Rapid7 Vulnerability & Exploit Database

RHSA-2002:205: New kernel fixes local security issues

Back to Search

RHSA-2002:205: New kernel fixes local security issues

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
12/31/2002
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

A new errata kernel based on the 2.4.18 kernel is available for Red Hat Linux 7.1 and Red Hat Linux 7.2 users. This is a major version change compared to the previous errata kernel for these releases (2.4.9-34).

The Linux kernel handles the basic functions of the operating system. A security code audit of the 2.4 kernel found a number of possible local security vulnerabilities. These vulnerabilities may allow a local user to obtain elevated (root) privileges, however no exploits are known to exist at the time of this errata release. Changes in the errata 2.4.18 kernel include the addition of the intermezzo file system, the ComX serial port driver, the PC bit ISDN driver, and the generic ISDN layer. Also, several USB drivers and firewire drivers have been added and many other device drivers have been updated. Other features of the 2.4.18 errata kernel include a much-improved VM subsystem, better interactive performance, and support for new hardware, such as USB2 devices and large IDE disks. A full description of the updated kernel can be found in the kernel changelogs at http://www.kernelnewbies.org/changelogs. IMPORTANT: For alpha and ia64 architectures, kernel version 2.4.9-40 is provided instead of 2.4.18. This errata kernel contains important backported security fixes. NOTE: As with the 8.0 release, IDE DMA on CD-ROM drives is disabled by default. If you are sure that your CD-ROM drive is capable of IDE DMA, place the following line in the /etc/modules.conf file: options ide-cd dma=1 All users of Red Hat Linux 7.1 and 7.2 should update to these errata packages.

Solution(s)

  • redhat-upgrade-dev
  • redhat-upgrade-hwcrypto
  • redhat-upgrade-iptables
  • redhat-upgrade-iptables-ipv6
  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-bigmem
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source
  • redhat-upgrade-kernel-utils
  • redhat-upgrade-makedev
  • redhat-upgrade-modutils
  • redhat-upgrade-modutils-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;