Executive Summary
Summary | |
---|---|
Title | Updated kernel packages fix security vulnerabilities |
Informations | |||
---|---|---|---|
Name | RHSA-2004:413 | First vendor Publication | 2004-08-03 |
Vendor | RedHat | Last vendor Modification | 2004-08-03 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0415 to this issue. These packages contain a patch written by Al Viro to correct these flaws. Red Hat would like to thank iSEC Security Research for disclosing this issue and a number of vendor-sec participants for reviewing and working on the patch to this issue. In addition, these packages correct a number of minor security issues: An bug in the e1000 network driver. This bug could be used by local users to leak small amounts of kernel memory (CAN-2004-0535). A bug in the SoundBlaster 16 code which does not properly handle certain sample sizes. This flaw could be used by local users to crash a system (CAN-2004-0178). A possible NULL-pointer dereference in the Linux kernel prior to 2.4.26 on the Itanium platform could allow a local user to crash a system (CAN-2004-0447). Inappropriate permissions on /proc/scsi/qla2300/HbaApiNode (CAN-2004-0587). All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 120527 - CAN-2004-0447 [PATCH] IPF kernel crashes under gdb 121045 - CAN-2004-0178 Soundblaster 16 local DoS 125168 - CAN-2004-0535 e1000 kernel memory information leak 126396 - CAN-2004-0587 Bad permissions on qla* drivers |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2004-413.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10918 | |||
Oval ID: | oval:org.mitre.oval:def:10918 | ||
Title: | Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | ||
Description: | Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0447 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11136 | |||
Oval ID: | oval:org.mitre.oval:def:11136 | ||
Title: | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | ||
Description: | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0535 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9427 | |||
Oval ID: | oval:org.mitre.oval:def:9427 | ||
Title: | The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | ||
Description: | The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0178 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9965 | |||
Oval ID: | oval:org.mitre.oval:def:9965 | ||
Title: | Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | ||
Description: | Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0415 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2004-08-04 | Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200407-02 (Kernel) File : nvt/glsa_200407_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200407-16 (Kernel) File : nvt/glsa_200407_16.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200408-24 (Kernel) File : nvt/glsa_200408_24.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 479-1 (kernel) File : nvt/deb_479_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 479-2 (kernel-image-2.4.18-1-i386) File : nvt/deb_479_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 480-1 (kernel-image-2.4.17-hppa kernel-image-2.4... File : nvt/deb_480_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 481-1 (kernel-image-2.4.17-ia64) File : nvt/deb_481_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 482-1 (kernel) File : nvt/deb_482_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 489-1 (kernel-source-2.4.17 kernel-patch-2.4.17-... File : nvt/deb_489_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 491-1 (kernel-source-2.4.19 kernel-patch-2.4.19-... File : nvt/deb_491_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 495-1 (kernel) File : nvt/deb_495_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
8302 | Linux Kernel File Offset Pointer Handling Memory The Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid conversion from 64 bit file offsets to 32 bit file offsets occur, which may disclose kernel memory information resulting in a loss of confidentiality. |
8198 | Linux Kernel Unspecified IA64 Local DoS |
7288 | Multiple Linux Vendor HbaApiNode Permission Weakness DoS |
7241 | Linux Kernel e1000 Driver Memory Disclosure The e1000 driver in linux Kernel versions 2.4 through 2.4.26 does not properly reset memory or restrict the maximum length of a data structure, which can allow a local user to read portions of kernel memory and potentially corrupt user memory space. This may disclose sensitive information or cause a loss of availability for the system. |
5364 | Linux Kernel SoundBlaster 16 Driver Sample Size Handling Local DoS The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when a program submits an odd number of output bytes to the soundcard in 16bit output mode, which will cause an endless loop, resulting in loss of availability for the driver. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-489.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-495.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-491.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-482.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-481.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-480.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-479.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200407-02.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200407-16.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200408-24.nasl - Type : ACT_GATHER_INFO |
2004-08-27 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-087.nasl - Type : ACT_GATHER_INFO |
2004-08-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-437.nasl - Type : ACT_GATHER_INFO |
2004-08-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-251.nasl - Type : ACT_GATHER_INFO |
2004-08-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-413.nasl - Type : ACT_GATHER_INFO |
2004-08-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-418.nasl - Type : ACT_GATHER_INFO |
2004-08-09 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_024.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-029.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-062.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-066.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_020.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-186.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-111.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:36 |
|