DESA-2004-006 - Linux kernel: vulnerability in the clear_fpu() macro

To: bruker@skolelinux.no, linuxiskolen@skolelinux.no, debian-edu@lists.debian.org, user@skolelinux.de
Subject: DESA-2004-006 - Linux kernel: vulnerability in the clear_fpu() macro
From: Finn-Arne Johansen <faj@bzz.no>
Date: Fri, 18 Jun 2004 01:22:05 +0200
Message-id: <[🔎] 20040617232205.GA3140@bzzware.org>
Mail-followup-to: bruker@skolelinux.no, linuxiskolen@skolelinux.no, debian-edu@lists.debian.org, user@skolelinux.de

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2004-006
http://www.skolelinux.no/security/                       Finn-Arne Johansen
June 18-06-2004                 debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

Package             : kernel-image-2.4.26-1-i386
Vulnerability       : vulnerability in the clear_fpu() macro
Problem-Type        : local
Need reboot         : yes
Debian-Edu-specific : no
CVE ID              : -
DSA ID              : -

A critical security  vulnerability has been found in the Linux kernel in 
the clear_fpu() macro code. For more details, take a look at:

 http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

The new kernel packages built using the debian kernel source package,
and patched with the code from
 http://linux.bkbits.net:8080/linux-2.4/gnupatch@40cdf6f8V7sOe5n96HA5Q7r9uDRvJQ
The patch has been done by Finn-Arne Johansen <faj@bzz.no>

We recommend that you upgrade your kernel packages to the new 2.4.26
version built for skolelinux. 

Note that there is not built special kernels for (amd Opteron)


Upgrade Instructions
- --------------------

Make sure 'deb ftp://ftp.skolelinux.no/skolelinux/ woody local' is
present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists.

Find which flavour of the kernel you are running with the command
'uname -r' (examples: 386, 586tsc, 686, 686-smp, k6, k7, k7-smp).

To upgrade, run this command replacing <flavour> with yours:

  apt-get install kernel-image-2.4.26-1-<flavour>

If you are unfamiliar with kernel upgrades, please visit our
mini-HOWTO on this subject:

  http://www.skolelinux.no/security/kernel-upgrade

- --------------------------------------------------------------------------
For apt-get: deb ftp://ftp.skolelinux.no/skolelinux/ woody local

Mailing list: bruker@skolelinux.no, debian-edu@lists.debian.org,
              linuxiskolen@skolelinux.no, user@skolelinux.de
Package info: `apt-cache show <pkg>'

-- 
Finn-Arne Johansen 
faj@bzz.no
http://bzz.no/

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Report 2003:24: Experiences from the Use of Skolelinux.
Next by Date: squid-skolelinux
Previous by thread: Report 2003:24: Experiences from the Use of Skolelinux.
Next by thread: squid-skolelinux
Index(es):
- Date
- Thread