[Slackit.org] [slackware-security] Slackware 8.1 kernel security update

slackit-ml

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Slackit.org] [slackware-security] Slackware 8.1 kernel security update

From:	Andrea Guarnaccia
Subject:	[Slackit.org] [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)
Date:	Fri, 09 Jan 2004 14:30:43 +0100


[slackware-security]  Slackware 8.1 kernel security update  (SSA:2004-008-01)

New kernels are available for Slackware 8.1 containing a
backported fix from a bounds-checking problem in the kernel's
mremap() call which could be used by a local attacker to gain
root privileges.  This fix was previously issued for Slackware
9.0, 9.1, and -current (SSA:2004-006-01).

Sites running Slackware 8.1 should upgrade to the new kernel.
After installing the new kernel, be sure to run 'lilo'.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985


Here are the details from the Slackware 8.1 ChangeLog:
+--------------------------+
Thu Jan  8 18:21:27 PST 2004
patches/kernels/*:  These are 2.4.18 kernels containing a backported
  fix for a security problem with the kernel's mremap() function.
  A local user could exploit this hole to gain root privileges.
  For more details, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
  After installing the new kernel, be sure to run 'lilo'.
  (* Security fix *)
patches/packages/kernel-ide-2.4.18-i386-5.tgz:  Patched mremap().
  (* Security fix *)
patches/packages/kernel-source-2.4.18-noarch-6.tgz:  This is
  the source code from kernel-source-2.4.18-noarch-5 with the fix
  for mremap().
  (* Security fix *)
+--------------------------+


WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-ide-2.4.18-i386-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-source-2.4.18-noarch-6.tgz

An alternate kernel may be installed.  Those are found in this directory:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/kernels/


MD5 SIGNATURES:
+-------------+

MD5 signatures may be downloaded from our FTP server:

Slackware 8.1 packages:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/CHECKSUMS.md5

To verify authenticity, this file has been signed with the Slackware
GPG key (use 'gpg --verify'):

ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/CHECKSUMS.md5.asc


INSTALLATION INSTRUCTIONS:
+------------------------+

Use upgradepkg to install the new kernel, kernel-modules, and alsa packages.
After installing the kernel-ide package you will need to run lilo ('lilo' at
a command prompt) or create a new system boot disk ('makebootdisk'), and
reboot.

If desired, a kernel from the kernels/ directory may be used instead.  For
example, to use the kernel in kernels/scsi.s/, you would copy it to the
boot directory like this:

cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.18

Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.18 /boot/vmlinuz

Then, run 'lilo' or create a new system boot disk and reboot.


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[Slackit.org] [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01), Andrea Guarnaccia <=

Prev by Date: Re: [Slackit.org] Video out su radeon
Next by Date: [Slackit.org] Quale server imap?
Previous by thread: Re: [Slackit.org] Video out su radeon
Next by thread: [Slackit.org] Quale server imap?
Index(es):
- Date
- Thread