RHSA-2002:227
Vulnerability from csaf_redhat - Published: 2002-10-28 22:32 - Updated: 2025-11-21 17:25Summary
Red Hat Security Advisory: kernel security update
Notes
Topic
This kernel update for Red Hat Linux Advanced Server 2.1 addresses some
security issues and provides minor bug fixes.
Details
The Linux kernel handles the basic functions of the operating system. A
number of vulnerabilities were found in the Red Hat Linux Advanced Server
kernel. These vulnerabilities could allow a local user to obtain elevated
(root) privileges.
The vulnerabilities existed in a number of drivers, including
stradis, rio500, se401, apm, usbserial, and usbvideo.
Additionally, a number of bugs have been fixed, and some small feature
enhancements have been added.
- Failed READA requests could be interpreted as I/O errors under high
load on SMP; this has been fixed.
- In rare cases, TLB entries could be corrupted on SMP Pentium IV
systems; this potential for corruption has been fixed. Third-party modules
will need to be recompiled to take advantage of these fixes.
- The latest tg3 driver fixes have been included; the tg3 driver
now supports more hardware.
- A mechanism is provided to specify the location of core files and to
set the name pattern to include the UID, program, hostname, and PID of
the process that caused the core dump.
A number of SCSI fixes have also been included:
- Configure sparse LUNs in the qla2200 driver
- Clean up erroneous accounting data as seen by /proc/partitions and iostat
- Allow up to 128 scsi disks
- Do not start logical units that require manual intervention, avoiding
unnecessary startup delays
- Improve SCSI layer throughput by properly clustering DMA requests
All users of Red Hat Linux Advanced Server are advised to upgrade to the
errata packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This kernel update for Red Hat Linux Advanced Server 2.1 addresses some\nsecurity issues and provides minor bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "The Linux kernel handles the basic functions of the operating system. A\nnumber of vulnerabilities were found in the Red Hat Linux Advanced Server\nkernel. These vulnerabilities could allow a local user to obtain elevated\n(root) privileges.\n\nThe vulnerabilities existed in a number of drivers, including\nstradis, rio500, se401, apm, usbserial, and usbvideo.\n\nAdditionally, a number of bugs have been fixed, and some small feature\nenhancements have been added.\n\n- Failed READA requests could be interpreted as I/O errors under high\nload on SMP; this has been fixed.\n\n- In rare cases, TLB entries could be corrupted on SMP Pentium IV\nsystems; this potential for corruption has been fixed. Third-party modules\nwill need to be recompiled to take advantage of these fixes.\n\n- The latest tg3 driver fixes have been included; the tg3 driver\nnow supports more hardware.\n\n- A mechanism is provided to specify the location of core files and to\nset the name pattern to include the UID, program, hostname, and PID of\nthe process that caused the core dump.\n\nA number of SCSI fixes have also been included:\n\n- Configure sparse LUNs in the qla2200 driver\n- Clean up erroneous accounting data as seen by /proc/partitions and iostat\n- Allow up to 128 scsi disks\n- Do not start logical units that require manual intervention, avoiding\nunnecessary startup delays\n- Improve SCSI layer throughput by properly clustering DMA requests\n\nAll users of Red Hat Linux Advanced Server are advised to upgrade to the\nerrata packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2002:227",
"url": "https://access.redhat.com/errata/RHSA-2002:227"
},
{
"category": "external",
"summary": "68883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=68883"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "58442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=58442"
},
{
"category": "external",
"summary": "64149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=64149"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_227.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2025-11-21T17:25:10+00:00",
"generator": {
"date": "2025-11-21T17:25:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2002:227",
"initial_release_date": "2002-10-28T22:32:00+00:00",
"revision_history": [
{
"date": "2002-10-28T22:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2002-10-08T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:25:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2002-1572",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1616926"
}
],
"notes": [
{
"category": "description",
"text": "Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2002-1572"
},
{
"category": "external",
"summary": "RHBZ#1616926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2002-1572",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-1572"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1572",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1572"
}
],
"release_date": "2002-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2002-10-28T22:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThe procedure for upgrading the kernel is documented at:\n\nhttp://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html\n\nPlease read the directions for your architecture carefully before\nproceeding with the kernel upgrade.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2002:227"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2002-1573",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1616927"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, related to \"wrap handling.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2002-1573"
},
{
"category": "external",
"summary": "RHBZ#1616927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2002-1573",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-1573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-1573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1573"
}
],
"release_date": "2002-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2002-10-28T22:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThe procedure for upgrading the kernel is documented at:\n\nhttp://www.redhat.com/support/docs/howto/kernel-upgrade/kernel-upgrade.html\n\nPlease read the directions for your architecture carefully before\nproceeding with the kernel upgrade.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2002:227"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…