Red Hat Product Errata RHSA-2003:195 - Security Advisory
Issued:
2003-06-19
Updated:
2003-06-19

RHSA-2003:195 - Security Advisory

Synopsis

kernel security update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages for Red Hat Enterprise Linux are now available
which address several security vulnerabilities.

Description

The Linux kernel handles the basic functions of the operating system.

Several security issues have been found that affect the Linux kernel:

Al Viro found a security issue in the tty layer whereby any user could
cause a kernel oops. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0247 to this issue.

Andrea Arcangeli found an issue in the low-level mxcsr code in which a
malformed address would leave garbage in cpu state registers. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2003-0248 to this issue.

The TCP/IP fragment reassembly handling allows remote attackers to cause a
denial of service (CPU consumption) via packets that cause a large number
of hash table collisions, a vulnerability similar to CAN-2003-0244. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2003-0364 to this issue.

These kernels also contain updated fixes for the ioperm security issue, as
well as fixes for a number of bugs.

It is recommended that users upgrade to these erratum kernels, which
contain patches to correct these vulnerabilities.

Solution

Release notes, driver notes, and driver disks for this update are available
at the following URL:

http://www.redhat.com/support/errata/rhel/

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

The procedure for upgrading the kernel manually is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this to be an easier way to apply updates. To use Red Hat
Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system. Note that you need to select the kernel
explicitly on default configurations of up2date.

Affected Products

  • Red Hat Enterprise Linux Server 2 i386
  • Red Hat Enterprise Linux Workstation 2 i386

Fixes

(none)

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.