[wanger en redhat com: SECURITY: Kernel updates]

To: linux en athena nuclecu unam mx
Subject: [wanger en redhat com: SECURITY: Kernel updates]
From: Miguel de Icaza <miguel en nuclecu unam mx>
Date: Sun, 19 Apr 1998 12:51:36 -0500
Sender: owner-linux en nuclecu unam mx
------- Start of forwarded message -------
Return-Path: <redhat-announce-list-request en redhat com>
Resent-Cc: recipient list not shown: ;
MBOX-Line: From redhat-announce-list-request en redhat com  Fri Apr 17 15:22:54 1998
Delivered-To: djb en redhat com
X-Mailer: exmh version 2.0.2 26.3.98
To: redhat-announce-list en redhat com
Subject: SECURITY: Kernel updates 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 17 Apr 1998 15:16:25 -0300
From: Mike Wangsmo <wanger en redhat com>
Approved: djb en redhat com
Resent-From: redhat-announce-list en redhat com
Reply-To: redhat-list en redhat com
X-Mailing-List: <redhat-announce-list en redhat com> archive/latest/21
X-Loop: redhat-announce-list en redhat com
Precedence: list
Resent-Sender: redhat-announce-list-request en redhat com
X-URL: http://www.redhat.com

A denial of service attack in the TCP/IP code has been discovered with the 
current Red Hat kernels on all platforms and versions.  Red Hat 
suggests that all users upgrade their kernel to one that has been 
patched against this attack.  The packages have been signed with the 
Red Hat PGP key.

The required change in the form of a patch is included within this 
announcement.

Kernel images were not built for the alpha, however the source package 
is available for building on your respective alpha platform.  The enclosed 
patch (at the end of this announcement) can also be applied to a clean 
kernel tree to avoid downloading the entire source package.

Thanks to Alan Cox for the fix.

Mike

Red Hat 5.0
- -----------

i386:

First, determine what kernel version you are running:  rpm -q kernel
If the output of that indicates you have a 2.0.32 kernel package 
installed, then you need only upgrade the core kernel package:

rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/kernel-2.0.32-3.i386.rpm

If you are not running the 2.0.32 kernel package, then you need to also 
upgrade the modules package as well.  This can be complicated, but the 
procedure has been very clearly documented at 
http://www.redhat.com/support/docs/rhl/intel/kernel-upgrade-intel.html
Please read that before attempting to upgrade your kernel!  It is 
titled for the 4.2 release, but the instructions are the same for 
upgrading a 5.0 kernel.  The only differences will be kernel version 
numbers.  The module package can be upgraded via:

rpm -Uvh ftp://ftp.redhat.com/updates/5.0/i386/kernel-modules-2.0.32-3.i386.rpm

alpha:

Compiled kernels for the alpha were not built, but both the patch has 
been included in this announcement and the kernel source rpm has been 
released with the patch applied.  If you have a clean kernel tree 
already installed, apply the patch as follows:

copy the patch to /tmp/kernel.patch
cd /usr/src/linux
patch -p1 < /tmp/kernel.patch

The kernel source tree should now be patched and ready to build.

To install the kernel sources:

rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kernel-source-2.0.30-3.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kernel-headers-2.0.30-3.alpha.rpm

cd /usr/src/linux

This tree is already patched and ready to build a new kernel.

Red Hat 4.2
- -----------

i386:

First, determine what kernel version you are running:  rpm -q kernel
If the output of that indicates you have a 2.0.32 kernel package 
installed, then you need only upgrade the core kernel package:

rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/kernel-2.0.32-1.1.i386.rpm

If you are not running the 2.0.32 kernel package, then you need to also 
upgrade the modules package as well.  This can be complicated, but the 
procedure has been very clearly documented at 
http://www.redhat.com/support/docs/rhl/intel/kernel-upgrade-intel.html
Please read that before attempting to upgrade your kernel!  It is 
titled for the 4.2 release, but the instructions are the same for 
upgrading a 5.0 kernel.  The only differences will be kernel version 
numbers.  The module package can be upgraded via:

rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/kernel-modules-2.0.32-1.1.i386.rpm

alpha:

Compiled kernels for the alpha were not built, but both the patch has 
been included in this announcement and the kernel source rpm has been 
released with the patch applied.  The same kernel source/header RPMs 
used in 5.0 will work on the 4.2 system.  If you have a clean kernel tree 
already installed, apply the patch as follows:

copy the patch to /tmp/kernel.patch
cd /usr/src/linux
patch -p1 < /tmp/kernel.patch

The kernel source tree should now be patched and ready to build.

To install the kernel sources:

rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kernel-source-2.0.30-3.alpha.rpm
rpm -Uvh ftp://ftp.redhat.com/updates/5.0/alpha/kernel-headers-2.0.30-3.alpha.rpm

cd /usr/src/linux

This tree is already patched and ready to build a new kernel.

SPARC:

First, determine what kernel version you are running:  rpm -q kernel
If the output of that indicates you have a 2.0.30 kernel package 
installed, then you need only upgrade the core kernel package:

For single CPU:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/kernel-sparc-2.0.30-4.sparc.rpm
For SMP:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/kernel-sparc-smp-2.0.30-4.sparc.rpm

If you are not running the 2.0.30 kernel package, then you need to also 
upgrade the modules package as well.  This can be complicated, but the 
procedure has been very clearly documented at 
http://www.redhat.com/support/docs/rhl/intel/kernel-upgrade-intel.html
Please read that before attempting to upgrade your kernel!  Although 
this document is intel based, the same logic applies to the SPARC 
systems.  The module package can be upgraded via:

rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/kernel-modules-2.0.30-4.sparc.rpm


Patch file
- ----------

- --- linux/net/ipv4/ip_fragment.c.wanger Fri Apr 17 13:43:28 1998
+++ linux/net/ipv4/ip_fragment.c        Fri Apr 17 13:43:52 1998
@@ -375,7 +375,7 @@
        fp = qp->fragments;
        while(fp != NULL)
        {
- -               if (fp->len < 0 || count+fp->len > skb->len)
+               if (fp->len < 0 || fp->offset+qp->ihlen+fp->len > skb->len)
                {
                        NETDEBUG(printk("Invalid fragment list: Fragment over size.\n"));
                        ip_free(qp);


- -- 
To unsubscribe:
mail -s unsubscribe redhat-announce-list-request en redhat com < /dev/null
------- End of forwarded message -------
Previo por Fecha: Re: Hackers.
Siguiente por Fecha: [johnsonm en redhat com: SECURITY: procps updates]
Previo por Hilo: Re: Hackers.
Siguiente por Hilo: [johnsonm en redhat com: SECURITY: procps updates]
[Hilos de Discusión] [Fecha] [Tema] [Autor]