Red Hat 2004-689 Security Check

High Log Correlation Engine Plugin ID 801602

Synopsis

The remote host is missing a security update.

Description

Updated kernel packages that fix several security issues in Red Hat
Enterprise Linux 3 are now available.

The Linux kernel handles the basic functions of the operating system.

This advisory includes fixes for several security issues :

Petr Vandrovec discovered a flaw in the 32bit emulation code affecting
the Linux 2.4 kernel on the AMD64 architecture. A local attacker could
use this flaw to gain privileges. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-1144
to this issue.

ISEC security research discovered multiple vulnerabilities in the IGMP
functionality which was backported in the Red Hat Enterprise Linux 3
kernels. These flaws could allow a local user to cause a denial of
service (crash) or potentially gain privileges. Where multicast
applications are being used on a system, these flaws may also allow
remote users to cause a denial of service. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-1137 to this issue.

ISEC security research and Georgi Guninski independantly discovered a
flaw in the scm_send function in the auxiliary message layer. A local
user could create a carefully crafted auxiliary message which could
cause a denial of service (system hang). The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-1016 to this issue.

A floating point information leak was discovered in the ia64
architecture context switch code. A local user could use this flaw to
read register values of other processes by setting the MFH bit. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0565 to this issue.

Kirill Korotaev found a flaw in load_elf_binary affecting kernels
prior to 2.4.26. A local user could create a carefully crafted binary
in such a way that it would cause a denial of service (system crash).
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-1234 to this issue.

These packages also fix issues in the io_edgeport driver, and a memory
leak in ip_options_get.

Note: The kernel-unsupported package contains various drivers and
modules that are unsupported and therefore might contain security
problems that have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

Solution

Update the affected package(s).

See Also

https://www.redhat.com/security/data/cve/CVE-2004-0565.html

https://www.redhat.com/security/data/cve/CVE-2004-1016.html

https://www.redhat.com/security/data/cve/CVE-2004-1017.html

https://www.redhat.com/security/data/cve/CVE-2004-1137.html

https://www.redhat.com/security/data/cve/CVE-2004-1144.html

https://www.redhat.com/security/data/cve/CVE-2004-1234.html

https://www.redhat.com/security/data/cve/CVE-2004-1335.html

http://rhn.redhat.com/errata/RHSA-2004-689.html

Plugin Details

Severity: High

ID: 801602

File Name: 801602.prm

Family: Generic

Risk Information

Risk Factor: High

Temporal Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Reference Information

CVE: CVE-2004-0565, CVE-2004-1016, CVE-2004-1017, CVE-2004-1137, CVE-2004-1144, CVE-2004-1234, CVE-2004-1335