Advisories
Mandriva Advisories
|
 |
| Problem Description |
Rafal Wojtczuk found a vulnerability in the 2.2.19 and 2.4.11 Linux
kernels with the ptrace code and deeply nested symlinks spending an
arbitrary amount of time in the kernel code. The ptrace vulnerability
could be used by local users to gain root privilege, the symlink
vulnerability could result in a local DoS.
NOTE: This update is *not* meant to be done via MandrakeUpdate! You
must download the necessary RPMs and upgrade manually by following
these steps:
1. Type: rpm -ivh kernel-[version].i586.rpm
2. Type: mv kernel-[version].i586.rpm /tmp
3. Type: rpm -Fvh *.rpm
4a. You may wish to edit /etc/lilo.conf to ensure a new entry is in
place. The new kernel will be the last entry. Change any options
you need to change. You will also want to create a new entry with
the initrd and image directives pointing to the old kernel's
vmlinuz and initrd images so you may also boot from the old
images if required.
4b. PPC users must execute some additional instructions. First edit
/etc/yaboot.conf and add a new entry for the kernel and change
any options that you need to change. You must also create a new
initrd image to enable USB support for keyboards and mice by
typing:
mkinitrd --with=usb-ohci /boot/initrd-2.2.19-19.1mdk 2.2.19-19.1mdk
5a. Type: /sbin/lilo -v
5b. PPC users must type: /sbin/ybin -v
You may then reboot and use the new kernel and remove the older kernel
when you are comfortable using the upgraded one.
| Updated Packages |
Mandrakelinux 7.1
1fd551f299c93b192feb1189bb6b049e 7.1/RPMS/alsa-2.2.19_0.5.10b-5.2mdk.i586.rpm 9f842e01d0cb62b8a30da0f9b483f08c 7.1/RPMS/alsa-source-2.2.19_0.5.10b-5.2mdk.i586.rpm 304420542a92f76c85b465ddf8861e10 7.1/RPMS/kernel-2.2.19-5.2mdk.i586.rpm bd9934f6244b41948f82239c9e4af973 7.1/RPMS/kernel-doc-2.2.19-5.2mdk.i586.rpm 27e7f4ffe94a21693d10db01ea905cbe 7.1/RPMS/kernel-headers-2.2.19-5.2mdk.i586.rpm f8b9152a5030992e87950176e31b76dd 7.1/RPMS/kernel-pcmcia-cs-2.2.19-5.2mdk.i586.rpm 45a9b2b89605676ee86b3a989434589b 7.1/RPMS/kernel-secure-2.2.19-5.2mdk.i586.rpm 001b21f47ade48242373a1cdae8aa503 7.1/RPMS/kernel-smp-2.2.19-5.2mdk.i586.rpm f0d0e0fd0aa32b084bc29ec36939d378 7.1/RPMS/kernel-source-2.2.19-5.2mdk.i586.rpm 032398178fe6b3a826ea730c74461378 7.1/RPMS/kernel-utils-2.2.19-5.2mdk.i586.rpm 43e440aaa651a590287c5adbdbc92a93 7.1/RPMS/reiserfs-utils-2.2.19_3.5.29-5.2mdk.i586.rpm f13ab9a51bce2f2386213ac68c1a34dd 7.1/SRPMS/kernel-2.2.19-5.2mdk.src.rpm
Mandrakelinux 7.2
446ebf53de386f07e183d77c33fdf33a 7.2/RPMS/alsa-2.2.19_0.5.10b-5.1mdk.i586.rpm a0dc2f262e5deaf93bc270af7a01b340 7.2/RPMS/alsa-source-2.2.19_0.5.10b-5.1mdk.i586.rpm fcc1907df00924c10c64ae60a7d5a400 7.2/RPMS/kernel-2.2.19-5.1mdk.i586.rpm 003135b5a545bbb22a972ac6301c5b99 7.2/RPMS/kernel-doc-2.2.19-5.1mdk.i586.rpm d7e072775b3528648770b658d65375dd 7.2/RPMS/kernel-headers-2.2.19-5.1mdk.i586.rpm a42c6ac0a6ab26c0a5992aaa4574ae5b 7.2/RPMS/kernel-pcmcia-cs-2.2.19-5.1mdk.i586.rpm d80195dfa4aedf435f5ae82993e8afa3 7.2/RPMS/kernel-secure-2.2.19-5.1mdk.i586.rpm d535affc1dad7f3dc63a9abe6b719ba8 7.2/RPMS/kernel-smp-2.2.19-5.1mdk.i586.rpm 4bd83c356e51adffdb32b476d0eda558 7.2/RPMS/kernel-source-2.2.19-5.1mdk.i586.rpm 79448d2ec448aeb23eb1a5c519da96c7 7.2/RPMS/kernel-utils-2.2.19-5.1mdk.i586.rpm 757609c3fc09fa9de14d3d7aa6150b46 7.2/RPMS/reiserfs-utils-2.2.19_3.5.29-5.1mdk.i586.rpm 299ef92dba0e4732991c80df2d356a9f 7.2/SRPMS/kernel-2.2.19-5.1mdk.src.rpm
Mandrakelinux 8.0
777bc89220caef2bf5470867d103c7fb 8.0/RPMS/kernel22-2.2.19-19.1mdk.i586.rpm 96ee291d0bc3a68728e5e53d980b0aa4 8.0/RPMS/kernel22-secure-2.2.19-19.1mdk.i586.rpm b0c356629c2c35273b646060d8c94b3e 8.0/RPMS/kernel22-smp-2.2.19-19.1mdk.i586.rpm 042d2fe6f409ad5d2380d8e16c8cc004 8.0/RPMS/kernel22-source-2.2.19-19.1mdk.i586.rpm 42ce13c7040dbec1dc37379b57c0f557 8.0/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm
Mandrakelinux 8.0/PPC
89174f97906a2f5b1f42113e1cdb5ae3 ppc/8.0/RPMS/kernel22-2.2.19-19.1mdk.ppc.rpm 2f239b3f38b556f3432d444d3b7f941e ppc/8.0/RPMS/kernel22-secure-2.2.19-19.1mdk.ppc.rpm f7396ee3358a2fe837313ba84987272e ppc/8.0/RPMS/kernel22-smp-2.2.19-19.1mdk.ppc.rpm 86601e4cd3af59061a454b4c2d2d204b ppc/8.0/RPMS/kernel22-source-2.2.19-19.1mdk.ppc.rpm 6b98e69d183424879a90a39b97714ac1 ppc/8.0/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm
Mandrakelinux 8.1
777bc89220caef2bf5470867d103c7fb 8.1/RPMS/kernel22-2.2.19-19.1mdk.i586.rpm 96ee291d0bc3a68728e5e53d980b0aa4 8.1/RPMS/kernel22-secure-2.2.19-19.1mdk.i586.rpm b0c356629c2c35273b646060d8c94b3e 8.1/RPMS/kernel22-smp-2.2.19-19.1mdk.i586.rpm 042d2fe6f409ad5d2380d8e16c8cc004 8.1/RPMS/kernel22-source-2.2.19-19.1mdk.i586.rpm 42ce13c7040dbec1dc37379b57c0f557 8.1/SRPMS/kernel22-2.2.19-19.1mdk.src.rpm
Corporate Server 1.0.1
54c7fd84f4061e6dec4624d9398082d9 1.0.1/RPMS/alsa-2.2.19_0.5.10b-5.3mdk.i586.rpm c12e09418b9b8b2fcae335f3b71ff703 1.0.1/RPMS/alsa-source-2.2.19_0.5.10b-5.3mdk.i586.rpm c862259dbaa9ccd59c7f55005fe73444 1.0.1/RPMS/kernel-2.2.19-5.3mdk.i586.rpm 6651117102969aff2afb25c2f6c489b1 1.0.1/RPMS/kernel-doc-2.2.19-5.3mdk.i586.rpm e0d319ab9e31ac81b3acd5899c084ce9 1.0.1/RPMS/kernel-headers-2.2.19-5.3mdk.i586.rpm 29d2a1da07cd72a66530ffd65e6059be 1.0.1/RPMS/kernel-pcmcia-cs-2.2.19-5.3mdk.i586.rpm 2a489974f4805e82e0992f61d474a980 1.0.1/RPMS/kernel-secure-2.2.19-5.3mdk.i586.rpm 7204b64d976081b346ea2d937b7be77d 1.0.1/RPMS/kernel-smp-2.2.19-5.3mdk.i586.rpm b45d07dae8e0fb0cba67ccd34d388c4f 1.0.1/RPMS/kernel-source-2.2.19-5.3mdk.i586.rpm 80662f490e035797941dc4973ffc1ca4 1.0.1/RPMS/kernel-utils-2.2.19-5.3mdk.i586.rpm 5fab41266e2665f8dcee47d930040738 1.0.1/RPMS/reiserfs-utils-2.2.19_3.5.29-5.3mdk.i586.rpm 53abac0c6a89df3f66673db59c92feb7 1.0.1/SRPMS/kernel-2.2.19-5.3mdk.src.rpm
| References |
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337
| Upgrade |
To upgrade your kernel, view the kernel update instructions. Kernels cannot be upgraded via MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.