Date: 23 Jun 2004 19:04:14 -0000
From: Mandrake Linux Security Team <[email protected]>
To: [email protected]Subject: MDKSA-2004:062 - Updated kernel packages fix multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: kernel
Advisory ID: MDKSA-2004:062
Date: June 23rd, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and
earlier was discovered by Chris Wright. The e1000 driver does not
properly reset memory or restrict the maximum length of a data
structure, which can allow a local user to read portions of kernel
memory (CAN-2004-0535).
A vulnerability was also discovered in the kernel were a certain C
program would trigger a floating point exception that would crash the
kernel. This vulnerability can only be triggered locally by users with
shell access (CAN-2004-0554).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554http://www.kb.cert.org/vuls/id/973654
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
4d206822c79940210133a7480d21e3df 10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.i586.rpm
68bcd25169105b157075c49ae1afc652 10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.i586.rpm
abf8ad1259bf4f92a49e36dfcf3c9c39 10.0/RPMS/kernel-enterprise-2.4.25.6mdk-1-1mdk.i586.rpm
312e78a0c775dbb7b9cbef0d99a04fcd 10.0/RPMS/kernel-enterprise-2.6.3.14mdk-1-1mdk.i586.rpm
e488a38369863ce174eedaf556cb3b89 10.0/RPMS/kernel-i686-up-4GB-2.4.25.6mdk-1-1mdk.i586.rpm
4793fe40b2af0fdd5864f72db0615e50 10.0/RPMS/kernel-i686-up-4GB-2.6.3.14mdk-1-1mdk.i586.rpm
762657bdede72b9a35acb17b395ee1ff 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.6mdk-1-1mdk.i586.rpm
20aef99ab5994559227cbd7010d24e3a 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.14mdk-1-1mdk.i586.rpm
08196ea86336c42d850916038a6b40ba 10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.i586.rpm
98edb621bf6194742b9f4acf41ac798a 10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.i586.rpm
97b43a5beecc427cec5339f7b230937b 10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.i586.rpm
c61995bd80f09c18d644b63574830564 10.0/RPMS/kernel-source-2.4.25-6mdk.i586.rpm
a595b55173adb08a6ee525aba7a11bcf 10.0/RPMS/kernel-source-2.6.3-14mdk.i586.rpm
356ca3809548835c8d1543b1c5bd2c78 10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.i586.rpm
84c88cb9db5910bf541d69d041d146a2 10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8 10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm
Mandrakelinux 10.0/AMD64:
0bbe2751bf80eb4cd0b62d577e580c44 amd64/10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.amd64.rpm
2ed3cdb8d1d5a9da83e068c4be01f91f amd64/10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.amd64.rpm
aa4eee1b7d2e75100e9fac4f60484c2d amd64/10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.amd64.rpm
6c68464ee6a8f8e6abfd4aec1bc01c2a amd64/10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.amd64.rpm
acc109c127a3c52cf1d2e0f86834a62a amd64/10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.amd64.rpm
fdd0f9614d7fe27508319c021e83a41e amd64/10.0/RPMS/kernel-source-2.4.25-6mdk.amd64.rpm
dfc6b8544787e556a30d1165cce8bfbc amd64/10.0/RPMS/kernel-source-2.6.3-14mdk.amd64.rpm
23f827e67259b79381a9e8dd454880fa amd64/10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.amd64.rpm
84c88cb9db5910bf541d69d041d146a2 amd64/10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8 amd64/10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm
Corporate Server 2.1:
46927be757f70a59c86cdf11b3e43c92 corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.i586.rpm
d08b40244502502acadf9ba1b0e9762b corporate/2.1/RPMS/kernel-enterprise-2.4.19.41mdk-1-1mdk.i586.rpm
66749baa06773ce3942e2f770140502c corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
32a44dfa574bbbc50d316a5c8a4ef6ba corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.i586.rpm
40213434e41fefe88d20f4231a1f9734 corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm
Corporate Server 2.1/x86_64:
db88d345b01e85d2c6cfb01f1e28c3f1 x86_64/corporate/2.1/RPMS/kernel-2.4.19.42mdk-1-1mdk.x86_64.rpm
eaa43fee45b287b47e59a17206040308 x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.42mdk-1-1mdk.x86_64.rpm
88db1fa53a907a7ae59b561501053963 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.42mdk-1-1mdk.x86_64.rpm
a63ab72190d8214f8e242fe298c49a41 x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-42mdk.x86_64.rpm
b175ee4e191ff0f4098793413dd63c71 x86_64/corporate/2.1/SRPMS/kernel-2.4.19.42mdk-1-1mdk.src.rpm
Mandrakelinux 9.1:
71a8d1ae72fb050e3f4a07fcecf2f6f6 9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.i586.rpm
30998cdc47a6005198d7bff758c15fa8 9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.i586.rpm
2d50a264c7578cb525ffef5b9c6c256c 9.1/RPMS/kernel-secure-2.4.21.0.31mdk-1-1mdk.i586.rpm
d380dafaea573b0f8d135f442ac84085 9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.i586.rpm
fef500ffec1c0ec7e63daa040cea2d3e 9.1/RPMS/kernel-source-2.4.21-0.31mdk.i586.rpm
f3c09dcecb57b158e7e064b58be290fc 9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm
Mandrakelinux 9.1/PPC:
0ae9dba70be3135ed2d58b18744d5c88 ppc/9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.ppc.rpm
32c60b01cdc16a585ddd75c00f0f1b99 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.ppc.rpm
444be2eb864edc3e71de2a80ff1707c5 ppc/9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.ppc.rpm
0defa0d78d83de206b45d3e0f6f8c6b2 ppc/9.1/RPMS/kernel-source-2.4.21-0.31mdk.ppc.rpm
f3c09dcecb57b158e7e064b58be290fc ppc/9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm
Mandrakelinux 9.2:
f8d407d6b8c33d23e1869b192d86c581 9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.i586.rpm
eb13e94eb20684ac0a28d61f06f7d55b 9.2/RPMS/kernel-enterprise-2.4.22.35mdk-1-1mdk.i586.rpm
ed513e7698ee869227bb178239e4fd6b 9.2/RPMS/kernel-i686-up-4GB-2.4.22.35mdk-1-1mdk.i586.rpm
19382a345801c54d057569d4cd238457 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.35mdk-1-1mdk.i586.rpm
1eff108d820b8eaaf4aa30dc57037e38 9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.i586.rpm
554f24dd143cef8e46db249210ee6698 9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.i586.rpm
0e4a8b55bfc63b9c69bd3ffcbf36deb3 9.2/RPMS/kernel-source-2.4.22-35mdk.i586.rpm
9aada28aa2b9f835d3dc4cc30f856ca6 9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm
Mandrakelinux 9.2/AMD64:
445f0184ca8c02e0a3f915408c6e8f2c amd64/9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.amd64.rpm
dc7be7702ba82ca3e5e1c5c07ec5a7a7 amd64/9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.amd64.rpm
7249a64585c3fdb4e0c819274ffa5d6b amd64/9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.amd64.rpm
36684fff4f1d13784af9d539df01ba67 amd64/9.2/RPMS/kernel-source-2.4.22-35mdk.amd64.rpm
9aada28aa2b9f835d3dc4cc30f856ca6 amd64/9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm
Multi Network Firewall 8.2:
fdd6ea13be5777eb4ac69ae4a15149eb mnf8.2/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c mnf8.2/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFA2dQumqjQ0CJFipgRAvsvAJwKYoGaMGxqb9ZWhapI96NYwd9+uQCghmDy
OB/7YIx91p7173icwYh3Ito=
=FVyW
-----END PGP SIGNATURE-----