Yellow Dog Linux Security Advisory: YDU-20031203-1

Terra Soft Security Team yellowdog-updates@lists.terrasoftsolutions.com
03 Dec 2003 23:36:19 -0700 

Yellow Dog Linux Security Announcement
--------------------------------------

Package:	kernel	
Issue Date:	Dec 03, 2003   
Priority:	high
Advisory ID: 	YDU-20031203-1


1. 	Topic:

	Updated kernel packages are available.


2. 	Problem:

	The Linux kernel handles the basic functions of the operating system.

	A flaw in bounds checking in the do_brk() function in the Linux kernel
	versions 2.4.22 and previous can allow a local attacker to gain root
	privileges. This issue is known to be exploitable; an exploit has been
	seen in the wild that takes advantage of this vulnerability. The Common
	Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
	CAN-2003-0961 to this issue.

	All users are advised to upgrade to these errata packages, which contain
	a backported security patch that corrects this vulnerability.


3. 	Solution:

	Updates are available immediately via YDL.Net Enhanced.

   	a) Updating via yum... 
	We suggest that you use the yum program to keep your
        system up-to-date. The following command(s) will retrieve
	and install the fixed version of this update onto your system:

		yum update kernel

	b) Updating manually...
	Download the updates below and then run the following rpm command.
   	(Please use a mirror site)

		rpm -Fvh [filenames]
		Yellow Dog Linux 3.0.1
		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0.1/
			ppc/kernel-*2.4.22-2g.ppc.rpm
			ppc/mol-kmods-0.9.69-3.2.4.22.2g.ppc.rpm

		Yellow Dog Linux 3.0
		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/
			ppc/kernel-*2.4.20-8e.ppc.rpm
			ppc/mol-kmods-0.9.68-3.2.4.20.8e.ppc.rpm

	IMPORTANT NOTE:
	In addition, after upgrading if you see an error message from ybin
	about your yaboot configuration, remove the first instances of "macos",
	"macosx", "delay", and "enablecdboot" from your /etc/yaboot.conf file.
	You should be left with the above keywords at the bottom of the
	/etc/yaboot.conf file.  Run /usr/sbin/ybin.  If ybin does not
	display any messages, you are ready to reboot with the new kernel.	


4. Verification

MD5 checksum			  Package
--------------------------------  ----------------------------
[Yellow Dog Linux 3.0.1]
68cce162f3c45ee4aab69d0153c56545  SRPMS/kernel-2.4.22-2g.src.rpm
4b4830191f6023ee63372ee9e0638013  SRPMS/mol-kmods-0.9.69-3.2.4.22.2g.src.rpm
857b6be16485b5530b1c503efa1ff819  ppc/kernel-2.4.22-2g.ppc.rpm
2f1855497c98655d95f90cbec1ae1f6e  ppc/kernel-BOOT-2.4.22-2g.ppc.rpm
407d082caacc3a52aba59b320ec30a14  ppc/kernel-doc-2.4.22-2g.ppc.rpm
80727f165dcfe3431ede541e6d81dcd2  ppc/kernel-smp-2.4.22-2g.ppc.rpm
3ec53400f1a3055803c974e677ef5828  ppc/kernel-source-2.4.22-2g.ppc.rpm
ee209a5a7469c3fd2057bc6c113ecc52  ppc/mol-kmods-0.9.69-3.2.4.22.2g.ppc.rpm

[Yellow Dog Linux 3.0]
16abb8ac151bb967b64a4cef9e2bfc6f  SRPMS/kernel-2.4.20-8e.src.rpm
b5730fb63fb83d25e06d0cb22a94d631  SRPMS/mol-kmods-0.9.68-3.2.4.20.8e.src.rpm
f6c34ae6d33ad14f506547d7e6eb98c6  ppc/kernel-2.4.20-8e.ppc.rpm
6f16ccc2055ee1a538867527c89f0c35  ppc/kernel-ans-2.4.20-8e.ppc.rpm
1afe9dfbe1b07c1d2b05b9d55c9023de  ppc/kernel-BOOT-2.4.20-8e.ppc.rpm
77e2606984db4e8e698e96a4741d542d  ppc/kernel-doc-2.4.20-8e.ppc.rpm
5d564319803e4210c2bd7c0c0273ef85  ppc/kernel-smp-2.4.20-8e.ppc.rpm
3325fe02211d9e117c051efbca31395d  ppc/kernel-source-2.4.20-8e.ppc.rpm
d8cd17e0243e19100574f8e2ddddecce  ppc/mol-kmods-0.9.68-3.2.4.20.8e.ppc.rpm


If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: md5sum <filename>


5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.terrasoftsolutions.com/ for more
information.

For information regarding the usage of yum, see:
http://www.yellowdoglinux.com/support/solutions/ydl_general/yum.shtml