Fedora Update Notification
FEDORA-2004-251
2004-08-10
Product : Fedora Core 1
Name : kernel
Version : 2.4.22
Release : 1.2199.nptl
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of
your Fedora Core Linux operating system. The kernel handles the
basic functions of the operating system: memory allocation, process
allocation, device input and output, etc.
Paul Starzetz discovered flaws in the Linux kernel when handling
file offset pointers. These consist of invalid conversions of 64 to
32-bit file offset pointers and possible race conditions. A local
unprivileged user could make use of these flaws to access large
portions of kernel memory. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2004-0415 to this issue.
These packages contain a patch written by Al Viro to correct
these flaws. Red Hat would like to thank iSEC Security Research for
disclosing this issue and a number of vendor-sec participants for
reviewing and working on the patch to this issue.
Additionally, a number of issues were fixed in the USB serial
code.
References:
http://www.isec.pl/vulnerabilities/isec-0016-procleaks.txt
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415
- Wed Aug 04 2004 Dave Jones <davej@redhat.com>
- Fix various fpos races. (CAN-2004-0415)
- Wed Jul 07 2004 Dave Jones <davej@redhat.com>
- Updates to usbserial post_helper (Pete Zaitcev)
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
990abbc3a23ceb0dad35dcf86a9f22bd
SRPMS/kernel-2.4.22-1.2199.nptl.src.rpm
09a7dc7a6acc6dd91b5c5870fc0c2215
x86_64/kernel-2.4.22-1.2199.nptl.x86_64.rpm
3ddc71af11ce37ef2e45a24e82e2b3e9
x86_64/kernel-source-2.4.22-1.2199.nptl.x86_64.rpm
4c25c4633ea124cb13c983c4426aeb2c
x86_64/kernel-doc-2.4.22-1.2199.nptl.x86_64.rpm
e60c0a0d1974f55a1c6d391f277ac811
x86_64/kernel-smp-2.4.22-1.2199.nptl.x86_64.rpm
b5e8570da6b93c2778c007b5252a2cab
x86_64/debug/kernel-debuginfo-2.4.22-1.2199.nptl.x86_64.rpm
0235c05043346ac36fe34e7aa6d7981e
i386/kernel-source-2.4.22-1.2199.nptl.i386.rpm
4761cf2c7322ec44fa6fa177ac17a075
i386/kernel-doc-2.4.22-1.2199.nptl.i386.rpm
51784ae484de03f848ae9036100f3c3b
i386/kernel-BOOT-2.4.22-1.2199.nptl.i386.rpm
fd796c7a0a4b8d95c4b4970b66ff24ab
i386/debug/kernel-debuginfo-2.4.22-1.2199.nptl.i386.rpm
ae0865018027dd9805e1c6ed31d2ad5c
i386/kernel-2.4.22-1.2199.nptl.i586.rpm
5b87410e6d21d49ffd9007b7c495e094
i386/kernel-smp-2.4.22-1.2199.nptl.i586.rpm
75cf98521b45187a13fce4fa2246181e
i386/debug/kernel-debuginfo-2.4.22-1.2199.nptl.i586.rpm
37382d2ff7beb3873032270e290c8bd0
i386/kernel-2.4.22-1.2199.nptl.i686.rpm
e1d1d064c83af617d57018f820e52e92
i386/kernel-smp-2.4.22-1.2199.nptl.i686.rpm
e87f2192c4ccb72a82ae6042b203fcf0
i386/debug/kernel-debuginfo-2.4.22-1.2199.nptl.i686.rpm
3ab11ad24807b682f375a640c9040688
i386/kernel-2.4.22-1.2199.nptl.athlon.rpm
d1d18eab4c48cd0e5857dd8775344d49
i386/kernel-smp-2.4.22-1.2199.nptl.athlon.rpm
5068d9d87ab03dff7a9a1b14ce35cfaf
i386/debug/kernel-debuginfo-2.4.22-1.2199.nptl.athlon.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.