Security Advisory (MDKSA-2003:074): kernel

aru · July 16, 2003

MandrakeSoft Security Advisory MDKSA-2003:074 : kernel

July 15th, 2003

Updated kernel packages fix multiple vulnerabilities

Multiple vulnerabilities were discovered and fixed in the Linux kernel.

* CAN-2003-0001: Multiple ethernet network card drivers do not pad frames with null bytes which allows remote attackers to obtain information from previous packets or kernel memory by using special malformed packets.

* CAN-2003-0244: The route cache implementation in the 2.4 kernel and the Netfilter IP conntrack module allows remote attackers to cause a Denial of Service (DoS) via CPU consumption due to packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain.

* CAN-2003-0246: The ioperm implementation in 2.4.20 and earlier kernels does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.

* CAN-2003-0247: A vulnerability in the TTY layer of the 2.4 kernel allows attackers to cause a kernel oops resulting in a DoS.

* CAN-2003-0248: The mxcsr code in the 2.4 kernel allows attackers to modify CPU state registers via a malformed address.

* CAN-2003-0462: A file read race existed in the execve() system call.

Kernels for 9.1/x86 are also available (see MDKSA-2003:066).

MandrakeSoft encourages all users to upgrade to these new kernels.

For full instructions on how to properly upgrade your kernel, please review http://www.mandrakesecure.net/en/docs/magic.php.

The released versions of Mandrake GNU/Linux affected are: