Rapid7 Vulnerability & Exploit Database

RHSA-2001:047: Linux kernel 2.2.19 now available, provides security fixes, enhancements

Back to Search

RHSA-2001:047: Linux kernel 2.2.19 now available, provides security fixes, enhancements

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
04/17/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

A local denial of service attack and root compromise of the kernel have been corrected, drivers have been updated, and NFS version 3 has been integrated.

All Linux kernels prior to version 2.2.19 include possibilities for local denial of service or root exploits by exercising race conditions between the ptrace, exec, and/or suid system calls. Additionally, the sysctl system call included programming errors allowing a user to write to kernel memory. The 2.2.19 kernel fixes these problems. Minor potential problems in the virtual memory and signal delivery subsystems are also corrected. Many drivers have been updated since the release of 2.2.17, our last official kernel release, including but not limited to: 3c59x, AGP, CS46xx, DAC960, EMU10K, Maestro 3, NE2000/PCI, Tulip, and various USB devices. The missing Intel E100 driver is now included. A hang while booting on some computers due inadvertent inclusion of a toshiba driver has been fixed. Finally, support for NFS version 3 has been included, which has much improved performance characteristics compared to earlier versions. In order to support this, new versions of nfs-utils and mount are required. 2001-04-17: missing rpc.rquotad added to nfs-utils. This is only necessary for those using disk quotas withi NFS.

Solution(s)

  • redhat-upgrade-losetup
  • redhat-upgrade-mount
  • redhat-upgrade-nfs-utils

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;