Security 10817 Published by

A kernel update is available for Mandrakelinux
_______________________________________________________________________

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: kernel
Advisory ID: MDKSA-2004:037
Date: April 27th, 2004

Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________

Problem Description:

A vulnerability was found in the framebuffer driver of the 2.6 kernel. This is due to incorrect use of the fb_copy_cmap function. (CAN-2004-0229)

A vulnerability has been found in the Linux kernel in the ip_setsockopt() function code. There is an exploitable integer overflow inside the code handling the MCAST_MSFILTER socket option in the IP_MSFILTER_SIZE macro calculation. This issue is present in both 2.4 (2.4.25) and 2.6 kernels. (CAN-2004-0424)

There is a minor issue with the static buffer in 2.4 kernel's panic() function. Although it's a possibly buffer overflow, it most like not exploitable due to the nature of panic(). (CAN-2004-0394)

In do_fork(), if an error occurs after the mm_struct for the child has been allocated, it is never freed. The exit_mm() meant to free it increments the mm_count and this count is never decremented. (For a running process that is exitting, schedule() takes care this; however, the child process being cleaned up is not running.) In the CLONE_VM case, the parent's mm_struct will get an extra mm_count and so it will never be freed. This issue is present in both 2.4 and 2.6 kernels.

The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels.



To update your kernel, please follow the directions located at:

http://www.mandrakesecure.net/en/kernelupdate.php
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0229
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
512ad2b9656157596a14f11658003441 10.0/RPMS/kernel-2.4.25.4mdk-1-1mdk.i586.rpm
1408115128e49bdedecfef550a1d617e 10.0/RPMS/kernel-2.6.3.9mdk-1-1mdk.i586.rpm
c5d1c3e66f3d0c13e06e655a60c93648 10.0/RPMS/kernel-enterprise-2.4.25.4mdk-1-1mdk.i586.rpm
d2b6f19fbf4d977e43f702573ae0149b 10.0/RPMS/kernel-enterprise-2.6.3.9mdk-1-1mdk.i586.rpm
51aa702b34b5341cc6f7a8b00d8fb2d1 10.0/RPMS/kernel-i686-up-4GB-2.4.25.4mdk-1-1mdk.i586.rpm
6ba75b6a07c497d19de6d94421160421 10.0/RPMS/kernel-i686-up-4GB-2.6.3.9mdk-1-1mdk.i586.rpm
b0cf5e7fcb0504d7ba3eabaf5877b3a1 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.4mdk-1-1mdk.i586.rpm
c0edb799f2c564a025525fa02064f14d 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.9mdk-1-1mdk.i586.rpm
834f15992c852e065945c52a9641f838 10.0/RPMS/kernel-secure-2.6.3.9mdk-1-1mdk.i586.rpm
a50abd8fcf456b8e47153fb54376f59b 10.0/RPMS/kernel-smp-2.4.25.4mdk-1-1mdk.i586.rpm
ac68ceaffdcb08413ebf35c23aac3156 10.0/RPMS/kernel-smp-2.6.3.9mdk-1-1mdk.i586.rpm
11245edb491cd5d3e51f289cafea27da 10.0/RPMS/kernel-source-2.4.25-4mdk.i586.rpm
df56adcb83dfcc1c48f30da6df98d26f 10.0/RPMS/kernel-source-2.6.3-9mdk.i586.rpm
9dd9a73d7e818de3a32884bb929faa6e 10.0/RPMS/kernel-source-stripped-2.6.3-9mdk.i586.rpm
ee1e8c70faa8fcfe037b1df2a02dfde3 10.0/SRPMS/kernel-2.4.25.4mdk-1-1mdk.src.rpm
e520e352d544fb6054deeeee10771a0d 10.0/SRPMS/kernel-2.6.3.9mdk-1-1mdk.src.rpm

Corporate Server 2.1:
9d768e4ce36c6087ba8f5ba577844404 corporate/2.1/RPMS/kernel-2.4.19.40mdk-1-1mdk.i586.rpm
dc79c45fa573699bbeb69e93d21a844d corporate/2.1/RPMS/kernel-enterprise-2.4.19.40mdk-1-1mdk.i586.rpm
6899874aaa34516f539d8d3325bf04ef corporate/2.1/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm
ed0e7b8045d8c2fec9b50ec0fc892144 corporate/2.1/RPMS/kernel-smp-2.4.19.40mdk-1-1mdk.i586.rpm
22f2d31deab68fe8ebfc45f9ffde03eb corporate/2.1/RPMS/kernel-source-2.4.19-40mdk.i586.rpm
acaf69cb211e659a1f66bb515d344e6d corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm

Corporate Server 2.1/x86_64:
ae61d25bf5add380bd090be023f2b369 x86_64/corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.x86_64.rpm
ab7733adedb14c77065049e538724102 x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.x86_64.rpm
548431a1f50a3aa621168a9201459ed5 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.x86_64.rpm
df97c7eea0a451191554eb4f1d3470fa x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.x86_64.rpm
749ba262824efc6db6bf9a348db9572b x86_64/corporate/2.1/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm
e3aab9144ef05bbdebb4d0e3bb7a687f x86_64/corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm

Mandrakelinux 9.1:
f579e5572ae3c29992b2c073b08566fe 9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.i586.rpm
c7b9fa739c8da1f169b2aae61befea11 9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.i586.rpm
bde850e6aba069f6d376030d138e6651 9.1/RPMS/kernel-secure-2.4.21.0.30mdk-1-1mdk.i586.rpm
59c4aa4caa87443bb7ff1b1163290cb6 9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.i586.rpm
b4970e3b44485a980ef7097cc4392980 9.1/RPMS/kernel-source-2.4.21-0.30mdk.i586.rpm
3573d24eb4a88655c30a50927a04bc99 9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.1/PPC:
9f79caa248fd9a44148dc71b8978ea61 ppc/9.1/RPMS/kernel-2.4.21.0.30mdk-1-1mdk.ppc.rpm
ad997d6ffa84dabcb6dab71d84cc76c7 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.30mdk-1-1mdk.ppc.rpm
e3000ba19417448101b89de749352d65 ppc/9.1/RPMS/kernel-smp-2.4.21.0.30mdk-1-1mdk.ppc.rpm
2b2ffb04ab1682dd6f617989cd916baa ppc/9.1/RPMS/kernel-source-2.4.21-0.30mdk.ppc.rpm
3573d24eb4a88655c30a50927a04bc99 ppc/9.1/SRPMS/kernel-2.4.21.0.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.2:
d27941559f1c361302828a9b47ecf7f3 9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.i586.rpm
b83fa5ce402914f25f7842111a4b7ade 9.2/RPMS/kernel-enterprise-2.4.22.30mdk-1-1mdk.i586.rpm
f4ebd378c253029948d2842b28a42686 9.2/RPMS/kernel-i686-up-4GB-2.4.22.30mdk-1-1mdk.i586.rpm
25af28dd6307d885aa4e1675f87eff9d 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.30mdk-1-1mdk.i586.rpm
720d154d3f072f2755fa21af1b4d4481 9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.i586.rpm
65d699299165fdbb2a08005aa709eeeb 9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.i586.rpm
bc90947e4bd9e4b92be3ecbec178af9e 9.2/RPMS/kernel-source-2.4.22-30mdk.i586.rpm
ab27a2bdab51b0a18c53b31179b55926 9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm

Mandrakelinux 9.2/AMD64:
f36f231165398748ce2e281634ebb64e amd64/9.2/RPMS/kernel-2.4.22.30mdk-1-1mdk.amd64.rpm
55a11558b59499d6ccac8f1ace898328 amd64/9.2/RPMS/kernel-secure-2.4.22.30mdk-1-1mdk.amd64.rpm
675885582dc6ce1c2fb107b34d770821 amd64/9.2/RPMS/kernel-smp-2.4.22.30mdk-1-1mdk.amd64.rpm
12bb18d837d527fe3e05933589a50519 amd64/9.2/RPMS/kernel-source-2.4.22-30mdk.amd64.rpm
ab27a2bdab51b0a18c53b31179b55926 amd64/9.2/SRPMS/kernel-2.4.22.30mdk-1-1mdk.src.rpm

Multi Network Firewall 8.2:
b4a07759720a0f6fdd85eabcf610766e mnf8.2/RPMS/kernel-secure-2.4.19.40mdk-1-1mdk.i586.rpm
acaf69cb211e659a1f66bb515d344e6d mnf8.2/SRPMS/kernel-2.4.19.40mdk-1-1mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

Please be aware that sometimes it takes the mirrors a few hours to update.