Trustix Secure Linux Information for VU#973654

Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2004-0034

Package name:      kernel
Summary:           Local DoS
Date:              2004-06-16
Affected versions: Trustix Secure Linux 2.0
                  Trustix Secure Linux 2.1
                  Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
 The kernel package contains the Linux kernel (vmlinuz), the core of your
 Trustix Secure Linux operating system.  The kernel handles the basic
 functions of the operating system:  memory allocation, process allocation,
 device input and output, etc.

Problem description:
 A flaw was by accident discovered by Stian Skjelstad when he was doing
 some code tests during vacation. He was quite surprised when I discovered
 that the code he was trying froze his machine. He reported it to the
 Linux-kernel mailing list and the gcc bugzilla 2004-06-09.

 See CAN-2004-0554 at http://cve.mitre.org/ for more information.


Action:
 We recommend that all systems with this package installed be upgraded.
 Please note that if you do not need the functionality provided by this
 package, you may want to remove it from your system.


Location:
 All Trustix Secure Linux updates are available from
 <URI:http://http.trustix.org/pub/trustix/updates/>
 <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
 Trustix Secure Linux is a small Linux distribution for servers. With focus
 on security and stability, the system is painlessly kept safe and up to
 date from day one using swup, the automated software updater.


Automatic updates:
 Users of the SWUP tool can enjoy having updates automatically
 installed using 'swup --upgrade'.


Public testing:
 Most updates for Trustix Secure Linux are made available for public
 testing some time before release.
 If you want to contribute by testing the various packages in the
 testing tree, please feel free to share your findings on the
 tsl-discuss mailinglist.
 The testing tree is located at
 <URI:http://tsldev.trustix.org/horizon/>

 You may also use swup for public testing of updates:
 
 site {
     class = 0
     location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
     regexp = ".*"
 }
 

Questions?
 Check out our mailing lists:
 <URI:http://www.trustix.org/support/>


Verification:
 This advisory along with all Trustix packages are signed with the
 TSL sign key.
 This key is available from:
 <URI:http://www.trustix.org/TSL-SIGN-KEY>

 The advisory itself is available from the errata pages at
 <URI:http://www.trustix.org/errata/trustix-2.0/> and
 <URI:http://www.trustix.org/errata/trustix-2.1/>
 or directly at
 <URI:http://www.trustix.org/errata/2004/0034>


MD5sums of the packages:
- --------------------------------------------------------------------------
4eeda04ede3e7538c560d78db0087abf  2.1/rpms/kernel-2.4.26-2tr.i586.rpm
f116f17ce723574940cf5653e24b189b  2.1/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
beb2d9638544bbe1e3d3d4c4f3bc0841  2.1/rpms/kernel-doc-2.4.26-2tr.i586.rpm
1da3f4c3c5489ad6441c1deb77ade460  2.1/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
33a3d2cc288d8feca38bf723a532d5fc  2.1/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
2eca74fa29f9ab94400c3b660f1cb7d4  2.1/rpms/kernel-smp-2.4.26-2tr.i586.rpm
87d8729ae10b644fd4293028064b4449  2.1/rpms/kernel-source-2.4.26-2tr.i586.rpm
5e79ec0c2f39096258f277b6c9742010  2.1/rpms/kernel-utils-2.4.26-2tr.i586.rpm
19085e9447cf6c6e442dc7b5cce2741d  2.0/rpms/kernel-2.4.26-2tr.i586.rpm
65a65ef1e6387ff9d1c00f4775baf824  2.0/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
cfe247f0b22f9f9964ad192610030429  2.0/rpms/kernel-doc-2.4.26-2tr.i586.rpm
be9eaf3ea57f93f12732927230014e5d  2.0/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
7ac9ad8333acd85d59337ab963021c95  2.0/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
ff07e3390ca40209e1a3e8cd4b5b6d3a  2.0/rpms/kernel-smp-2.4.26-2tr.i586.rpm
5216d7c88b49b6f4588ff68ca15a9bc5  2.0/rpms/kernel-source-2.4.26-2tr.i586.rpm
5881e9c49f504248ccdb983430f3d3cf  2.0/rpms/kernel-utils-2.4.26-2tr.i586.rpm
24ea881f70d85501dde7b0bd280db86b  e2/kernel-2.4.26-2tr.i586.rpm
b19ab411d3ecb4033b828a1dbd8b7d6e  e2/kernel-BOOT-2.4.26-2tr.i586.rpm
86bf9bee49f8aca7220c1be1fa085bc6  e2/kernel-doc-2.4.26-2tr.i586.rpm
2ae2ddcca0440e2a7995208500b05b88  e2/kernel-firewall-2.4.26-2tr.i586.rpm
53b6077acf13c8c1ae2358ad078b1710  e2/kernel-firewallsmp-2.4.26-2tr.i586.rpm
7ad7e859f539438ca7ada4ed0b12ea76  e2/kernel-smp-2.4.26-2tr.i586.rpm
2719c667ccbeabd5e40eadc747663ad3  e2/kernel-source-2.4.26-2tr.i586.rpm
c340c5b408699be1d6d44a2d9b9211c8  e2/kernel-utils-2.4.26-2tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA0DFii8CEzsK9IksRAteIAJ97XC+eJOVpi/AVkvkk9W9O2byoGgCfYxMo
K4oBAeXOexvaNTo652IzAnA=
=7CnB
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.