Netzwerk Sicherheits Prüfungen / Anfälligkeitsfeststellung von SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2007:1049-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-1049.html
Issue date:        2007-12-03
Updated on:        2007-12-03
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-2172  CVE-2007-3848
                   CVE-2006-4538 CVE-2007-3739
                   CVE-2007-4308
- ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues and a bug in the
Red Hat Enterprise Linux 3 kernel are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A flaw was found in the handling of process death signals. This allowed a
local user to send arbitrary signals to the suid-process executed by that
user. A successful exploitation of this flaw depends on the structure of
the suid-program and its signal handling. (CVE-2007-3848, Important)

A flaw was found in the IPv4 forwarding base. This allowed a local user to
cause a denial of service. (CVE-2007-2172, Important)

A flaw was found where a corrupted executable file could cause cross-region
memory mappings on Itanium systems. This allowed a local user to cause a
denial of service. (CVE-2006-4538, Moderate)

A flaw was found in the stack expansion when using the hugetlb kernel on
PowerPC systems. This allowed a local user to cause a denial of service.
(CVE-2007-3739, Moderate)

A flaw was found in the aacraid SCSI driver. This allowed a local user to
make ioctl calls to the driver that should be restricted to privileged
users. (CVE-2007-4308, Moderate)

As well, these updated packages fix the following bug:

* a bug in the TCP header prediction code may have caused "TCP: Treason
uncloaked!" messages to be logged. In certain situations this may have lead
to TCP connections hanging or aborting.

Red Hat Enterprise Linux 3 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network.  Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

249237 - IPV4 'Treason uncloaked' message - hints at a more general kernel/net bug
250429 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
250972 - CVE-2007-3848 Privilege escalation via PR_SET_PDEATHSIG
252309 - CVE-2007-4308 Missing ioctl() permission checks in aacraid driver
289151 - CVE-2006-4538 Local DoS with corrupted ELF
294941 - CVE-2007-3739 LTC36188-Don't allow the stack to grow into hugetlb reserved regions

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658  kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df  kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5  kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3  kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4  kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf  kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2  kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e  kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6  kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4  kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec  kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc  kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7  kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b  kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868  kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687  kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e  kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0  kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c  kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b  kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975  kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963  kernel-unsupported-2.4.21-53.EL.ia64.rpm

ppc:
82bba5f9f376ee007a6354df6af87778  kernel-2.4.21-53.EL.ppc64iseries.rpm
dcb788cdc164cb2c51e462734d8ffeca  kernel-2.4.21-53.EL.ppc64pseries.rpm
4afa2676f02b6121e450f1dc2df4e263  kernel-debuginfo-2.4.21-53.EL.ppc64.rpm
b68f959c2976aa66f3ff3e32e8ba4faa  kernel-debuginfo-2.4.21-53.EL.ppc64iseries.rpm
0d7766cf63a102296ca82ea788546a15  kernel-debuginfo-2.4.21-53.EL.ppc64pseries.rpm
1447344d9ebee027257d495c074b244e  kernel-doc-2.4.21-53.EL.ppc64.rpm
fb387166670d7fd1f1ca034d6bbfc371  kernel-source-2.4.21-53.EL.ppc64.rpm
a2e26fe734de4d356d68dbdd08c64548  kernel-unsupported-2.4.21-53.EL.ppc64iseries.rpm
53fa6a0d16093346fac2db9f490cbc87  kernel-unsupported-2.4.21-53.EL.ppc64pseries.rpm

s390:
7651727c8b05c762c4efae0a224f92c3  kernel-2.4.21-53.EL.s390.rpm
d513754b73947f7b8601668d3c88c5d3  kernel-debuginfo-2.4.21-53.EL.s390.rpm
93fc7baca88bb36556780aaf66416f90  kernel-doc-2.4.21-53.EL.s390.rpm
21a066b295363b8e22d671603e1ab5dd  kernel-source-2.4.21-53.EL.s390.rpm
8d1da2180806c3654af48587948a5994  kernel-unsupported-2.4.21-53.EL.s390.rpm

s390x:
795d3ac785caab9befd45edb9f98f787  kernel-2.4.21-53.EL.s390x.rpm
04e28c359ab663a936d48ace4d83cd39  kernel-debuginfo-2.4.21-53.EL.s390x.rpm
bbe1dcab582e792a3200ff69557cf7bf  kernel-doc-2.4.21-53.EL.s390x.rpm
cc0f24530dd8b0adf53378f702107e71  kernel-source-2.4.21-53.EL.s390x.rpm
e710ac2b4a5263884f7f63ace4c402a8  kernel-unsupported-2.4.21-53.EL.s390x.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66  kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d  kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6  kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce  kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6  kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c  kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b  kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa  kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4  kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d  kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658  kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df  kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5  kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3  kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4  kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf  kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2  kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e  kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6  kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4  kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec  kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc  kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7  kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b  kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868  kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687  kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e  kernel-unsupported-2.4.21-53.EL.i686.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66  kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d  kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6  kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce  kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6  kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c  kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b  kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa  kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4  kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d  kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658  kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df  kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5  kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3  kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4  kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf  kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2  kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e  kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6  kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4  kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec  kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc  kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7  kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b  kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868  kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687  kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e  kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0  kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c  kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b  kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975  kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963  kernel-unsupported-2.4.21-53.EL.ia64.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66  kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d  kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6  kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce  kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6  kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c  kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b  kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa  kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4  kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d  kernel-unsupported-2.4.21-53.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-53.EL.src.rpm
f6b14b96032c8e6ef0b6bf0ceb50f658  kernel-2.4.21-53.EL.src.rpm

i386:
5ed3ebaa27fe3523e6287afe9da778df  kernel-2.4.21-53.EL.athlon.rpm
aaaa37a37c4d9d50f85c3d33ea75c2d5  kernel-2.4.21-53.EL.i686.rpm
c750ed31d9402c48bb0831443947b1b3  kernel-BOOT-2.4.21-53.EL.i386.rpm
958895eee3ffc86db1744b59b18b2ed4  kernel-debuginfo-2.4.21-53.EL.athlon.rpm
6da92dd3c05cdef87a3afe85cf76ffcf  kernel-debuginfo-2.4.21-53.EL.i386.rpm
c7cc1996634c81fe969dfd6f1c228bd2  kernel-debuginfo-2.4.21-53.EL.i686.rpm
2ca9bf21f2bbbf0bcbcb2501ca972f4e  kernel-doc-2.4.21-53.EL.i386.rpm
c3e41830403b446d494e0fcb0668ffb6  kernel-hugemem-2.4.21-53.EL.i686.rpm
125a006ee18d4a5afc652547252f77b4  kernel-hugemem-unsupported-2.4.21-53.EL.i686.rpm
b6966cff1cca0a9b4c53f7ac8bc7c8ec  kernel-smp-2.4.21-53.EL.athlon.rpm
874b032f5f12e35a66842966dfe615fc  kernel-smp-2.4.21-53.EL.i686.rpm
e1f6b9b5f82534206d68de57173cebc7  kernel-smp-unsupported-2.4.21-53.EL.athlon.rpm
7ee65541e62b6e76a0f0c8c8ffacfe7b  kernel-smp-unsupported-2.4.21-53.EL.i686.rpm
25eb44031ca51e13c3518cbfa5d14868  kernel-source-2.4.21-53.EL.i386.rpm
38292e5677afeca19eff46011643b687  kernel-unsupported-2.4.21-53.EL.athlon.rpm
8e81ce663a85ccdb323ae10be861965e  kernel-unsupported-2.4.21-53.EL.i686.rpm

ia64:
58ce57bce8a0f72f8239b4412ec5f0d0  kernel-2.4.21-53.EL.ia64.rpm
3da16c323c512d3c6aca21db7e50a35c  kernel-debuginfo-2.4.21-53.EL.ia64.rpm
85811f0f247d9bb01e1b823de7fb429b  kernel-doc-2.4.21-53.EL.ia64.rpm
dcc30f9dd34cf5c7666d71b2fae6d975  kernel-source-2.4.21-53.EL.ia64.rpm
66e70d213977984f6a3f189a74ad0963  kernel-unsupported-2.4.21-53.EL.ia64.rpm

x86_64:
22267331e595689b6b7c6ddbc92b3e66  kernel-2.4.21-53.EL.ia32e.rpm
66cdd20c8c8059e92593b2acdbb1357d  kernel-2.4.21-53.EL.x86_64.rpm
6899921e5b7d613eb378d62adb0fdfb6  kernel-debuginfo-2.4.21-53.EL.ia32e.rpm
cfc8f90e4c202958d99c4a76df0055ce  kernel-debuginfo-2.4.21-53.EL.x86_64.rpm
4e281964dadc7aa8afcf7364102cf8d6  kernel-doc-2.4.21-53.EL.x86_64.rpm
65ef6c81fad4acbff6a4626888e49c6c  kernel-smp-2.4.21-53.EL.x86_64.rpm
0f8c0fd98410071fafa0b892c22a075b  kernel-smp-unsupported-2.4.21-53.EL.x86_64.rpm
bf9539cde0b3e4a42c95e2302c2568aa  kernel-source-2.4.21-53.EL.x86_64.rpm
595d8cee6a98e3813fb29a3eaa3a51f4  kernel-unsupported-2.4.21-53.EL.ia32e.rpm
bc60307faf9dd46e819e0e67cb9bbf2d  kernel-unsupported-2.4.21-53.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4308
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHVCLdXlSAg2UNWIIRArWGAJ9cq2/UtXFTLJENT+XXaMy7GQJXcACghuqK
bMaRlCFgjP/F0CTi828wOhw=
=53Xo
-----END PGP SIGNATURE-----