7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
94.5%
The Linux kernel handles the basic functions of the operating
system.
This is the sixth regular kernel update to Red Hat Enterprise Linux version
2.1. It updates a number of device drivers, and adds much improved SATA
support.
This update includes fixes for several security issues:
Paul Starzetz of iSEC discovered various flaws in the ELF binary
loader affecting kernels prior to 2.4.28. A local user could use these
flaws to gain read access to executable-only binaries or possibly gain
privileges. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CAN-2004-1070, CAN-2004-1071,
CAN-2004-1072, and CAN-2004-1073 to these issues.
A missing serialization flaw in unix_dgram_recvmsg was discovered that
affects kernels prior to 2.4.28. A local user could potentially make
use of a race condition in order to gain privileges. (CAN-2004-1068)
Stefan Esser discovered various flaws including buffer overflows in
the smbfs driver affecting kernels before 2.4.28. A local user may be
able to cause a denial of service (crash) or possibly gain privileges.
In order to exploit these flaws the user would need to have control of
a connected smb server. (CAN-2004-0883, CAN-2004-0949)
Conectiva discovered flaws in certain USB drivers affecting kernels
before 2.4.27 which used the copy_to_user function on uninitialized
structures. These flaws could allow local users to read small
amounts of kernel memory. (CAN-2004-0685)
The ext3 code in kernels before 2.4.26 did not properly initialize journal
descriptor blocks. A privileged local user could read portions of kernel
memory. (CAN-2004-0177)
The following drivers have also been updated:
All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | i686 | kernel-enterprise | < 2.4.9-e.57 | kernel-enterprise-2.4.9-e.57.i686.rpm |
RedHat | any | athlon | kernel | < 2.4.9-e.57 | kernel-2.4.9-e.57.athlon.rpm |
RedHat | any | i686 | kernel-smp | < 2.4.9-e.57 | kernel-smp-2.4.9-e.57.i686.rpm |
RedHat | any | i686 | kernel-debug | < 2.4.9-e.57 | kernel-debug-2.4.9-e.57.i686.rpm |
RedHat | any | athlon | kernel-smp | < 2.4.9-e.57 | kernel-smp-2.4.9-e.57.athlon.rpm |
RedHat | any | i386 | kernel-doc | < 2.4.9-e.57 | kernel-doc-2.4.9-e.57.i386.rpm |
RedHat | any | i386 | kernel-boot | < 2.4.9-e.57 | kernel-BOOT-2.4.9-e.57.i386.rpm |
RedHat | any | i386 | kernel-headers | < 2.4.9-e.57 | kernel-headers-2.4.9-e.57.i386.rpm |
RedHat | any | i686 | kernel | < 2.4.9-e.57 | kernel-2.4.9-e.57.i686.rpm |
RedHat | any | i686 | kernel-summit | < 2.4.9-e.57 | kernel-summit-2.4.9-e.57.i686.rpm |