Re: 2.4 kernels
On Wed, Jul 07, 2004 at 03:29:48AM -0700, William Lee Irwin III wrote:
> On Wed, Jul 07, 2004 at 11:44:06AM +0900, Horms wrote:
> > What needs to be done?
>
> Basically, update cvs to the current 2.4 in order to get security fixes
> from newer mainline 2.4, and send out packages.
>
Just a comment: there's not a single CVE# reference in the changelog for the
whole year 2004. That's a bad habit, because it causes nightmare when
security patches need to be verified. What follows are issues to be
checked for 2.4.26 and 2.6.7, AFAIK.
* CAN-2004-0133: The XFS file system in 2.4 series kernels has an
information leak by which data in the memory can be written to the
device hosting the file system, allowing users to obtain portions of
kernel memory by reading the raw block device.
* CAN-2004-0181: The JFS file system in 2.4 series kernels has an
information leak by which data in the memory can be written to the
device hosting the file system, allowing users to obtain portions of
kernel memory by reading the raw device.
* CAN-2004-0228: Due to an integer signedness error in the CPUFreq
/proc handler code in 2.6 series Linux kernels, local users can
escalate their privileges.
* CAN-2004-0229: The framebuffer driver in 2.6 series kernel drivers
does not use the fb_copy_cmap method of copying structures. The
impact of this issue is unknown, however.
* CAN-2004-0394: A buffer overflow in the panic() function of 2.4
series Linux kernels exists, but it may not be exploitable under
normal circumstances due to its functionality.
* CAN-2004-0427: The do_fork() function in both 2.4 and 2.6 series
Linux kernels does not properly decrement the mm_count counter when
an error occurs, triggering a memory leak that allows local users to
cause a Denial of Service by exhausting other applications of memory;
causing the kernel to panic or to kill services.
* CAN-2004-0495: Multiple vulnerabilities found by the Sparse source
checker in the kernel allow local users to escalate their privileges
or gain access to kernel memory.
* CAN-2004-0535: The e1000 NIC driver does not properly initialize
memory structures before using them, allowing users to read kernel
memory.
* CAN-2004-0554: 2.4 and 2.6 series kernels running on an x86 or an
AMD64 architecture allow local users to cause a Denial of Service by
a total system hang, due to an infinite loop that triggers a signal
handler with a certain sequence of fsave and frstor instructions.
--
Francesco P. Lovergine
Reply to: