[SECURITY] [DSA-358-3] New kernel packages fix potential "oops"

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA-358-3] New kernel packages fix potential "oops"
From: Matt Zimmerman <mdz@debian.org>
Date: Mon, 4 Aug 2003 22:00:46 -0400
Message-id: <[🔎] 20030805020046.GK24128@alcor.net>
Mail-followup-to: Matt Zimmerman <mdz@debian.org>, debian-security-announce@lists.debian.org
Reply-to: security@debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 358-3                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
August 4th, 2003                        http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : linux-kernel-i386

This advisory provides a correction to the previous kernel updates,
which contained an error introduced in kernel-source-2.4.18 version
2.4.18-7.  This error could result in a kernel "oops" under certain
circumstances.

For the stable distribution (woody) on the i386 architecture, this
problem has been fixed in kernel-image-2.4.18-i386bf version
2.4.18-5woody3.

For the unstable distribution (sid) this problem has been fixed in
kernel-source-2.4.20 version 2.4.20-7.

We recommend that you update your kernel packages.

If you are using the kernel installed by the installation system when
the "bf24" option is selected (for a 2.4.x kernel), you should install
the kernel-image-2.4.18-bf2.4 package.  If you installed a different
kernel-image package after installation, you should install the
corresponding 2.4.18-1 kernel.  You may use the table below as a
guide.

| If "uname -r" shows: | Install this package:
- ------------------------------------------------------
| 2.4.18-bf2.4         | kernel-image-2.4.18-bf2.4
| 2.4.18-386           | kernel-image-2.4.18-1-386
| 2.4.18-586tsc        | kernel-image-2.4.18-1-586tsc
| 2.4.18-686           | kernel-image-2.4.18-1-686
| 2.4.18-686-smp       | kernel-image-2.4.18-1-686-smp
| 2.4.18-k6            | kernel-image-2.4.18-1-k6
| 2.4.18-k7            | kernel-image-2.4.18-1-k7

NOTE: that this kernel is binary compatible with the previous kernel
security updates, but not binary compatible with the corresponding
kernel included in Debian 3.0r1.  If you have not already applied the
previous security update (kernel-image-2.4.18-bf2.4 version
2.4.18-5woody1 or any of the 2.4.18-1-* kernels), then any custom
modules will need to be rebuilt in order to work with the new kernel.
New PCMCIA modules are provided for all of the above kernels.

NOTE: A system reboot will be required immediately after the upgrade
in order to replace the running kernel.  Remember to read carefully
and follow the instructions given during the kernel upgrade process.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody3.dsc
      Size/MD5 checksum:      654 822f5e134d8bf1b5910a6dc2c1c4b3ce
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody3.tar.gz
      Size/MD5 checksum:    25919 bdb870edef77cb0d60d1de7d6fbd3167

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody3_i386.deb
      Size/MD5 checksum:  3395186 60ec2c4db1b2ea76aea2fd96e2f7a83c
    http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody3_i386.deb
      Size/MD5 checksum:  6424582 dbfc9b341a619022010fa4a38a3c5e18
    http://security.debian.org/pool/updates/main/p/pcmcia-cs/pcmcia-modules-2.4.18-bf2.4_3.1.33-6woody1k5woody3_i386.deb
      Size/MD5 checksum:   403184 c27bd21c0898dd7f2d6d8e09d0f29796

  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Lw+JArxCt0PiXR4RAu5NAJ9j27M4+eG0KReGQO91RSKy5yKIKQCfcva3
Q55uj1eO/a1hmTkpVWJWhM4=
=48Uy
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA-364-1] New man-db packages fix buffer overflows, arbitrary command execution
Next by Date: [SECURITY] [DSA-358-2] New kernel packages fix potential "oops"
Previous by thread: [SECURITY] [DSA-364-1] New man-db packages fix buffer overflows, arbitrary command execution
Next by thread: [SECURITY] [DSA-358-2] New kernel packages fix potential "oops"
Index(es):
- Date
- Thread