[Full-Disclosure] [ESA-20021122-030] local kernel vulnerabilities

From: EnGarde Secure Linux (security@guardiandigital.com)
Date: 11/22/02


From: security@guardiandigital.com (EnGarde Secure Linux)
Date: Fri, 22 Nov 2002 10:24:01 -0500 (EST)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory November 22, 2002 |
| http://www.engardelinux.org/ ESA-20021122-030 |
| |
| Package: kernel |
| Summary: local vulnerabilities. |
+------------------------------------------------------------------------+

  EnGarde Secure Linux is a secure distribution of Linux that features
  improved access control, host and network intrusion detection, Web
  based secure remote management, e-commerce, and integrated open source
  security tools.

OVERVIEW
- --------
  Solar Designer kindly pointed out to us that our last kernel update
  (ESA-20021022-026) was incomplete because 2.2.22-rc1 did not contain
  all the critical security fixes. This update backports the remaining
  fixes.

  This update also fixes a denial of service attack where a local user
  could lock the machine.

  All users are recommended to upgrade immediately using the special
  SOLUTION in this advisory.

SOLUTION
- --------
  Users of the EnGarde Professional edition can use the Guardian Digital
  Secure Network to update their systems automatically.

  EnGarde Community users should upgrade to the most recent version
  as outlined in this advisory. Updates may be obtained from:

    ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
    http://ftp.engardelinux.org/pub/engarde/stable/updates/

  Please read and understand this entire section before you attempt to
  upgrade the kernel.

  Initial Steps
  -------------
    1) Verify the machine is either:

       a) booted into a "standard" kernel; or
       b) LIDS is disabled (/sbin/lidsadm -S -- -LIDS_GLOBAL)

    2) Determine which kernels you currently have installed:

         # rpm -qa --qf "%{NAME}\n" | grep kernel

    3) Download the new kernels that match what you have installed
       (based on step 2) from the "UPDATED PACKAGES" section of this
       advisory.

  Installation Steps
  ------------------
    4) Install the new packages. The packages will automagically
       update /etc/lilo.conf by commenting out any old EnGarde images
       and replacing them with the new ones:

         # rpm --replacefiles -i <kernel 1> <kernel 2> ...

    5) Re-run LILO. If you see any errors then open /etc/lilo.conf in
       your favorite text editor and make the appropriate changes:

         # /sbin/lilo

  Final Steps
  -----------
    6) If you did not see any LILO errors then your new kernel is now
       installed and your machine is ready to be rebooted:

         # reboot

UPDATED PACKAGES
- ----------------
  These updated packages are for EnGarde Secure Linux Community
  Edition.

  Source Packages:

    SRPMS/kernel-2.2.19-1.0.29.src.rpm
      MD5 Sum: 9b4826ca5257cf76f4cc80b7d2b8f970

  Binary Packages:

    i386/kernel-2.2.19-1.0.29.i386.rpm
      MD5 Sum: d7832ded322e444b1754aab6aa3369ae

    i386/kernel-lids-mods-2.2.19-1.0.29.i386.rpm
      MD5 Sum: 711f92dde4726474c526766e8be18be4

    i386/kernel-smp-lids-mods-2.2.19-1.0.29.i386.rpm
      MD5 Sum: 4c8524458b94d65a5df1401707a59355

    i386/kernel-smp-mods-2.2.19-1.0.29.i386.rpm
      MD5 Sum: 5b3df58bf41b98451f20700d25107b3d

    i686/kernel-2.2.19-1.0.29.i686.rpm
      MD5 Sum: ff4b48ed55eff840324f9ef27db0c21d

    i686/kernel-lids-mods-2.2.19-1.0.29.i686.rpm
      MD5 Sum: e6cc2cd48bca65ff29ba82bd82a926d1

    i686/kernel-smp-lids-mods-2.2.19-1.0.29.i686.rpm
      MD5 Sum: f39a8f68e1dedcd4e2ebf21b11a7a78f

    i686/kernel-smp-mods-2.2.19-1.0.29.i686.rpm
      MD5 Sum: d217eabb58429da7cebd9e07a0d29daa

REFERENCES
- ----------
  Guardian Digital's public key:
    http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY

  Official Web Site of the Linux Kernel:
    http://www.kernel.org/

  Security Contact: security@guardiandigital.com
  EnGarde Advisories: http://www.engardelinux.org/advisories.html

- --------------------------------------------------------------------------
$Id: ESA-20021122-030-kernel,v 1.3 2002/11/22 15:16:04 rwm Exp $
- --------------------------------------------------------------------------
Author: Ryan W. Maple <ryan@guardiandigital.com>
Copyright 2002, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE93kwZHD5cqd57fu0RAr8FAJoDjfno6prsRaabUPSzHZVtqom/DQCaA9Vt
aDnfQHqzYsy+CK/AUwDpfz0=
=+4my
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
     To unsubscribe email engarde-security-request@engardelinux.org
         with "unsubscribe" in the subject of the message.

Copyright(c) 2002 Guardian Digital, Inc. EnGardeLinux.org
------------------------------------------------------------------------



Relevant Pages

  • [ESA-20011019-02] kernel: Local DoS and root compromise
    ... There are two vulnerabilities in the kernel which can allow a local ... Please note that EnGarde Secure Linux does not ship with the 'newgrp' ... upgrade immediately using the special SOLUTION in this advisory. ... Install the new packages. ...
    (Bugtraq)
  • [Full-Disclosure] [ESA-20021022-026] local kernel vulnerabilities
    ... improved access control, host and network intrusion detection, Web ... in 2.2.22-rc1 and have been backported to our kernel. ... Install the new packages. ... These updated packages are for EnGarde Secure Linux Community ...
    (Full-Disclosure)
  • [Full-Disclosure] [ESA-20021122-030] local kernel vulnerabilities
    ... improved access control, host and network intrusion detection, Web ... Solar Designer kindly pointed out to us that our last kernel update ... Install the new packages. ... These updated packages are for EnGarde Secure Linux Community ...
    (Full-Disclosure)
  • [ESA-20030320-010] Several vulnerabilities in the OpenSSL toolkit.
    ... Recently several vulnerabilities have been found in the OpenSSL ... execute the command: ... To verify the signatures of the updated packages, ... These updated packages are for EnGarde Secure Linux Community ...
    (Bugtraq)
  • [ESA-20020114-003] Several local LIDS vulnerabilities
    ... EnGarde Secure Linux is a secure distribution of Linux that features ... Recently there were several local vulnerabilities discovered in the LIDS ... kernel packages, there are new 'lids-base' packages with an updated LIDS ...
    (Bugtraq)