(Slackware Issues Fix) Linux Kernel panic() Buffer Overflow Has Unspecified Impact
|
|
SecurityTracker Alert ID: 1010023 |
|
SecurityTracker URL: http://securitytracker.com/id/1010023
|
|
CVE Reference:
CAN-2004-0394
(Links to External Site)
|
Date: May 1 2004
|
Impact:
Not specified
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 9.1
|
Description:
A buffer overflow vulnerability was reported in the Linux Kernel in the panic() function. The impact was not specified.
Red Hat reported that there is a potential buffer overflow in the Linux kernel in the panic() function. According to the report, the flaw is unlikely to be exploitable becuase the function does not return.
Shaun Colley is credited with discovering this flaw.
|
Impact:
The impact was not specified.
|
Solution:
Slackware has released a fix.
Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/alsa-driver-0.9.8-i486-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/hotplug-2004_01_05-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.26-i486-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-headers-2.4.26-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-modules-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.26-noarch-1.tgz
New precompiled kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.26-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.26-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/alsa-driver-1.0.4-i486-2.tgz
New precompiled kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
The MD5 signatures are:
Slackware 9.1 packages:
e628350bb01c18d7a6ad4706961601d8 alsa-driver-0.9.8-i486-3.tgz
be986b3ebfd3a398990b249422707b84 hotplug-2004_01_05-noarch-1.tgz
b45ba64a70f256ff33b35fb1ca409063 kernel-headers-2.4.26-i386-1.tgz
a834060c508607169e98db7ede93409d kernel-ide-2.4.26-i486-2.tgz
b34e78fa2b9f451007fa3a0849faedfe kernel-modules-2.4.26-i486-1.tgz
ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz
Slackware -current packages:
aa05198221027c6ce9055595ee76c409 kernel-ide-2.4.26-i486-1.tgz
1d2f8a04342dbf8482f67d9787a693c4 kernel-modules-2.4.26-i486-1.tgz
9e726b8766e807147cf4859a6bb33f48 kernel-headers-2.4.26-i386-1.tgz
ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz
3922b3ebba1029e0f1041dc6a1926bd2 alsa-driver-1.0.4-i486-2.tgz
|
Vendor URL: www.kernel.org/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 28 Apr 2004 13:56:48 -0700 (PDT)
Subject: [slackware-security] kernel security updates (SSA:2004-119-01)
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] kernel security updates (SSA:2004-119-01)
New kernel packages are available for Slackware 9.1 and -current to
fix security issues. Also available are new kernel modules packages
(including alsa-driver), and a new version of the hotplug package
for Slackware 9.1 containing some fixes for using 2.4.26 (and 2.6.x)
kernel modules.
The most serious of the fixed issues is an overflow in ip_setsockopt(),
which could allow a local attacker to gain root access, or to crash or
reboot the machine. This bug affects 2.4 kernels from 2.4.22 - 2.4.25.
Any sites running one of those kernel versions should upgrade right
away. After installing the new kernel, be sure to run 'lilo'.
More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424
Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Apr 28 10:19:51 PDT 2004
patches/packages/kernel-ide-2.4.26-i486-2.tgz: The first version of this
package included one of the old 2.4.22 kernels by mistake. Thanks to the
many people who pointed out this error. Sorry!
(* Security fix *)
+--------------------------+
Tue Apr 27 15:25:29 PDT 2004
patches/packages/alsa-driver-0.9.8-i486-3.tgz: Recompiled for Linux 2.4.26.
patches/packages/hotplug-2004_01_05-noarch-1.tgz: This adds bugfixes for using
a 2.6.x kernel, and adds the broken via-ircc module to the hotplug blacklist.
Note that upgrading the package will not replace an existing blacklist, but
as far as I can tell there are no ill effects from trying to load via-ircc
other than the ugly mess on the screen at boot time.
patches/packages/kernel-ide-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26.
patches/packages/kernel-headers-2.4.26-i386-1.tgz: Upgraded to Linux 2.4.26.
patches/packages/kernel-modules-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26.
patches/packages/kernel-source-2.4.26-noarch-1.tgz: Upgraded to Linux 2.4.26.
patches/packages/kernels/*: Upgraded to Linux 2.4.26.
These 2.4.26 kernel upgrades fix:
an overflow in ip_setsockopt() [CAN-2004-0424]
a flaw in do_fork() that could lead to a DoS
an (unexploitable) overflow in panic() [CAN-2004-0394]
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424
(* Security fix *)
WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+
Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/alsa-driver-0.9.8-i486-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/hotplug-2004_01_05-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.26-i486-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-headers-2.4.26-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-modules-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.26-noarch-1.tgz
New precompiled kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-2.4.26-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.26-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.26-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/alsa-driver-1.0.4-i486-2.tgz
New precompiled kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
MD5 SIGNATURES:
+-------------+
Slackware 9.1 packages:
e628350bb01c18d7a6ad4706961601d8 alsa-driver-0.9.8-i486-3.tgz
be986b3ebfd3a398990b249422707b84 hotplug-2004_01_05-noarch-1.tgz
b45ba64a70f256ff33b35fb1ca409063 kernel-headers-2.4.26-i386-1.tgz
a834060c508607169e98db7ede93409d kernel-ide-2.4.26-i486-2.tgz
b34e78fa2b9f451007fa3a0849faedfe kernel-modules-2.4.26-i486-1.tgz
ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz
Slackware -current packages:
aa05198221027c6ce9055595ee76c409 kernel-ide-2.4.26-i486-1.tgz
1d2f8a04342dbf8482f67d9787a693c4 kernel-modules-2.4.26-i486-1.tgz
9e726b8766e807147cf4859a6bb33f48 kernel-headers-2.4.26-i386-1.tgz
ac3437a4ade365dce9b94afb3cb85d75 kernel-source-2.4.26-noarch-1.tgz
3922b3ebba1029e0f1041dc6a1926bd2 alsa-driver-1.0.4-i486-2.tgz
INSTALLATION INSTRUCTIONS:
+------------------------+
Use upgradepkg to install the new packages.
After installing the kernel-ide package you will need to run lilo ('lilo' at
a command prompt) or create a new system boot disk ('makebootdisk'), and
reboot.
If desired, a kernel from the kernels/ directory may be used instead. For
example, to use the kernel in kernels/scsi.s/, you would copy it to the
boot directory like this:
cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.26
Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.26 /boot/vmlinuz
Then, run 'lilo' or create a new system boot disk and reboot.
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAkBjWakRjwEAQIjMRAoFgAJ4gOSZKqbWqFndS440KOHZk18xGfwCeI3SS
a88RN3gp4zDj2p6cPgAN6vw=
=xLGK
-----END PGP SIGNATURE-----
|
|
