---

Mandrakelinux Advisory: kernel


Mandrakelinux Security Update Advisory


Package name: kernel
Advisory ID: MDKSA-2004:037
Date: April 27th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1, Multi
Network Firewall 8.2


Problem Description:

A vulnerability was found in the framebuffer driver of the 2.6
kernel. This is due to incorrect use of the fb_copy_cmap function.
(CAN-2004-0229)

A vulnerability has been found in the Linux kernel in the
ip_setsockopt() function code. There is an exploitable integer
overflow inside the code handling the MCAST_MSFILTER socket option
in the IP_MSFILTER_SIZE macro calculation. This issue is present in
both 2.4 (2.4.25) and 2.6 kernels. (CAN-2004-0424)

There is a minor issue with the static buffer in 2.4 kernel’s
panic() function. Although it’s a possibly buffer overflow, it most
like not exploitable due to the nature of panic().
(CAN-2004-0394)

In do_fork(), if an error occurs after the mm_struct for the
child has been allocated, it is never freed. The exit_mm() meant to
free it increments the mm_count and this count is never
decremented. (For a running process that is exitting, schedule()
takes care this; however, the child process being cleaned up is not
running.) In the CLONE_VM case, the parent’s mm_struct will get an
extra mm_count and so it will never be freed. This issue is present
in both 2.4 and 2.6 kernels.

The provided packages are patched to fix these vulnerabilities.
All users are encouraged to upgrade to these updated kernels.

To update your kernel, please follow the directions located
at:

http://www.mandrakesecure.net/en/kernelupdate.php


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0229

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424


Updated Packages:

Mandrakelinux 10.0:
512ad2b9656157596a14f11658003441
10.0/RPMS/kernel-2.4.25.4mdk-1-1mdk.i586.rpm
1408115128e49bdedecfef550a1d617e
10.0/RPMS/kernel-2.6.3.9mdk-1-1mdk.i586.rpm
c5d1c3e66f3d0c13e06e655a60c93648
10.0/RPMS/kernel-enterprise-2.4.25.4mdk-1-1mdk.i586.rpm
d2b6f19fbf4d977e43f702573ae0149b
10.0/RPMS/kernel-enterprise-2.6.3.9mdk-1-1mdk.i586.rpm
51aa702b34b5341cc6f7a8b00d8fb2d1
10.0/RPMS/kernel-i686-up-4GB-2.4.25.4mdk-1-1mdk.i586.rpm
6ba75b6a07c497d19de6d94421160421
10.0/RPMS/kernel-i686-up-4GB-2.6.3.9mdk-1-1mdk.i586.rpm
b0cf5e7fcb0504d7ba3eabaf5877b3a1
10.0/RPMS/kernel-p3-smp-64GB-2.4.25.4mdk-1-1mdk.i586.rpm
c0edb799f2c564a025525fa02064f14d
10.0/RPMS/kernel-p3-smp-64GB-2.6.3.9mdk-1-1mdk.i586.rpm
834f15992c852e065945c52a9641f838
10.0/RPMS/kernel-secure-2.6.3.9mdk-1-1mdk.i586.rpm
a50abd8fcf456b8e47153fb54376f59b
10.0/RPMS/kernel-smp-2.4.25.4mdk-1-1mdk.i586.rpm
ac68ceaffdcb08413ebf35c23aac3156
10.0/RPMS/kernel-smp-2.6.3.9mdk-1-1mdk.i586.rpm
11245edb491cd5d3e51f289cafea27da
10.0/RPMS/kernel-source-2.4.25-4mdk.i586.rpm
df56adcb83dfcc1c48f30da6df98d26f
10.0/RPMS/kernel-source-2.6.3-9mdk.i586.rpm
9dd9a73d7e818de3a32884bb929faa6e
10.0/RPMS/kernel-source-stripped-2.6.3-9mdk.i586.rpm
ee1e8c70faa8fcfe037b1df2a02dfde3
10.0/SRPMS/kernel-2.4.25.4mdk-1-1mdk.src.rpm
e520e352d544fb6054deeeee10771a0d
10.0/SRPMS/kernel-2.6.3.9mdk-1-1mdk.src.rpm

Corporate Server 2.1:
9d768e4ce36c6087ba8f5ba577844404
corporate/2.1/RPMS/kernel-2.4.19.40mdk-1-1mdk.i586.rpm
dc79c45fa573699bbeb69e93d21a844d
corporate/2.1/RPMS/kernel-enterprise-2.4.19.40mdk-1-1mdk.i586.rpm

6899874aaa34516f539d8d3325bf04ef
corporate/2.1/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm
ed0e7b8045d8c2fec9b50ec0fc892144
corporate/2.1/RPMS/kernel-smp-2.4.19.40mdk-1-1mdk.i586.rpm
22f2d31deab68fe8ebfc45f9ffde03eb
corporate/2.1/RPMS/kernel-source-2.4.19-40mdk.i586.rpm
acaf69cb211e659a1f66bb515d344e6d
corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm

Corporate Server 2.1/x86_64:
ae61d25bf5add380bd090be023f2b369
x86_64/corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.x86_64.rpm
ab7733adedb14c77065049e538724102
x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.x86_64.rpm

548431a1f50a3aa621168a9201459ed5
x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.x86_64.rpm

df97c7eea0a451191554eb4f1d3470fa
x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.x86_64.rpm
749ba262824efc6db6bf9a348db9572b
x86_64/corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm
e3aab9144ef05bbdebb4d0e3bb7a687f
x86_64/corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm

Mandrakelinux 9.1:
f579e5572ae3c29992b2c073b08566fe
9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.i586.rpm
c7b9fa739c8da1f169b2aae61befea11
9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.i586.rpm
bde850e6aba069f6d376030d138e6651
9.1/RPMS/kernel-secure-2.4.21.0.30mdk-1-1mdk.i586.rpm
59c4aa4caa87443bb7ff1b1163290cb6
9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.i586.rpm
b4970e3b44485a980ef7097cc4392980
9.1/RPMS/kernel-source-2.4.21-0.30mdk.i586.rpm
3573d24eb4a88655c30a50927a04bc99
9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.1/PPC:
9f79caa248fd9a44148dc71b8978ea61
ppc/9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.ppc.rpm
ad997d6ffa84dabcb6dab71d84cc76c7
ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.ppc.rpm
e3000ba19417448101b89de749352d65
ppc/9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.ppc.rpm
2b2ffb04ab1682dd6f617989cd916baa
ppc/9.1/RPMS/kernel-source-2.4.21-0.30mdk.ppc.rpm
3573d24eb4a88655c30a50927a04bc99
ppc/9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.2:
d27941559f1c361302828a9b47ecf7f3
9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.i586.rpm
b83fa5ce402914f25f7842111a4b7ade
9.2/RPMS/kernel-enterprise-2.4.22.30mdk-1-1mdk.i586.rpm
f4ebd378c253029948d2842b28a42686
9.2/RPMS/kernel-i686-up-4GB-2.4.22.30mdk-1-1mdk.i586.rpm
25af28dd6307d885aa4e1675f87eff9d
9.2/RPMS/kernel-p3-smp-64GB-2.4.22.30mdk-1-1mdk.i586.rpm
720d154d3f072f2755fa21af1b4d4481
9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.i586.rpm
65d699299165fdbb2a08005aa709eeeb
9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.i586.rpm
bc90947e4bd9e4b92be3ecbec178af9e
9.2/RPMS/kernel-source-2.4.22-30mdk.i586.rpm
ab27a2bdab51b0a18c53b31179b55926
9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.2/AMD64:
f36f231165398748ce2e281634ebb64e
amd64/9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.amd64.rpm
55a11558b59499d6ccac8f1ace898328
amd64/9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.amd64.rpm
675885582dc6ce1c2fb107b34d770821
amd64/9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.amd64.rpm
12bb18d837d527fe3e05933589a50519
amd64/9.2/RPMS/kernel-source-2.4.22-30mdk.amd64.rpm
ab27a2bdab51b0a18c53b31179b55926
amd64/9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm

Multi Network Firewall 8.2:
b4a07759720a0f6fdd85eabcf610766e
mnf8.2/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm
acaf69cb211e659a1f66bb515d344e6d
mnf8.2/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by Mandrakesoft for security. You can
obtain the GPG public key of the Mandrakelinux Security Team by
executing:

gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98

Please be aware that sometimes it takes the mirrors a few hours
to update.

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesecure.net/en/advisories/

Mandrakesoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis