Yellow Dog Linux Security Announcement -------------------------------------- Package: kernel Issue Date: Dec 03, 2003 Priority: high Advisory ID: YDU-20031203-1 1. Topic: Updated kernel packages are available. 2. Problem: The Linux kernel handles the basic functions of the operating system. A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges. This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. 3. Solution: Updates are available immediately via YDL.Net Enhanced. a) Updating via yum... We suggest that you use the yum program to keep your system up-to-date. The following command(s) will retrieve and install the fixed version of this update onto your system: yum update kernel b) Updating manually... Download the updates below and then run the following rpm command. (Please use a mirror site) rpm -Fvh [filenames] Yellow Dog Linux 3.0.1 ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0.1/ ppc/kernel-*2.4.22-2g.ppc.rpm ppc/mol-kmods-0.9.69-3.2.4.22.2g.ppc.rpm Yellow Dog Linux 3.0 ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/ ppc/kernel-*2.4.20-8e.ppc.rpm ppc/mol-kmods-0.9.68-3.2.4.20.8e.ppc.rpm IMPORTANT NOTE: In addition, after upgrading if you see an error message from ybin about your yaboot configuration, remove the first instances of "macos", "macosx", "delay", and "enablecdboot" from your /etc/yaboot.conf file. You should be left with the above keywords at the bottom of the /etc/yaboot.conf file. Run /usr/sbin/ybin. If ybin does not display any messages, you are ready to reboot with the new kernel. 4. Verification MD5 checksum Package -------------------------------- ---------------------------- [Yellow Dog Linux 3.0.1] 68cce162f3c45ee4aab69d0153c56545 SRPMS/kernel-2.4.22-2g.src.rpm 4b4830191f6023ee63372ee9e0638013 SRPMS/mol-kmods-0.9.69-3.2.4.22.2g.src.rpm 857b6be16485b5530b1c503efa1ff819 ppc/kernel-2.4.22-2g.ppc.rpm 2f1855497c98655d95f90cbec1ae1f6e ppc/kernel-BOOT-2.4.22-2g.ppc.rpm 407d082caacc3a52aba59b320ec30a14 ppc/kernel-doc-2.4.22-2g.ppc.rpm 80727f165dcfe3431ede541e6d81dcd2 ppc/kernel-smp-2.4.22-2g.ppc.rpm 3ec53400f1a3055803c974e677ef5828 ppc/kernel-source-2.4.22-2g.ppc.rpm ee209a5a7469c3fd2057bc6c113ecc52 ppc/mol-kmods-0.9.69-3.2.4.22.2g.ppc.rpm [Yellow Dog Linux 3.0] 16abb8ac151bb967b64a4cef9e2bfc6f SRPMS/kernel-2.4.20-8e.src.rpm b5730fb63fb83d25e06d0cb22a94d631 SRPMS/mol-kmods-0.9.68-3.2.4.20.8e.src.rpm f6c34ae6d33ad14f506547d7e6eb98c6 ppc/kernel-2.4.20-8e.ppc.rpm 6f16ccc2055ee1a538867527c89f0c35 ppc/kernel-ans-2.4.20-8e.ppc.rpm 1afe9dfbe1b07c1d2b05b9d55c9023de ppc/kernel-BOOT-2.4.20-8e.ppc.rpm 77e2606984db4e8e698e96a4741d542d ppc/kernel-doc-2.4.20-8e.ppc.rpm 5d564319803e4210c2bd7c0c0273ef85 ppc/kernel-smp-2.4.20-8e.ppc.rpm 3325fe02211d9e117c051efbca31395d ppc/kernel-source-2.4.20-8e.ppc.rpm d8cd17e0243e19100574f8e2ddddecce ppc/mol-kmods-0.9.68-3.2.4.20.8e.ppc.rpm If you wish to verify that each package has not been corrupted or tampered with, examine the md5sum with the following command: md5sum 5. Misc. Terra Soft has setup a moderated mailing list where these security, bugfix, and package enhancement announcements will be posted. See http://lists.terrasoftsolutions.com/ for more information. For information regarding the usage of yum, see: http://www.yellowdoglinux.com/support/solutions/ydl_general/yum.shtml