Rapid7 Vulnerability & Exploit Database

RHSA-2002:206: New kernel fixes local security issues

Back to Search

RHSA-2002:206: New kernel fixes local security issues

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
12/31/2002
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

Updated kernel fixes local security issues and provides several updated drivers to support newer hardware and fix bugs under Red Hat Linux 7.3. [Update 8 May 2003] Added missing modutils-devel packages for Red Hat Linux 7.3

The Linux kernel handles the basic functions of the operating system. A security code audit of the 2.4 kernel found a number of possible local security vulnerabilities which could allow a local user to obtain elevated (root) privileges. The vulnerabilities were found in the ixj telephony card driver, the pcilynx firewire driver, and the bttv video capture card driver. In addition, several drivers (e100, e1000, tg3n and IDE) have been updated to support newer hardware for Red Hat Linux 7.3, and a number of bugs have been fixed in IDE tapestreamer driver. All Red Hat Linux 7.3 and 8.0 users should upgrade to this errata kernel which is not vulnerable to these security issues. NOTE: As with the 8.0 release, IDE DMA on CD-ROM drives is disabled by default. If you are sure that your CD-ROM drive is capable of IDE DMA, place the following line in the /etc/modules.conf file: options ide-cd dma=1 Thanks to Silvio Cesare for finding the local security issues.

Solution(s)

  • redhat-upgrade-hwdata
  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-bigmem
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source
  • redhat-upgrade-modutils
  • redhat-upgrade-modutils-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;