RHEL 3 : kernel (RHSA-2004:689)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues :

Petr Vandrovec discovered a flaw in the 32bit emulation code affecting
the Linux 2.4 kernel on the AMD64 architecture. A local attacker could
use this flaw to gain privileges. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-1144
to this issue.

ISEC security research discovered multiple vulnerabilities in the IGMP
functionality which was backported in the Red Hat Enterprise Linux 3
kernels. These flaws could allow a local user to cause a denial of
service (crash) or potentially gain privileges. Where multicast
applications are being used on a system, these flaws may also allow
remote users to cause a denial of service. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-1137 to this issue.

ISEC security research and Georgi Guninski independently discovered a
flaw in the scm_send function in the auxiliary message layer. A local
user could create a carefully crafted auxiliary message which could
cause a denial of service (system hang). The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-1016 to this issue.

A floating point information leak was discovered in the ia64
architecture context switch code. A local user could use this flaw to
read register values of other processes by setting the MFH bit. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0565 to this issue.

Kirill Korotaev found a flaw in load_elf_binary affecting kernels
prior to 2.4.26. A local user could create a carefully crafted binary
in such a way that it would cause a denial of service (system crash).
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-1234 to this issue.

These packages also fix issues in the io_edgeport driver, and a memory
leak in ip_options_get.

Note: The kernel-unsupported package contains various drivers and
modules that are unsupported and therefore might contain security
problems that have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0565.html
https://www.redhat.com/security/data/cve/CVE-2004-1016.html
https://www.redhat.com/security/data/cve/CVE-2004-1017.html
https://www.redhat.com/security/data/cve/CVE-2004-1137.html
https://www.redhat.com/security/data/cve/CVE-2004-1144.html
https://www.redhat.com/security/data/cve/CVE-2004-1234.html
https://www.redhat.com/security/data/cve/CVE-2004-1335.html
http://rhn.redhat.com/errata/RHSA-2004-689.html

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 16054 ()

Bugtraq ID:

CVE ID: CVE-2004-0565
CVE-2004-1016
CVE-2004-1017
CVE-2004-1137
CVE-2004-1144
CVE-2004-1234
CVE-2004-1335