Rapid7 Vulnerability & Exploit Database

RHSA-2002:007: Updated 2.4 kernel available

Back to Search

RHSA-2002:007: Updated 2.4 kernel available

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
01/31/2002
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

A security vunlerability in the Linux CIPE (VPN tunnel) implementation has been fixed.

Larry McVoy has discovered a problem in the CIPE (VPN tunnel) implementation, where a malformed packet could cause a crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0047 to this issue. Andrew Griffiths has discovered a vulnerability that allows remote machines to read random memory using a bug in the Linux ICMP implementation. However, 2.4 kernels after version 2.4.0-test6 and 2.2 kernels after version 2.2.18 have this bug fixed. All Red Hat Linux 2.4 kernels have this fix are not vulnerable to this bug. It is recommended that users running older 2.2 kernels on Red Hat Linux 6.2 or 7 upgrade to the latest available errata kernel, which includes a fix for this problem. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0046 to this issue. A patch for recent 2.4 kernels is circulating to fix the bug in the Linux ICMP implementation. Red Hat, Inc. recommends not using this patch since it actually breaks the kernel ICMP implementation and since Red Hat Linux 2.4 kernels are not vulnerable to the bug. In addition to the CIPE security fix, several other bugs were fixed, and some drivers were updated: * For Red Hat Linux 7.1: DRM/DRI (3D support) for the XFree86 erratum RHEA-2002:010 * New aacraid driver rewritten by Alan Cox * New DAC960 driver * Additional Qlogic 2200 driver * LM_Sensors driver upgrade

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-enterprise
  • redhat-upgrade-kernel-headers
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source
  • redhat-upgrade-modutils
  • redhat-upgrade-tux

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;