Rapid7 Vulnerability & Exploit Database

RHSA-2002:158: New kernel update available, fixes i810 video oops, several security issues

Back to Search

RHSA-2002:158: New kernel update available, fixes i810 video oops, several security issues

Severity
4
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:P)
Published
08/12/2002
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

Updated kernel packages are now available which fix an oops in the i810 3D kernel code. This kernel update also fixes a difficult to trigger race in the dcache (filesystem cache) code, as well as some potential security holes, although we are not currently aware of any exploits.

The 2.4.18-5 kernel introduced some safety checks in the VM subsystem that were triggered when exiting an X session while using 3D acceleration with the Intel i810/i815 chipset. Additionally, there was a difficult to trigger race in the dcache of the file system subsystem. This kernel update addresses both of these issues. In addition, there are fixes for potential security holes in the following drivers: stradis rio500 se401 usbvideo apm Finally, this kernel fixes a few files in the /proc file system which had the capability to expose kernel memory when abused. All of the security issues found during an audit and none of them, at the time of this writing, have any known exploits. We would like to thank Silvio Cesare, Stas Sergeev, Andi Kleen, Solar Designer, and others for their auditing work.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-bigmem
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;