RH Kernel Vulnurability
Michael Havens
plug-discuss@lists.plug.phoenix.az.us
Mon, 18 Nov 2002 16:45:09 -0700
You know,
They send these notices out yet they do not tell you "which" new kernel fixes
the bug. I looked at my kernel which I just downloaded and is now the
2.4.18-18.7.x one while Eldric just emailed saying he just got 2.4.18.8. MIne
is new to me and hi is new to him. I would say that his is the fix but if you
go to kernel.org the most recent stable version is 2.4.19 while the newest
beta is 2.5.39-dj2. So which one provides the fix?
--
:-)~Mike~(-:
On Monday 18 November 2002 05:25 am, Eldric wrote:
> Security Advisory - RHSA-2002:262-07
> ---------------------------------------------------------------------------
>--- Summary:
> New kernel fixes local denial of service issue
> The kernel in Red Hat Linux 7.1, 7.1K, 7.2, 7.3, and 8.0 are vulnerable to
> a local denial of service attack. Updated packages are available which
> address this vulnerability, as well as bugs in several drivers.
> Description:
> The Linux kernel handles the basic functions of the operating system.
> A vulnerability in the Linux kernel has been discovered in which a non-root
> user can cause the machine to freeze. This kernel addresses the
> vulnerability.
> Note: This bug is specific to the x86 architecture kernels only, and does
> not affect ia64 or other architectures.
> In addition, a bug in the maestro3 soundcard driver has been fixed as well
> as a bug in the xircom pcmcia driver network driver and the tg3 network
> driver for Broadcom gigabit ethernet chips.
> All users of Red Hat Linux 7.1, 7.1K, 7.2, 7.3, and 8.0 should upgrade to
> these errata packages, which are not vulnerable to this issue.
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss