[slackware-security] Kernel security update
(SSA:2004-006-01)
New kernels are available for Slackware 9.0, 9.1 and -current.
The 9.1 and -current kernels have been upgraded to 2.4.24, and a
fix has been backported to the 2.4.21 kernels in Slackware 9.0 to
fix a bounds-checking problem in the kernel’s mremap() call which
could be used by a local attacker to gain root privileges. Sites
should upgrade to the 2.4.24 kernel and kernel modules. After
installing the new kernel, be sure to run ‘lilo’.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
Here are the details from the Slackware 9.1 ChangeLog:
+————————–+
Tue Jan 6 15:01:54 PST 2004
patches/kernels/: Upgraded to Linux 2.4.24. This fixes a
bounds-checking problem in the kernel’s mremap() call which could
be used by a local attacker to gain root privileges. Sites should
upgrade to the 2.4.24 kernel and kernel modules. After installing
the new kernel, be sure to run ‘lilo’.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
Thanks to Paul Starzetz for finding and researching this issue.
(* Security fix *)
patches/packages/alsa-driver-0.9.8-i486-2.tgz: Recompiled against
linux-2.4.24.
patches/packages/cvs-1.11.11-i486-1.tgz: Upgraded to
cvs-1.11.11.
This version enforces greater security. Changes include pserver
refusing to run as root, and logging attempts to exploit the
security hole fixed in 1.11.10 in the syslog.
patches/packages/kernel-ide-2.4.24-i486-1.tgz: Upgraded bare.i
kernel package to Linux 2.4.24.
patches/packages/kernel-modules-2.4.24-i486-1.tgz: Upgraded to
Linux 2.4.24 kernel modules.
patches/packages/kernel-source-2.4.24-noarch-2.tgz: Upgraded to
Linux 2.4.24 kernel source, with XFS and Speakup patches included
(but not pre-applied). This uses the XFS and Speakup patches for
2.4.23, which should be fine since 2.4.24 didn’t change much code.
Proper XFS patches for 2.4.24 will probably be out soon to fix the
one Makefile rejection for EXTRAVERSION = -xfs, but likely little
else will be different since XFS development has already gone ahead
to what is now the 2.4.25-pre kernel series.
patches/packages/kernel-modules-xfs/alsa-driver-xfs-0.9.8-i486-2.tgz:
Recompiled against linux-2.4.24-xfs.
patches/packages/kernel-modules-xfs/kernel-modules-xfs-2.4.24-i486-1.tgz:
Upgraded to Linux 2.4.24 kernel modules for the xfs.s (XFS patched)
kernel.
+————————–+
WHERE TO FIND THE NEW PACKAGES:
Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-ide-2.4.21-i486-3.tgz
An alternate kernel may be installed. Those are found in this
directory:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/kernels/
Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.24-i486-1.tgz
An alternate kernel may be installed. Those are found in this
directory:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/
The ALSA driver package has also been recompiled for 2.4.24:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/alsa-driver-0.9.8-i486-2.tgz
The XFS patched kernel requires different kernel modules. If you
use the XFS filesystem and XFS patched kernel (xfs.s), these
packages contain kernel modules compiled against 2.4.24-xfs:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-modules-xfs/alsa-driver-xfs-0.9.8-i486-2.tgz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.24-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-2.4.24-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.24-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/alsa-driver-1.0.0rc2-i486-2.tgz
MD5 SIGNATURES:
MD5 signatures may be downloaded from our FTP server:
Slackware 9.0 packages:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/CHECKSUMS.md5
To verify authenticity, this file has been signed with the
Slackware GPG key (use ‘gpg –verify’):
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/CHECKSUMS.md5.asc
Slackware 9.1 packages:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/CHECKSUMS.md5
To verify authenticity, this file has been signed with the
Slackware GPG key (use ‘gpg –verify’):
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/CHECKSUMS.md5.asc
Slackware -current packages:
ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5
ftp://ftp.slackware.com/pub/slackware/slackware-current/CHECKSUMS.md5.asc
INSTALLATION INSTRUCTIONS:
Use upgradepkg to install the new kernel, kernel-modules, and
alsa packages. After installing the kernel-ide package you will
need to run lilo (‘lilo’ at a command prompt) or create a new
system boot disk (‘makebootdisk’), and reboot.
If desired, a kernel from the kernels/ directory may be used
instead. For example, to use the kernel in kernels/scsi.s/, you
would copy it to the boot directory like this:
cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.24
Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.24 /boot/vmlinuz
Then, run ‘lilo’ or create a new system boot disk and
reboot.
+—–+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com