dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Fedora Core Advisory: kernel

Jan 07, 2004, 20:57 (0 Talkback[s])

Fedora Security Update Notification
FEDORA-2003-047
2004-01-07
Name : kernel
Version : 2.4.22
Release : 1.2140.nptl
Summary : The Linux kernel (the core of the Linux operating system)

Description :
The kernel package contains the Linux kernel (vmlinuz), the core of your Red Hat Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.


Various RTC drivers had the potential to leak small amounts of kernel memory to userspace through IOCTL's.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2003-0984 to this issue.


This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

69a643e061b0e3a56d07eccf8b142b26 SRPMS/kernel-2.4.22-1.2140.nptl.src.rpm
ff15774cedef09fbfe59c25ece1f6ed2 i386/kernel-source-2.4.22-1.2140.nptl.i386.rpm
9eba879575a930ee4c3ed392cd57ab6b i386/kernel-doc-2.4.22-1.2140.nptl.i386.rpm
3a8bccb684dd6dfcea88f5dce35cdab0 i386/kernel-BOOT-2.4.22-1.2140.nptl.i386.rpm
567c39348a31b964187354a71f2e5a5e i386/debug/kernel-debuginfo-2.4.22-1.2140.nptl.i386.rpm
9a99f90d73034bc06bc75b1f8ca5939c i386/kernel-2.4.22-1.2140.nptl.i586.rpm
0043651e9f2a8781d86a48fc416008b7 i386/debug/kernel-debuginfo-2.4.22-1.2140.nptl.i586.rpm
2058a8d4276508f91c5d8e91b5552fec i386/kernel-2.4.22-1.2140.nptl.i686.rpm
de785e229eb62997287c9ba3c4d35164 i386/kernel-smp-2.4.22-1.2140.nptl.i686.rpm
cb85e72a2437356068cb5f498b4199c5 i386/debug/kernel-debuginfo-2.4.22-1.2140.nptl.i686.rpm
86056e2e9770d38a8dc99ca01f8e1881 i386/kernel-2.4.22-1.2140.nptl.athlon.rpm
e58efa41da0cbd119ade33bf39c3763c i386/kernel-smp-2.4.22-1.2140.nptl.athlon.rpm
ceeb465c728f5ed0e2656d943eba42ff i386/debug/kernel-debuginfo-2.4.22-1.2140.nptl.athlon.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984