )
patches/packages/kernel-source-2.4.26-noarch-2.tgz: Patched local DoS
(CAN-2004-0554). The new patch can be found here, too:
patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz
(
Security fix )
patches/kernels/
: Patched local DoS (CAN-2004-0554).
(* Security fix *)
±-------------------------+

Where to find the new packages:
±----------------------------+

Updated packages for Slackware 8.1:
<ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-ide-2.4.18-i386-6.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-source-2.4.18-noarch-7.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/kernels/&gt;

Updated packages for Slackware 9.0:
<ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-ide-2.4.21-i486-4.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-source-2.4.21-noarch-4.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/kernels/&gt;

Updated packages for Slackware 9.1:
<ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.26-i486-3.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.26-noarch-2.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/&gt;

Updated packages for Slackware -current:
<ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.26-i486-4.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.26-i386-3.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.26-noarch-4.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-generic-2.6.6-i486-5.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-headers-2.6.6-i386-3.tgz&gt;
<ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-source-2.6.6-noarch-3.tgz&gt;

Just the patch for 2.4.x kernels:
<ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz&gt;
77d9eb0640f07df4167aaa53e0b42e2e CAN-2004-0554.i387.fnclex.diff.gz

Just the patch for 2.6.x kernels:
<ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/source/linux-2.6.x/CAN-2004-0554.i387.fnclex.diff.gz&gt;
e453d64187eac2216bebf85d72449fcb CAN-2004-0554.i387.fnclex.diff.gz

MD5 signatures:
±------------+

Slackware 8.1 packages:
8bbced2d1f09d033de89ae5957427a25 kernel-ide-2.4.18-i386-6.tgz
050aa2dd8d38f0ba3de2fca621eb13c9 kernel-source-2.4.18-noarch-7.tgz

Slackware 9.0 packages:
21dbafdcf32d84c22daddc349a719420 kernel-ide-2.4.21-i486-4.tgz
56ca0fbf5778283a1d9a76a278cb7cf5 kernel-source-2.4.21-noarch-4.tgz

Slackware 9.1 packages:
614b79763721126939569f235d4524d6 kernel-ide-2.4.26-i486-3.tgz
43681f735928641a2b5fc786604bca77 kernel-source-2.4.26-noarch-2.tgz

Slackware -current packages:
7a19720356937bcc0f360b8b158a1419 kernel-ide-2.4.26-i486-4.tgz
c0d2d8b2977d5c86d100fe02a8c2681b kernel-headers-2.4.26-i386-3.tgz
8fbb66feb2d108baa6af6a895fc7f49a kernel-source-2.4.26-noarch-4.tgz
91ccc5ff7a5be15afdee86a60c6b408d kernel-generic-2.6.6-i486-5.tgz
bdcb17009e79bb375dad7fecdd7e60ae kernel-headers-2.6.6-i386-3.tgz
ed7c1e42f537414db8cd4dda8e2e9077 kernel-source-2.6.6-noarch-3.tgz

Installation instructions:
±-----------------------+

Use upgradepkg to install the new packages.
After installing the kernel-ide package you will need to run lilo (‘lilo’
at a command prompt) or create a new system boot disk (‘makebootdisk’), and
reboot.

If desired, a kernel from the kernels/ directory may be used instead. For
example, to use the kernel in kernels/scsi.s/, you would copy it to the
boot directory like this:

cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.26

Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.26 /boot/vmlinuz

Then, run ‘lilo’ or create a new system boot disk and reboot.

±----+

Slackware Linux Security Team
<http://slackware.com/gpg-key&gt;
[email protected]

±-----------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
±-----------------------------------------------------------------------+
| Send an email to [email protected] with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
±-----------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAzzc6akRjwEAQIjMRAmNLAJ9cY5eDhdmZJBDc4IoJD+owJ2PlkACcCOWh
DyVVz1pzzG06SBnUbpC/iHg=
=luGU
-----END PGP SIGNATURE-----`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

SuSE Inc. __ Affected

Notified: June 15, 2004 Updated: June 16, 2004

Status

Affected

Vendor Statement

We will release a new kernel package as soon as possible. Our customers can update their systems by using the YaST Online Update (YOU) tool or installing the RPM file directly from <http://www.suse.de/en/private/download/updates/index.html&gt;.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

`-----BEGIN PGP SIGNED MESSAGE-----


SUSE Security Announcement

Package: kernel
Announcement-ID: SuSE-SA:2004:017
Date: Wednesday, Jun 16th 2004 15:20 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SuSE Linux Database Server,
SuSE eMail Server III, 3.1
SuSE Linux Enterprise Server 7, 8
SuSE Linux Firewall on CD/Admin host
SuSE Linux Connectivity Server
SuSE Linux Office Server
Vulnerability Type: local denial-of-service attack
Severity (1-10): 4
SUSE default package: no
Cross References: CAN-2004-0554

Content of this advisory:

  1. security vulnerability resolved:
  • floating point exception causes system crash
    problem description, discussion, solution and upgrade information
  1. pending vulnerabilities, solutions, workarounds:
  • icecast
  • sitecopy
  • cadaver
  • OpenOffice_org
  • tripwire
  • postgresql
  • lha
  • XDM
  • mod_proxy
  1. standard appendix (further information)

  1. problem description, brief discussion, solution, upgrade information

The Linux kernel is vulnerable to a local denial-of-service attack.
By using a C program it is possible to trigger a floating point
exception that puts the kernel into an unusable state.
To execute this attack a malicious user needs shell access to the
victim’s machine.
The severity of this bug is considered low because local denial-of-
service attacks are hard to prevent in general.
Additionally the bug is limited to x86 and x86_64 architecture.

SPECIAL INSTALL INSTRUCTIONS:

The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence “****”
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
Note: The update packages for the SuSE Linux Enterprise Server 7
(SLES7) are being tested at the moment and will be published as soon
as possible.

**** Step 1: Determine the needed kernel type

Please use the following command to find the kernel type that is
installed on your system:

rpm -qf /boot/vmlinuz

Following are the possible kernel types (disregard the version and
build number following the name separated by the “-” character)

k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon™ family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp

**** Step 2: Download the package for your system

Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.

The kernel RPM binary packages for the distributions can be found at the
locations below <ftp://ftp.suse.com/pub/suse/i386/update/&gt;.

8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586

After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.

**** Step 3: Installing your kernel rpm package

Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.

Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.

If you run SUSE LINUX 8.1 and haven’t applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/&gt;

**** Step 4: configuring and creating the initrd

The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.

The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.

With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command

mk_initrd

as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.

**** Step 5: bootloader

If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command

grep LOADER_TYPE /etc/sysconfig/bootloader

to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.

Warning: An improperly installed bootloader may render your system
unbootable.

**** Step 6: reboot

If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6

Your system should now shut down and reboot with the new kernel.

There is no workaround known.

Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command “rpm -Fhv file.rpm” to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.

Intel i386 Platform:

SuSE-9.1:
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.75.i586.rpm&gt;
8d11469e1815c5b2fa143fce62c17b95`

` <ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.75.i586.rpm&gt;
75222182ad4c766b6482e5b83658819d
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.75.i586.rpm&gt;
45f1244f153ab1387a9dc67e7bcf20bb
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.75.i586.rpm&gt;
517647d955770503fe61ae2549c453dd
source rpm(s):
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.75.src.rpm&gt;
9103503f430b9d854630ecb8855a2fb3
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.75.nosrc.rpm&gt;
9381c56f1f64835c5379dde278ac768d
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.75.nosrc.rpm&gt;
4f47dc2be58f5315cf596c051c2892b5
<ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.75.nosrc.rpm&gt;
732c1e7d2a9e41780464eccdc0d54505

SuSE-9.0:
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-226.i586.rpm&gt;
7b6022e2f80325b42fa7dc3188360530
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-226.i586.rpm&gt;
594efe04ccc233e890bfb277e8296c2d
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-226.i586.rpm&gt;
f41d088cf20bfe583e57f95a6b46d625
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-226.i586.rpm&gt;
39e2c09ece3f22b50eb777b85a7218ef
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-226.i586.rpm&gt;
83398954810403b9dfb65bcf1af25352
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-226.i586.rpm&gt;
18dde4a8af68dd1f78a0177c3214457a
source rpm(s):
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-226.src.rpm&gt;
d5b037aaf122b1b05917e3f0b475baae
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-226.src.rpm&gt;
e10aea97785eb12716ad7d5e20cbd723
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-226.src.rpm&gt;
54b8bbd368998abc1a63224caa880473
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-226.src.rpm&gt;
f944b14978ecd211c26f8169238292bf
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-226.src.rpm&gt;
66a116aeb9757c538a0643e8322095a7
<ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-226.src.rpm&gt;
5e3694ba088fd39891a5979380679d20

SuSE-8.2:
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-113.i586.rpm&gt;
a5843cb4e2b16515d70574d83113ac48
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-113.i586.rpm&gt;
724529485d3a304f0479f9216fc361af
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-113.i586.rpm&gt;
b0e687c208053d546b7057257beb7d32
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-113.i586.rpm&gt;
749b101e7fc4aa5c62e2a5b650002803
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-113.i586.rpm&gt;
3377544a5f6d9c73fdfe05140fce0813
source rpm(s):
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-113.src.rpm&gt;
0a41c750b8cd3953d47e27ea15c58697
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-113.src.rpm&gt;
a5e5790e5f7fe62905d29750543c9e20
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-113.src.rpm&gt;
9defa7cb706e924f8336dd03fafbcfd5
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-113.src.rpm&gt;
8469dbc8810dd292100d085e00bb6081
<ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-113.src.rpm&gt;
d990fcbace1f21ff383abdf7608a17ef

SuSE-8.1:
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-226.i586.rpm&gt;
43ee5eae102f0258a414dd15e3fd9433
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-226.i586.rpm&gt;
0c6289e168307d615bfe6cef9ebcf879
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-226.i586.rpm&gt;
003a38c53fe91070eeae85983930c70e
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-226.i586.rpm&gt;
657d08fa4b5a2ba7de2a314a7d1622e1
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-226.i586.rpm&gt;
e19239b4ca52ebd21f775b5e6195f144
source rpm(s):
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-226.src.rpm&gt;
ee67f5db0ea2f1431f46b7dd27815a56
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-226.src.rpm&gt;
b29021156d6582e315666b16231b2a60
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-226.src.rpm&gt;
ce5e47d527cee6968cd95bb8430d3e18
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-226.src.rpm&gt;
a081a0f1e31f5491cdeba1fea5ea6411
<ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-226.src.rpm&gt;
1dbfd3b5f272fc75342ae55bbe7ab45c

SuSE-8.0:
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-299.i386.rpm&gt;
7de319a4e6c667fba359686b814d4a73
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-299.i386.rpm&gt;
df5aad7c423625a19af151bbba0f2ca8
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-299.i386.rpm&gt;
cb02c8381962eda997ebb115ef68ae4c
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-299.i386.rpm&gt;
903c6e61927803c2d592ac50fe9da6ce
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-299.i386.rpm&gt;
e2abf9ccdc8191e7d2ace58e8a1b5b5a
source rpm(s):
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-299.nosrc.rpm&gt;
622c85342dd84abd0400103902d05eed
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-299.src.rpm&gt;
37916ea39febc4dd43fabfccce9322db
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-299.src.rpm&gt;
0dde0e6758e42de5479e8776475ae76f
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-299.src.rpm&gt;
523bef4e31fa67f078d5fcbdc426a4c0
<ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-299.src.rpm&gt;
06a2a062a54764a30adae0b8ea40cb29

Opteron x86_64 Platform:

SuSE-9.1:
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.75.x86_64.rpm&gt;
1c878b1e29a9bea40547637b6a307b2d
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.75.x86_64.rpm&gt;
16de3ee2390bb2b92f9fe50451d4f082
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.75.x86_64.rpm&gt;
c310268daa83f18fcfd4cf19434f06e0
source rpm(s):
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.75.src.rpm&gt;
2fed0a8f3936027261add7d1cbfa5341
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.75.nosrc.rpm&gt;
9ad26d15566337c83273121390ea4e32
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.75.nosrc.rpm&gt;
352951be42b3093efb0148320a6f4c27

SuSE-9.0:
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-226.x86_64.rpm&gt;
ced9c66ffa28bf7e7c795781f92083fe
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-226.x86_64.rpm&gt;
60539bc47e8cac0664ac5ca824d311e0
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-226.x86_64.rpm&gt;
083aeedd2a88ccc2e00c8f66cd61b81c
source rpm(s):
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-226.src.rpm&gt;
58c40a206f6f615daa3486fc6d6ade38
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-226.src.rpm&gt;
1c234f6c0475680b41c644c575ff8ef6
<ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-226.src.rpm&gt;
e9b90824615859405b1979793662bc0d


  1. Pending vulnerabilities in SUSE Distributions and Workarounds:
  • icecast
    The icecast service is vulnerable to a remote denial-of-service
    attack. Update packages will be available soon.

  • sitecopy
    The sitecopy package includes a vulnerable version of the
    neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
    available soon.

  • cadaver
    The cadaver package includes a vulnerable version of the
    neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
    available soon.

  • OpenOffice_org
    The OpenOffice_org package includes a vulnerable version
    of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
    will be available soon.

  • tripwire
    A format string bug in tripwire can be exploited locally
    to gain root permissions. Update packages will be available soon.
    - postgresql
    A buffer overflow in psqlODBC could be exploited to crash the
    application using it. E.g. a PHP script that uses ODBC to access a
    PostgreSQL database can be utilized to crash the surrounding Apache
    web-server. Other parts of PostgreSQL are not affected.
    Update packages will be available soon.

  • lha
    Minor security fix for a buffer overflow while handling command
    line options. This buffer overflow could be exploited in conjunction
    with other mechanisms to gain higher privileges or access the system
    remotely.

  • XDM/XFree86
    This update resolves random listening to ports by XDM
    that allows to connect via the XDMCP. SUSE LINUX 9.1
    is affected only.
    New packages are currently being tested and will be
    available soon.

  • mod_proxy
    A buffer overflow can be triggered by malicious remote
    servers that return a negative Content-Length value.
    This vulnerability can be used to execute commands remotely
    New packages are currently being tested and will be
    available soon.


  1. standard appendix: authenticity verification, additional information
  • Package authenticity verification:

SUSE update packages are available on many mirror ftp servers around
the world. While this service is considered valuable and important
to the free and open source software community, many users wish to be
certain as to be the origin of the package and its content before
installing the package. There are two independent verification methods
that can be used to prove the authenticity of a downloaded file or
rpm package:

  1. md5sums as provided in the (cryptographically signed) announcement.

  2. using the internal gpg signatures of the rpm package.

  3. execute the command
    md5sum <name-of-the-file.rpm>
    after you have downloaded the file from a SUSE ftp server or its
    mirrors. Then, compare the resulting md5sum with the one that is
    listed in the announcement. Since the announcement containing the
    checksums is cryptographically signed (usually using the key
    [email protected]), the checksums offer proof of the authenticity
    of the package.
    We recommend against subscribing to security lists which cause the
    email message containing the announcement to be modified so that
    the signature does not match after transport through the mailing
    list software.
    Downsides: You must be able to verify the authenticity of the
    announcement in the first place. If RPM packages are being rebuilt
    and a new version of a package is published on the ftp server, all
    md5 sums for the files are useless.

  4. rpm package signatures provide an easy way to verify the authenticity
    of an rpm package. Use the command
    rpm -v --checksig <file.rpm>
    to verify the signature of the package, where <file.rpm> is the
    filename of the rpm package that you have downloaded. Of course,
    package authenticity verification can only target an un-installed rpm
    package file.
    Prerequisites:
    a) gpg is installed
    b) The package is signed using a certain key. The public part of this
    key must be installed by the gpg program in the directory
    ~/.gnupg/ under the user’s home directory who performs the
    signature verification (usually root). You can import the key
    that is used by SUSE in rpm packages for SUSE Linux by saving
    this announcement to a file (“announcement.txt”) and
    running the command (do “su -” to be root):
    gpg --batch; gpg < announcement.txt | gpg --import
    SUSE Linux distributions version 7.1 and thereafter install the
    key “[email protected]” upon installation or upgrade, provided that
    the package gpg is installed. The file containing the public key
    is placed at the top-level directory of the first CD (pubring.gpg)
    and at <ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de&gt; .

  • SUSE runs two security mailing lists to which any interested party may
    subscribe:

[email protected]

  • general/linux/SUSE security discussion.
    All SUSE security announcements are sent to this list.
    To subscribe, send an email to
    <[email protected]>.

[email protected]

  • SUSE’s announce-only mailing list.
    Only SUSE’s security announcements are sent to this list.
    To subscribe, send an email to
    <[email protected]>.

For general information or the frequently asked questions (faq)
send mail to:
<[email protected]> or
<[email protected]> respectively.

=====================================================================
SUSE’s security contact is <[email protected]> or <[email protected]>.
The <[email protected]> public key is listed below.


The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature must show proof of the
authenticity of the text.
SUSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.

Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <[email protected]>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <[email protected]>

  • -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see <http://www.gnupg.org>

mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC

  • -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iQEVAwUBQNBTgney5gA9JdPZAQHB7Af/XRy01sYB1rDi0L+TwlQtW4nr4vwrJTOt
6pA/M+oNsW0SUPK3kCcN+v7mvuIrA69c1VZeYgfI4/dy0bdMntcVkOliikn0+m0i
e2SvKYY+/KC8wZaUIrKFbH4PA0Gdf40GmNVj4uq5KdwohJLGQDTa8eguiYocMjXv
E8QAdGTaPXEBGz8Ode6YMYAbauHbWXip9x6TyQ7NgiQ4mylabmmw8AUebVyM4oWS
a28uoT8nWPu+BwYNW0zt26clPhLvmHWFpIpqyaWERaWMuCrFHwlc753B2PCOVdnm
Yj/ugqlkkGRysclITz3WFbUGUKtd91AdZAEK6l+MxkuqRDZmNUYgHw==
=q9W1
-----END PGP SIGNATURE-----`

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Trustix Secure Linux __ Affected

Notified: June 16, 2004 Updated: June 16, 2004

Status

Affected

Vendor Statement

`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Trustix Secure Linux Bugfix Advisory #2004-0034

Package name: kernel
Summary: Local DoS
Date: 2004-06-16
Affected versions: Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Operating System - Enterprise Server 2


Package description:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.

Problem description:
A flaw was by accident discovered by Stian Skjelstad when he was doing
some code tests during vacation. He was quite surprised when I discovered
that the code he was trying froze his machine. He reported it to the
Linux-kernel mailing list and the gcc bugzilla 2004-06-09.

See CAN-2004-0554 at <http://cve.mitre.org/&gt; for more information.

Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from
<URI:<http://http.trustix.org/pub/trustix/updates/&gt;&gt;
<URI:<ftp://ftp.trustix.org/pub/trustix/updates/&gt;&gt;

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using ‘swup --upgrade’.

Public testing:
Most updates for Trustix Secure Linux are made available for public
testing some time before release.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:<http://tsldev.trustix.org/horizon/&gt;&gt;

You may also use swup for public testing of updates:

site {
class = 0
location = “<http://tsldev.trustix.org/horizon/rdfs/latest.rdf&gt;
regexp = “.*”
}

Questions?
Check out our mailing lists:
<URI:<http://www.trustix.org/support/&gt;&gt;

Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:<http://www.trustix.org/TSL-SIGN-KEY&gt;&gt;

The advisory itself is available from the errata pages at
<URI:<http://www.trustix.org/errata/trustix-2.0/&gt;&gt; and
<URI:<http://www.trustix.org/errata/trustix-2.1/&gt;&gt;
or directly at
<URI:<http://www.trustix.org/errata/2004/0034&gt;&gt;

MD5sums of the packages:


4eeda04ede3e7538c560d78db0087abf 2.1/rpms/kernel-2.4.26-2tr.i586.rpm
f116f17ce723574940cf5653e24b189b 2.1/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
beb2d9638544bbe1e3d3d4c4f3bc0841 2.1/rpms/kernel-doc-2.4.26-2tr.i586.rpm
1da3f4c3c5489ad6441c1deb77ade460 2.1/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
33a3d2cc288d8feca38bf723a532d5fc 2.1/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
2eca74fa29f9ab94400c3b660f1cb7d4 2.1/rpms/kernel-smp-2.4.26-2tr.i586.rpm
87d8729ae10b644fd4293028064b4449 2.1/rpms/kernel-source-2.4.26-2tr.i586.rpm
5e79ec0c2f39096258f277b6c9742010 2.1/rpms/kernel-utils-2.4.26-2tr.i586.rpm
19085e9447cf6c6e442dc7b5cce2741d 2.0/rpms/kernel-2.4.26-2tr.i586.rpm
65a65ef1e6387ff9d1c00f4775baf824 2.0/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
cfe247f0b22f9f9964ad192610030429 2.0/rpms/kernel-doc-2.4.26-2tr.i586.rpm
be9eaf3ea57f93f12732927230014e5d 2.0/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
7ac9ad8333acd85d59337ab963021c95 2.0/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
ff07e3390ca40209e1a3e8cd4b5b6d3a 2.0/rpms/kernel-smp-2.4.26-2tr.i586.rpm
5216d7c88b49b6f4588ff68ca15a9bc5 2.0/rpms/kernel-source-2.4.26-2tr.i586.rpm
5881e9c49f504248ccdb983430f3d3cf 2.0/rpms/kernel-utils-2.4.26-2tr.i586.rpm
24ea881f70d85501dde7b0bd280db86b e2/kernel-2.4.26-2tr.i586.rpm
b19ab411d3ecb4033b828a1dbd8b7d6e e2/kernel-BOOT-2.4.26-2tr.i586.rpm
86bf9bee49f8aca7220c1be1fa085bc6 e2/kernel-doc-2.4.26-2tr.i586.rpm
2ae2ddcca0440e2a7995208500b05b88 e2/kernel-firewall-2.4.26-2tr.i586.rpm
53b6077acf13c8c1ae2358ad078b1710 e2/kernel-firewallsmp-2.4.26-2tr.i586.rpm
7ad7e859f539438ca7ada4ed0b12ea76 e2/kernel-smp-2.4.26-2tr.i586.rpm
2719c667ccbeabd5e40eadc747663ad3 e2/kernel-source-2.4.26-2tr.i586.rpm
c340c5b408699be1d6d44a2d9b9211c8 e2/kernel-utils-2.4.26-2tr.i586.rpm


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA0DFii8CEzsK9IksRAteIAJ97XC+eJOVpi/AVkvkk9W9O2byoGgCfYxMo
K4oBAeXOexvaNTo652IzAnA=
=7CnB
-----END PGP SIGNATURE-----`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Apple Computer Inc. __ Not Affected

Notified: June 15, 2004 Updated: June 16, 2004

Status

Not Affected

Vendor Statement

Apple products are not affected by the issue reported in Vulnerability Note VU#973654.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

BSDI Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Cray Inc. Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Debian Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

EMC Corporation Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

FreeBSD Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Fujitsu Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Hewlett-Packard Company Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Hitachi Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

IBM Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

IBM eServer Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Ingrian Networks Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Juniper Networks Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

MontaVista Software Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

NEC Corporation Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

NetBSD Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Nokia Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Novell Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

OpenBSD Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Openwall GNU/*/Linux Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

SGI Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Sequent Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Sony Corporation Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Sun Microsystems Inc. Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

The SCO Group (SCO Linux) Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

The SCO Group (SCO UnixWare) Unknown

Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

TurboLinux Unknown

Notified: June 15, 2004 Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Unisys Unknown

Notified: June 15, 2004 Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

Wind River Systems Inc. Unknown

Notified: June 15, 2004 Updated: June 16, 2004

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23973654 Feedback>).

View all 36 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was discovered by Stian Skjelstad.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs: CVE-2004-0554
Severity Metric: 11.81 Date Public:

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

Related for VU:973654