Skip to content

サポート   >  セキュリティー&アップデート/ERRATA
 

kernelのアップデート

アドバイスID: RHSA-2003:417-08
最終更新日: 2004-01-05
影響のあるプロダクト: Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CAN-2003-0984
CAN-2003-0985

Security Advisory   セキュリティ・アドバイス

概要:

Updated kernel packages are now available that fix a security
vulnerability which may allow local users to gain root privileges.

The Linux kernel handles the basic functions of the operating system.

Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux
kernel versions 2.4.23 and previous which may allow a local attacker to
gain root privileges. No exploit is currently available; however, it is
believed that this issue is exploitable (although not trivially.) The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2003-0985 to this issue.

All users are advised to upgrade to these errata packages, which contain a
backported security patch that corrects this issue.

Red Hat would like to thank Paul Starzetz from ISEC for disclosing this
issue as well as Andrea Arcangeli and Solar Designer for working on the patch.

These packages also contain a fix for a minor information leak in the real
time clock (rtc) routines. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0984 to this issue.

We have provided kernel updates for Red Hat Linux 7.1-8.0 with this
advisory as these were prepared by us prior to December 31 2003. Please
note that Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have reached their end of
life for errata support and no further errata will be issued for those
distributions.

アップデート・パッケージ:

Red Hat Linux 7.1
SRPMS:
kernel-2.4.20-28.7.src.rpm
[ via FTP ] [ via HTTP ]		     6f37a0c884be50f702665dd418e7d8a5
 
athlon:
kernel-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     85dabb948243fcd96fed1946217b3259
kernel-smp-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     ba80fcbe3237ece886506446413d6330
 
i386:
kernel-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     a4b2cd2ad6acb98c045a0644add55ef8
kernel-BOOT-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     46cbf5df2050e923343be59c26eb5714
kernel-doc-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     9e64a9b15edc09d4a0f75513445f4021
kernel-source-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     dbc9c6aa900467f4182306545d3bed81
 
i586:
kernel-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     46325c861ee83b2f679b9f8563f2e441
kernel-smp-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     51ede5686dc0997c76a14d523e057e67
 
i686:
kernel-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     ab86ca21757966e2f49d58438b26253a
kernel-bigmem-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     78229375349f57c62f0f1837770cc3f0
kernel-smp-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     4321ad444747e8e3ebf6e7576b08d6db
 
Red Hat Linux 7.2
SRPMS:
kernel-2.4.20-28.7.src.rpm
[ via FTP ] [ via HTTP ]		     6f37a0c884be50f702665dd418e7d8a5
 
athlon:
kernel-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     85dabb948243fcd96fed1946217b3259
kernel-smp-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     ba80fcbe3237ece886506446413d6330
 
i386:
kernel-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     a4b2cd2ad6acb98c045a0644add55ef8
kernel-BOOT-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     46cbf5df2050e923343be59c26eb5714
kernel-doc-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     9e64a9b15edc09d4a0f75513445f4021
kernel-source-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     dbc9c6aa900467f4182306545d3bed81
 
i586:
kernel-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     46325c861ee83b2f679b9f8563f2e441
kernel-smp-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     51ede5686dc0997c76a14d523e057e67
 
i686:
kernel-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     ab86ca21757966e2f49d58438b26253a
kernel-bigmem-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     78229375349f57c62f0f1837770cc3f0
kernel-smp-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     4321ad444747e8e3ebf6e7576b08d6db
 
Red Hat Linux 7.3
SRPMS:
kernel-2.4.20-28.7.src.rpm
[ via FTP ] [ via HTTP ]		     6f37a0c884be50f702665dd418e7d8a5
 
athlon:
kernel-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     85dabb948243fcd96fed1946217b3259
kernel-smp-2.4.20-28.7.athlon.rpm
[ via FTP ] [ via HTTP ]		     ba80fcbe3237ece886506446413d6330
 
i386:
kernel-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     a4b2cd2ad6acb98c045a0644add55ef8
kernel-BOOT-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     46cbf5df2050e923343be59c26eb5714
kernel-doc-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     9e64a9b15edc09d4a0f75513445f4021
kernel-source-2.4.20-28.7.i386.rpm
[ via FTP ] [ via HTTP ]		     dbc9c6aa900467f4182306545d3bed81
 
i586:
kernel-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     46325c861ee83b2f679b9f8563f2e441
kernel-smp-2.4.20-28.7.i586.rpm
[ via FTP ] [ via HTTP ]		     51ede5686dc0997c76a14d523e057e67
 
i686:
kernel-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     ab86ca21757966e2f49d58438b26253a
kernel-bigmem-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     78229375349f57c62f0f1837770cc3f0
kernel-smp-2.4.20-28.7.i686.rpm
[ via FTP ] [ via HTTP ]		     4321ad444747e8e3ebf6e7576b08d6db
 
Red Hat Linux 8.0
SRPMS:
kernel-2.4.20-28.8.src.rpm
[ via FTP ] [ via HTTP ]		     7ff4997770e18fd8dfa94dde6ccd9f05
 
athlon:
kernel-2.4.20-28.8.athlon.rpm
[ via FTP ] [ via HTTP ]		     69096d7bf580f241c2774a75d19a4f6b
kernel-smp-2.4.20-28.8.athlon.rpm
[ via FTP ] [ via HTTP ]		     07cc69196376c7cbcad2c4a93aff0be0
 
i386:
kernel-2.4.20-28.8.i386.rpm
[ via FTP ] [ via HTTP ]		     a97ba9aea863b5b49f26259f105e8d8f
kernel-BOOT-2.4.20-28.8.i386.rpm
[ via FTP ] [ via HTTP ]		     ab4eac1f8c255a9d70808469e46e918c
kernel-doc-2.4.20-28.8.i386.rpm
[ via FTP ] [ via HTTP ]		     210eb290286bb696f94e9ebe5399d67e
kernel-source-2.4.20-28.8.i386.rpm
[ via FTP ] [ via HTTP ]		     312b7e646dc4825617d3a9b485957c67
 
i586:
kernel-2.4.20-28.8.i586.rpm
[ via FTP ] [ via HTTP ]		     90ddcdf7660107c2e297bd2531b4a544
kernel-smp-2.4.20-28.8.i586.rpm
[ via FTP ] [ via HTTP ]		     25692d7064ab7bc55a17c53ee24e9d3d
 
i686:
kernel-2.4.20-28.8.i686.rpm
[ via FTP ] [ via HTTP ]		     91ca2b2685cf6c5e0b8d1b9043865bea
kernel-bigmem-2.4.20-28.8.i686.rpm
[ via FTP ] [ via HTTP ]		     3fecc24946697e5dd0428df38cbb2198
kernel-smp-2.4.20-28.8.i686.rpm
[ via FTP ] [ via HTTP ]		     40d954506e1b0ad60c7f150d76872ec5
 
Red Hat Linux 9
SRPMS:
kernel-2.4.20-28.9.src.rpm
[ via FTP ] [ via HTTP ]		     5eb1ef7c29f3bd5e3afb9c41d5f688e5
 
athlon:
kernel-2.4.20-28.9.athlon.rpm
[ via FTP ] [ via HTTP ]		     954a8afbe2216769a4aaa5b0b597612f
kernel-smp-2.4.20-28.9.athlon.rpm
[ via FTP ] [ via HTTP ]		     198dfae0a67d9aa91f367e90e1a264c7
 
i386:
kernel-2.4.20-28.9.i386.rpm
[ via FTP ] [ via HTTP ]		     a398b7f0a741ab95ab0b66929c48dc95
kernel-BOOT-2.4.20-28.9.i386.rpm
[ via FTP ] [ via HTTP ]		     e394c681c64e22a94ed22dd8a510aad0
kernel-doc-2.4.20-28.9.i386.rpm
[ via FTP ] [ via HTTP ]		     8355d266e3c354e97099add60ea25331
kernel-source-2.4.20-28.9.i386.rpm
[ via FTP ] [ via HTTP ]		     12ad6c3ad16ddee2ad6c3ba579005a9d
 
i586:
kernel-2.4.20-28.9.i586.rpm
[ via FTP ] [ via HTTP ]		     0047dac37b4f888e53b5b304524b795d
kernel-smp-2.4.20-28.9.i586.rpm
[ via FTP ] [ via HTTP ]		     08a3391dcb7f5532310ce234d2570bd0
 
i686:
kernel-2.4.20-28.9.i686.rpm
[ via FTP ] [ via HTTP ]		     6cdbe7002a6834dc1aa27cc5f47ba5a7
kernel-bigmem-2.4.20-28.9.i686.rpm
[ via FTP ] [ via HTTP ]		     3788274eba272ef23704bec4cb19e4af
kernel-smp-2.4.20-28.9.i686.rpm
[ via FTP ] [ via HTTP ]		     d9fe2e46b08f596e19a49ae724d2db5a
 

解決法:

このアップデートを適用する前に、システムに関連するリリース済の errata が適用済であることをご確認ください。
それぞれのアーキテクチャで全てのRPMをアップデートするには、以下のコマンドを実行してください:

rpm -Fvh [filename]

[filename] は、アップデートしたいRPMのファイル名です。現在インストールされているパッケージのみ、アップグレードされます。現在いるディレクトリにインストールしたいRPM *しか* 無い場合には、 ワイルドカード (*.rpm) も使うことができます。
このアップデートは、Red Hat Network 経由でも行なえます。アップデートを適用する非常に簡便な方法です。Red hat Network をご利用になるには、以下のコマンドで、アップデートエージェントを起動してください。

up2date

このコマンドで、システムに適切なRPMをアップグレードする対話形式のプロセスを起動します。

バグジラ:  (詳細は、こちらbugzilla[英語]を御覧ください。)

90338 - (TUX)password incorrectly parsed + patch to fix the problem

参照:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985
http://www.securityfocus.com/bid/9154/discussion/


ここに在るパッケージはセキュリティの為、 Red Hat, Inc. によって、 GPG 認証されています。キーは以下から利用可能になっています:
http://www.redhat.com/about/contact.html

各パッケージを確認するには次のコマンドをご利用ください: rpm --checksig filename
各パッケージが壊れていないか、もしくは改ざんされていないかを確認するには、以下のコマンドで MD5 チェックサムをお調べください: rpm --checksig --nogpg filename
注意: GnuPG キーをチェックするためには、RPM 3.0 以上が必要です。