[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

recent kernel advisories



Does anyone know if the latest kernel advisories have
been fixed in 2.4.21 or are they fixed in 2.4.22-pre??

The latest vulnerabilities reported by red hat are:

CAN-2003-0461: /proc/tty/driver/serial reveals the
exact character counts
for serial links.  This could be used by a local
attacker to infer password
lengths and inter-keystroke timings during password
entry.

CAN-2003-0462: Paul Starzetz discovered a file read
race condition existing
in the execve() system call, which could cause a local
crash.

CAN-2003-0464: A recent change in the RPC code set the
reuse flag on
newly-created sockets.  Olaf Kirch noticed that his
could allow normal
users to bind to UDP ports used for services such as
nfsd.

CAN-2003-0476: The execve system call in Linux 2.4.x
records the file
descriptor of the executable process in the file table
of the calling
process, allowing local users to gain read access to
restricted file
descriptors.  

CAN-2003-0501: The /proc filesystem in Linux allows
local users to obtain
sensitive information by opening various entries in
/proc/self before
executing a setuid program.  This causes the program
to fail to change the
ownership and permissions of already opened entries.
 
CAN-2003-0550: The STP protocol is known to have no
security, which could
allow attackers to alter the bridge topology.  STP is
now turned off by
default.

CAN-2003-0551: STP input processing was lax in its
length checking, which
could lead to a denial of service.

CAN-2003-0552: Jerry Kreuscher discovered that the
Forwarding table could
be spoofed by sending forged packets with bogus source
addresses the same
as the local host.  




__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com



Reply to: