Rapid7 Vulnerability & Exploit Database

RHSA-2004:106: kernel security update

Back to Search

RHSA-2004:106: kernel security update

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
03/03/2004
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

Updated IA64 kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges and other vulnerabilities.

The Linux kernel handles the basic functions of the operating system. This kernel updates several important drivers and fixes a number of bugs including potential security vulnerabilities. iDefense reported a buffer overflow flaw in the ISO9660 filesystem code. An attacker could create a malicious filesystem in such a way that root privileges may be obtained if the filesystem is mounted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue. A flaw in return value checking in mremap() in the Linux kernel versions 2.4.24 and previous that may allow a local attacker to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0077 to this issue. A flaw in ncp_lookup() in ncpfs could allow local privilege escalation. The ncpfs module allows a system to mount volumes of NetWare servers or print to NetWare printers. This is part of the kernel-unsupported package. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0010 to this issue. A flaw in the R128 Direct Render Infrastructure could allow local privilege escalation. This driver is part of the kernel-unsupported package. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0003 to this issue. An overflow was found in the ixj telephony card driver in Linux kernels prior to 2.4.20. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-1574 to this issue. The following drivers were updated: IBM Serveraid 6.11.07 MPT fusion v. 2.05.11.03 Qlogic v. 6.07.02-RH1 All users are advised to upgrade to these errata packages, which contain backported security patches that correct these issues.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;