rhsa-2004:505
Vulnerability from csaf_redhat
Published
2004-12-13 20:06
Modified
2024-11-21 23:15
Summary
Red Hat Security Advisory: Updated kernel packages fix security vulnerability
Notes
Topic
Updated kernel packages are now available as part of ongoing
support and maintenance of Red Hat Enterprise Linux version
2.1. This is the sixth regular update.
Details
The Linux kernel handles the basic functions of the operating
system.
This is the sixth regular kernel update to Red Hat Enterprise Linux version
2.1. It updates a number of device drivers, and adds much improved SATA
support.
This update includes fixes for several security issues:
Paul Starzetz of iSEC discovered various flaws in the ELF binary
loader affecting kernels prior to 2.4.28. A local user could use these
flaws to gain read access to executable-only binaries or possibly gain
privileges. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CAN-2004-1070, CAN-2004-1071,
CAN-2004-1072, and CAN-2004-1073 to these issues.
A missing serialization flaw in unix_dgram_recvmsg was discovered that
affects kernels prior to 2.4.28. A local user could potentially make
use of a race condition in order to gain privileges. (CAN-2004-1068)
Stefan Esser discovered various flaws including buffer overflows in
the smbfs driver affecting kernels before 2.4.28. A local user may be
able to cause a denial of service (crash) or possibly gain privileges.
In order to exploit these flaws the user would need to have control of
a connected smb server. (CAN-2004-0883, CAN-2004-0949)
Conectiva discovered flaws in certain USB drivers affecting kernels
before 2.4.27 which used the copy_to_user function on uninitialized
structures. These flaws could allow local users to read small
amounts of kernel memory. (CAN-2004-0685)
The ext3 code in kernels before 2.4.26 did not properly initialize journal
descriptor blocks. A privileged local user could read portions of kernel
memory. (CAN-2004-0177)
The following drivers have also been updated:
* tg3 v3.10
* e1000 v5.3.19-k2
* e100 v3.0.27-k2
* megaraid
* megaraid2 v2.10.8.2
All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages are now available as part of ongoing\nsupport and maintenance of Red Hat Enterprise Linux version\n2.1. This is the sixth regular update.",
"title": "Topic"
},
{
"category": "general",
"text": "The Linux kernel handles the basic functions of the operating\nsystem.\n\nThis is the sixth regular kernel update to Red Hat Enterprise Linux version\n2.1. It updates a number of device drivers, and adds much improved SATA\nsupport.\n\nThis update includes fixes for several security issues:\n\nPaul Starzetz of iSEC discovered various flaws in the ELF binary\nloader affecting kernels prior to 2.4.28. A local user could use these\nflaws to gain read access to executable-only binaries or possibly gain\nprivileges. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the names CAN-2004-1070, CAN-2004-1071,\nCAN-2004-1072, and CAN-2004-1073 to these issues.\n\nA missing serialization flaw in unix_dgram_recvmsg was discovered that\naffects kernels prior to 2.4.28. A local user could potentially make\nuse of a race condition in order to gain privileges. (CAN-2004-1068)\n\nStefan Esser discovered various flaws including buffer overflows in\nthe smbfs driver affecting kernels before 2.4.28. A local user may be\nable to cause a denial of service (crash) or possibly gain privileges.\nIn order to exploit these flaws the user would need to have control of\na connected smb server. (CAN-2004-0883, CAN-2004-0949)\n\nConectiva discovered flaws in certain USB drivers affecting kernels\nbefore 2.4.27 which used the copy_to_user function on uninitialized\nstructures. These flaws could allow local users to read small\namounts of kernel memory. (CAN-2004-0685)\n\nThe ext3 code in kernels before 2.4.26 did not properly initialize journal\ndescriptor blocks. A privileged local user could read portions of kernel\nmemory. (CAN-2004-0177)\n\nThe following drivers have also been updated:\n\n* tg3 v3.10\n* e1000 v5.3.19-k2\n* e100 v3.0.27-k2\n* megaraid \n* megaraid2 v2.10.8.2\n\nAll Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels\nto the packages associated with their machine architectures and\nconfigurations as listed in this erratum.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2004:505",
"url": "https://access.redhat.com/errata/RHSA-2004:505"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "75090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=75090"
},
{
"category": "external",
"summary": "99025",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=99025"
},
{
"category": "external",
"summary": "111219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=111219"
},
{
"category": "external",
"summary": "121033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=121033"
},
{
"category": "external",
"summary": "127916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=127916"
},
{
"category": "external",
"summary": "127919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=127919"
},
{
"category": "external",
"summary": "129359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=129359"
},
{
"category": "external",
"summary": "131493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=131493"
},
{
"category": "external",
"summary": "131534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=131534"
},
{
"category": "external",
"summary": "134721",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=134721"
},
{
"category": "external",
"summary": "134802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=134802"
},
{
"category": "external",
"summary": "134875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=134875"
},
{
"category": "external",
"summary": "137446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=137446"
},
{
"category": "external",
"summary": "138443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=138443"
},
{
"category": "external",
"summary": "140711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=140711"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2004/rhsa-2004_505.json"
}
],
"title": "Red Hat Security Advisory: Updated kernel packages fix security vulnerability",
"tracking": {
"current_release_date": "2024-11-21T23:15:08+00:00",
"generator": {
"date": "2024-11-21T23:15:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2004:505",
"initial_release_date": "2004-12-13T20:06:00+00:00",
"revision_history": [
{
"date": "2004-12-13T20:06:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2004-12-13T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:15:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "Red Hat Enterprise Linux ES version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "Red Hat Enterprise Linux WS version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0177",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617168"
}
],
"notes": [
{
"category": "description",
"text": "The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0177"
},
{
"category": "external",
"summary": "RHBZ#1617168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0177",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0177"
}
],
"release_date": "2004-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0685",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617249"
}
],
"notes": [
{
"category": "description",
"text": "Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0685"
},
{
"category": "external",
"summary": "RHBZ#1617249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0685",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0685"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0685",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0685"
}
],
"release_date": "2003-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0883",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617312"
}
],
"notes": [
{
"category": "description",
"text": "Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0883"
},
{
"category": "external",
"summary": "RHBZ#1617312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617312"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0883",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0883"
}
],
"release_date": "2004-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-0949",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617329"
}
],
"notes": [
{
"category": "description",
"text": "The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-0949"
},
{
"category": "external",
"summary": "RHBZ#1617329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-0949",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0949"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-0949",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0949"
}
],
"release_date": "2004-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-1068",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617362"
}
],
"notes": [
{
"category": "description",
"text": "A \"missing serialization\" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1068"
},
{
"category": "external",
"summary": "RHBZ#1617362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1068",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1068"
}
],
"release_date": "2004-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-1070",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617363"
}
],
"notes": [
{
"category": "description",
"text": "The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1070"
},
{
"category": "external",
"summary": "RHBZ#1617363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1070",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1070"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1070",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1070"
}
],
"release_date": "2004-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-1071",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617364"
}
],
"notes": [
{
"category": "description",
"text": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1071"
},
{
"category": "external",
"summary": "RHBZ#1617364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1071",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1071"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1071",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1071"
}
],
"release_date": "2004-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-1072",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617365"
}
],
"notes": [
{
"category": "description",
"text": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1072"
},
{
"category": "external",
"summary": "RHBZ#1617365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617365"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1072",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1072"
}
],
"release_date": "2004-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2004-1073",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617366"
}
],
"notes": [
{
"category": "description",
"text": "The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2004-1073"
},
{
"category": "external",
"summary": "RHBZ#1617366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2004-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-1073"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2004-1073",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1073"
}
],
"release_date": "2004-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2004-12-13T20:06:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which are\nnot installed but included in the list will not be updated. Note that you\ncan also use wildcards (*.rpm) if your current directory *only* contains the\ndesired RPMs.\n\nPlease note that this update is also available via Red Hat Network. Many\npeople find this an easier way to apply updates. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.\n\nIf up2date fails to connect to Red Hat Network due to SSL\nCertificate Errors, you need to install a version of the\nup2date client with an updated certificate. The latest version of\nup2date is available from the Red Hat FTP site and may also be\ndownloaded directly from the RHN website:\n\nhttps://rhn.redhat.com/help/latest-up2date.pxt",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2004:505"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.