search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"

Vulnerability Note VU#973654

Original Release Date: 2004-06-15 | Last Revised: 2004-08-23

Overview

The Linux kernel contains a denial-of-service vulnerability that allows local users to disable affected hosts.

Description

Several versions of the Linux kernel contain a defect in their use of the Intel processor instruction set. The "fsave" and "frstor" instructions are used to store and restore the state of the processor's floating point unit (FPU), respectively. Typically, manipulation of the FPU is handled by the compiler of a high-level programming language, but some languages allow programmers to invoke assembly instructions directly.

By using a combination of calls to fsave and frstor, it is possible to write a simple program that will force the Linux kernel into an infinite signal handling loop. When this occurs, the kernel will fail to operate properly or respond to input, causing a denial-of-service condition. Such a program does not require specialized tools or privileged system access, so it is possible for any local user to exploit this vulnerability.

Impact

This vulnerability allows local users to disable the Linux kernel on affected hosts, resulting in a denial-of-service condition.

Solution

Apply a patch from your vendor

The Systems Affected section of this document contains a list of vendors that have been notified of this issue, as well as their responses.

Vendor Information

973654
 
Affected   Unknown   Unaffected

Conectiva

Notified:  June 15, 2004 Updated:  August 18, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------

PACKAGE   : kernel
SUMMARY   : Fixes for kernel vulnerabilities
DATE      : 2004-06-22 10:12:00
ID        : CLA-2004:845
RELEVANT
RELEASES  : 8, 9

- -------------------------------------------------------------------------

DESCRIPTION
The Linux kernel is responsible for handling the basic functions of
the GNU/Linux operating system.

This announcement fixes the following vulnerabilities:

1. Local denial of service vulnerability (CAN-2004-0554[1])

Stian Skjelstad found[2] a vulnerability[1] in the fpu controller
code that can be used by local attackers to cause a denial of service
(DoS) on the system.

2. Local memory disclosure vulnerability (CAN-2004-0535[3])

Chris Wright found a vulnerability[3] in the Intel(R) PRO/1000
ethernet card driver that could allow a local attacker to read some
bytes of kernel memory.

3. Sparse vulnerabilities (CAN-2004-0495[4])  

Al Viro, by using Sparse[5] (a code inspection tool), found several
vulnerabilities which, in the worst case, might allow local attackers
to obtain root privileges.


SOLUTION
It is recommended that all Conectiva Linux users upgrade the kernel
package.

IMPORTANT: exercise caution and preparation when upgrading the
kernel, since it will require a reboot after the new packages are
installed. In particular, Conectiva Linux 9 will most likely require
an initrd file (which is automatically created in the /boot directory
after the new packages are installed). Generic kernel update
instructions can be obtained in the manuals and in our updates
page[6]. More detailed instructions are also available in Portuguese
at our Moin[7] page.


REFERENCES:
1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
2.http://marc.theaimsgroup.com/?l=linux-kernel&m=108681568931323&w=2
3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
5.http://sparse.bkbits.net:8080/sparse/
6.https://moin.conectiva.com.br/UpdatingKernelPackages
7.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html
                       


UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/8/SRPMS/kernel-2.4.19-1U80_22cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/devfsd-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_22cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-BOOT-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-doc-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-enterprise-2.4.19-1U80_22cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-headers-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-rbc-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_22cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-source-2.4.19-1U80_22cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/kernel24-2.4.21-31301U90_16cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/devfsd-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_16cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-BOOT-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-doc-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_16cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-headers-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-rbc-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.athlon.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i586.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.i686.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_16cl.pentium4.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-source-2.4.21-31301U90_16cl.i386.rpm


ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

- run:                 apt-get update
- after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQFA2DCq42jd0JmAcZARAg49AJ9sqVjI/FsSEeWfws1iPyJ0szUIPgCfZ9kw
y6YY+kD2FTucN7+WNLkZZKg=
=NSse
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Guardian Digital Inc.

Notified:  June 15, 2004 Updated:  August 18, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


+------------------------------------------------------------------------+
| Guardian Digital Security Advisory                       June 21, 2004 |
| http://www.guardiandigital.com                        ESA-20040621-005 |
|                                                                        |
| Package: kernel                                                        |
| Summary: Several vulnerabilities.                                      |
+------------------------------------------------------------------------+

 EnGarde Secure Linux is an enterprise class Linux platform engineered
 to enable corporations to quickly and cost-effectively build a complete
 and secure Internet presence while preventing Internet threats.

OVERVIEW
- --------
 This update fixes several security vulnerabilities in the Linux Kernel
 shipped with EnGarde Secure Linux, most notably the "fsave/frstor"
 vulnerability (CAN-2004-0554) and an information leak in the e1000
 driver (CAN-2004-0535).

 Guardian Digital products affected by this issue include:

   EnGarde Secure Community 2
   EnGarde Secure Professional v1.5

 It is recommended that all users apply this update as soon as possible.

SOLUTION
- --------
 Guardian Digital Secure Network subscribers may automatically update
 affected systems by accessing their account from within the Guardian
 Digital WebTool.

 To modify your GDSN account and contact preferences, please go to:

   https://www.guardiandigital.com/account/

REFERENCES
- ----------
 Guardian Digital's public key:
   http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY

 Official Web Site of the Linux Kernel:
   http://www.kernel.org/

 Guardian Digital Advisories:
   http://infocenter.guardiandigital.com/advisories/

 Security Contact: security@guardiandigital.com

- --------------------------------------------------------------------------
Author: Ryan W. Maple <ryan@guardiandigital.com>
Copyright 2004, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA1xEMHD5cqd57fu0RAimkAJ91QQbdq0KTPMApdbuBk0W4VaHQUQCfXTgV
CEwu6/nwrjKh4msuRNWV4g0=
=plmV
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MandrakeSoft

Notified:  June 15, 2004 Updated:  August 18, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

                Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name:           kernel
Advisory ID:            MDKSA-2004:062
Date:                   June 23rd, 2004

Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________

Problem Description:

A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and
earlier was discovered by Chris Wright.  The e1000 driver does not
properly reset memory or restrict the maximum length of a data
structure, which can allow a local user to read portions of kernel
memory (CAN-2004-0535).

A vulnerability was also discovered in the kernel were a certain C
program would trigger a floating point exception that would crash the
kernel.  This vulnerability can only be triggered locally by users with
shell access (CAN-2004-0554).
_______________________________________________________________________

References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
 http://www.kb.cert.org/vuls/id/973654
______________________________________________________________________

Updated Packages:
 
Mandrakelinux 10.0:
4d206822c79940210133a7480d21e3df  10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.i586.rpm
68bcd25169105b157075c49ae1afc652  10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.i586.rpm
abf8ad1259bf4f92a49e36dfcf3c9c39  10.0/RPMS/kernel-enterprise-2.4.25.6mdk-1-1mdk.i586.rpm
312e78a0c775dbb7b9cbef0d99a04fcd  10.0/RPMS/kernel-enterprise-2.6.3.14mdk-1-1mdk.i586.rpm
e488a38369863ce174eedaf556cb3b89  10.0/RPMS/kernel-i686-up-4GB-2.4.25.6mdk-1-1mdk.i586.rpm
4793fe40b2af0fdd5864f72db0615e50  10.0/RPMS/kernel-i686-up-4GB-2.6.3.14mdk-1-1mdk.i586.rpm
762657bdede72b9a35acb17b395ee1ff  10.0/RPMS/kernel-p3-smp-64GB-2.4.25.6mdk-1-1mdk.i586.rpm
20aef99ab5994559227cbd7010d24e3a  10.0/RPMS/kernel-p3-smp-64GB-2.6.3.14mdk-1-1mdk.i586.rpm
08196ea86336c42d850916038a6b40ba  10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.i586.rpm
98edb621bf6194742b9f4acf41ac798a  10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.i586.rpm
97b43a5beecc427cec5339f7b230937b  10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.i586.rpm
c61995bd80f09c18d644b63574830564  10.0/RPMS/kernel-source-2.4.25-6mdk.i586.rpm
a595b55173adb08a6ee525aba7a11bcf  10.0/RPMS/kernel-source-2.6.3-14mdk.i586.rpm
356ca3809548835c8d1543b1c5bd2c78  10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.i586.rpm
84c88cb9db5910bf541d69d041d146a2  10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8  10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm

Mandrakelinux 10.0/AMD64:
0bbe2751bf80eb4cd0b62d577e580c44  amd64/10.0/RPMS/kernel-2.4.25.6mdk-1-1mdk.amd64.rpm
2ed3cdb8d1d5a9da83e068c4be01f91f  amd64/10.0/RPMS/kernel-2.6.3.14mdk-1-1mdk.amd64.rpm
aa4eee1b7d2e75100e9fac4f60484c2d  amd64/10.0/RPMS/kernel-secure-2.6.3.14mdk-1-1mdk.amd64.rpm
6c68464ee6a8f8e6abfd4aec1bc01c2a  amd64/10.0/RPMS/kernel-smp-2.4.25.6mdk-1-1mdk.amd64.rpm
acc109c127a3c52cf1d2e0f86834a62a  amd64/10.0/RPMS/kernel-smp-2.6.3.14mdk-1-1mdk.amd64.rpm
fdd0f9614d7fe27508319c021e83a41e  amd64/10.0/RPMS/kernel-source-2.4.25-6mdk.amd64.rpm
dfc6b8544787e556a30d1165cce8bfbc  amd64/10.0/RPMS/kernel-source-2.6.3-14mdk.amd64.rpm
23f827e67259b79381a9e8dd454880fa  amd64/10.0/RPMS/kernel-source-stripped-2.6.3-14mdk.amd64.rpm
84c88cb9db5910bf541d69d041d146a2  amd64/10.0/SRPMS/kernel-2.4.25.6mdk-1-1mdk.src.rpm
7dd3f9640e29fd2365338e6350d38ef8  amd64/10.0/SRPMS/kernel-2.6.3.14mdk-1-1mdk.src.rpm

Corporate Server 2.1:
46927be757f70a59c86cdf11b3e43c92  corporate/2.1/RPMS/kernel-2.4.19.41mdk-1-1mdk.i586.rpm
d08b40244502502acadf9ba1b0e9762b  corporate/2.1/RPMS/kernel-enterprise-2.4.19.41mdk-1-1mdk.i586.rpm
66749baa06773ce3942e2f770140502c  corporate/2.1/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
32a44dfa574bbbc50d316a5c8a4ef6ba  corporate/2.1/RPMS/kernel-smp-2.4.19.41mdk-1-1mdk.i586.rpm
40213434e41fefe88d20f4231a1f9734  corporate/2.1/RPMS/kernel-source-2.4.19-41mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c  corporate/2.1/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm

Corporate Server 2.1/x86_64:
db88d345b01e85d2c6cfb01f1e28c3f1  x86_64/corporate/2.1/RPMS/kernel-2.4.19.42mdk-1-1mdk.x86_64.rpm
eaa43fee45b287b47e59a17206040308  x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.42mdk-1-1mdk.x86_64.rpm
88db1fa53a907a7ae59b561501053963  x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.42mdk-1-1mdk.x86_64.rpm
a63ab72190d8214f8e242fe298c49a41  x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-42mdk.x86_64.rpm
b175ee4e191ff0f4098793413dd63c71  x86_64/corporate/2.1/SRPMS/kernel-2.4.19.42mdk-1-1mdk.src.rpm

Mandrakelinux 9.1:
71a8d1ae72fb050e3f4a07fcecf2f6f6  9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.i586.rpm
30998cdc47a6005198d7bff758c15fa8  9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.i586.rpm
2d50a264c7578cb525ffef5b9c6c256c  9.1/RPMS/kernel-secure-2.4.21.0.31mdk-1-1mdk.i586.rpm
d380dafaea573b0f8d135f442ac84085  9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.i586.rpm
fef500ffec1c0ec7e63daa040cea2d3e  9.1/RPMS/kernel-source-2.4.21-0.31mdk.i586.rpm
f3c09dcecb57b158e7e064b58be290fc  9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm

Mandrakelinux 9.1/PPC:
0ae9dba70be3135ed2d58b18744d5c88  ppc/9.1/RPMS/kernel-2.4.21.0.31mdk-1-1mdk.ppc.rpm
32c60b01cdc16a585ddd75c00f0f1b99  ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.31mdk-1-1mdk.ppc.rpm
444be2eb864edc3e71de2a80ff1707c5  ppc/9.1/RPMS/kernel-smp-2.4.21.0.31mdk-1-1mdk.ppc.rpm
0defa0d78d83de206b45d3e0f6f8c6b2  ppc/9.1/RPMS/kernel-source-2.4.21-0.31mdk.ppc.rpm
f3c09dcecb57b158e7e064b58be290fc  ppc/9.1/SRPMS/kernel-2.4.21.0.31mdk-1-1mdk.src.rpm

Mandrakelinux 9.2:
f8d407d6b8c33d23e1869b192d86c581  9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.i586.rpm
eb13e94eb20684ac0a28d61f06f7d55b  9.2/RPMS/kernel-enterprise-2.4.22.35mdk-1-1mdk.i586.rpm
ed513e7698ee869227bb178239e4fd6b  9.2/RPMS/kernel-i686-up-4GB-2.4.22.35mdk-1-1mdk.i586.rpm
19382a345801c54d057569d4cd238457  9.2/RPMS/kernel-p3-smp-64GB-2.4.22.35mdk-1-1mdk.i586.rpm
1eff108d820b8eaaf4aa30dc57037e38  9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.i586.rpm
554f24dd143cef8e46db249210ee6698  9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.i586.rpm
0e4a8b55bfc63b9c69bd3ffcbf36deb3  9.2/RPMS/kernel-source-2.4.22-35mdk.i586.rpm
9aada28aa2b9f835d3dc4cc30f856ca6  9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm

Mandrakelinux 9.2/AMD64:
445f0184ca8c02e0a3f915408c6e8f2c  amd64/9.2/RPMS/kernel-2.4.22.35mdk-1-1mdk.amd64.rpm
dc7be7702ba82ca3e5e1c5c07ec5a7a7  amd64/9.2/RPMS/kernel-secure-2.4.22.35mdk-1-1mdk.amd64.rpm
7249a64585c3fdb4e0c819274ffa5d6b  amd64/9.2/RPMS/kernel-smp-2.4.22.35mdk-1-1mdk.amd64.rpm
36684fff4f1d13784af9d539df01ba67  amd64/9.2/RPMS/kernel-source-2.4.22-35mdk.amd64.rpm
9aada28aa2b9f835d3dc4cc30f856ca6  amd64/9.2/SRPMS/kernel-2.4.22.35mdk-1-1mdk.src.rpm

Multi Network Firewall 8.2:
fdd6ea13be5777eb4ac69ae4a15149eb  mnf8.2/RPMS/kernel-secure-2.4.19.41mdk-1-1mdk.i586.rpm
60c9941aba0d698ad72f9d2308433b1c  mnf8.2/SRPMS/kernel-2.4.19.41mdk-1-1mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi.  The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security.  You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:

 gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

 http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

 security_linux-mandrake.com

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
 <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA2dQumqjQ0CJFipgRAvsvAJwKYoGaMGxqb9ZWhapI96NYwd9+uQCghmDy
OB/7YIx91p7173icwYh3Ito=
=FVyW
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Red Hat Inc.

Notified:  June 15, 2004 Updated:  August 18, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Updated kernel packages fix security vulnerabilities
Advisory ID: RHSA-2004:255-01
Issue date: 2004-06-17
Updated on: 2004-06-17
Product: Red Hat Enterprise Linux
Keywords:
Cross references:
Obsoletes: RHSA-2004:188
CVE Names: CAN-2004-0427 CAN-2004-0495 CAN-2004-0554
- ---------------------------------------------------------------------

1. Topic:

Updated kernel packages for Red Hat Enterprise Linux 3 that fix security
vulnerabilities are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia32e, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64
Red Hat Desktop version 3 - athlon, i386, i686, ia32e, x86_64
Red Hat Enterprise Linux ES version 3 - athlon, i386, i686, ia32e, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia32e, ia64, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

A flaw was found in Linux kernel versions 2.4 and 2.6 for x86 and x86_64
that allowed local users to cause a denial of service (system crash) by
triggering a signal handler with a certain sequence of fsave and frstor
instructions. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0554 to this issue.

Another flaw was discovered in an error path supporting the clone()
system call that allowed local users to cause a denial of service
(memory leak) by passing invalid arguments to clone() running in an
infinite loop of a user's program. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0427
to this issue.

Enhancements were committed to the 2.6 kernel by Al Viro which enabled the
Sparse source code checking tool to check for a certain class of kernel
bugs. A subset of these fixes also applies to various drivers in the 2.4
kernel. Although the majority of these resides in drivers unsupported in
Red Hat Enterprise Linux 3, the flaws could lead to privilege escalation or
access to kernel memory. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0495 to these issues.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum. These packages contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

125794 - CAN-2004-0554 local user can get the kernel to hang
125901 - [PATCH] CAN-2004-0554: FPU exception handling local DoS
125968 - last RH kernel affected bug
126121 - CAN-2004-0495 Sparse security fixes backported for 2.4 kernel

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

ppc64:
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ppc64.rpm

ppc64iseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm

ppc64pseries:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm

s390:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm

s390x:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.s390x.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-15.0.2.EL.src.rpm

athlon:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm

i386:
Available from Red Hat Network: kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.i386.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.i386.rpm

i686:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm

ia32e:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia32e.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm

ia64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.ia64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm

x86_64:
Available from Red Hat Network: kernel-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
Available from Red Hat Network: kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm



7. Verification:

MD5 sum Package Name
- --------------------------------------------------------------------------
05b0bcb454ac5454479481d0288fbf20 kernel-2.4.21-15.0.2.EL.athlon.rpm
a3073219b60cbb7ce447a22e5103e097 kernel-2.4.21-15.0.2.EL.i686.rpm
90dabcf0bb591756e5f04f397cf8a156 kernel-2.4.21-15.0.2.EL.ia32e.rpm
24ddfb9f957028d3bbc5cfff2b25bc67 kernel-2.4.21-15.0.2.EL.ia64.rpm
495a1c8f85e0e237643fd2e3f89ddaed kernel-2.4.21-15.0.2.EL.ppc64iseries.rpm
6ad188ae0c61a077dede364c59448f61 kernel-2.4.21-15.0.2.EL.ppc64pseries.rpm
1b9d329e2b074616239a91fd967871c8 kernel-2.4.21-15.0.2.EL.s390.rpm
a8bab06e561ac8b6ab473b4e722a570b kernel-2.4.21-15.0.2.EL.s390x.rpm
669d77609b1c47ff49c939c1ea7bbc45 kernel-2.4.21-15.0.2.EL.src.rpm
13aabc1c96dfee65f73246051a955ba8 kernel-2.4.21-15.0.2.EL.x86_64.rpm
4635f8c6555f3b3e52feb9444b2e230d kernel-BOOT-2.4.21-15.0.2.EL.i386.rpm
6cf6c39a83dfe7cca9c9a79f02dc3fa8 kernel-doc-2.4.21-15.0.2.EL.i386.rpm
cc60f06bdd3ad6a05040df8ba40d41a1 kernel-doc-2.4.21-15.0.2.EL.ia64.rpm
3f21dd578af78ed576c7cbf6e17a3f16 kernel-doc-2.4.21-15.0.2.EL.ppc64.rpm

5e27cc65020dbb1c92368e79c3edcbe6 kernel-doc-2.4.21-15.0.2.EL.s390.rpm
860944b6a4e8384a0b344dc96ea48b6d kernel-doc-2.4.21-15.0.2.EL.s390x.rpm
608d072210521af17c455f7754a6e352 kernel-doc-2.4.21-15.0.2.EL.x86_64.rpm
6c8dad84abc4dd1892c9dc862c329273 kernel-hugemem-2.4.21-15.0.2.EL.i686.rpm
426c517d35a53546138b0d72a0515909 kernel-hugemem-unsupported-2.4.21-15.0.2.EL.i686.rpm
96eb477ac938da01b729b5ac5ed36e3b kernel-smp-2.4.21-15.0.2.EL.athlon.rpm
bece09ba4a651196758380372dc4c593 kernel-smp-2.4.21-15.0.2.EL.i686.rpm
82154d7551d6e4947af70b3044c9d4d2 kernel-smp-2.4.21-15.0.2.EL.x86_64.rpm
9d24273cc70bb6be810984cb3f3d0a36 kernel-smp-unsupported-2.4.21-15.0.2.EL.athlon.rpm
775338e099c3bdf36a586d29e55dbd3e kernel-smp-unsupported-2.4.21-15.0.2.EL.i686.rpm
8fde60be45154b7722893feb65506f42 kernel-smp-unsupported-2.4.21-15.0.2.EL.x86_64.rpm
3c690c54909996d3bba3da7c8d8f894a kernel-source-2.4.21-15.0.2.EL.i386.rpm
a8fc2a1042ee3e580881b50c97a3241d kernel-source-2.4.21-15.0.2.EL.ia64.rpm
937a05a7666f14f95d20be19fc461f05 kernel-source-2.4.21-15.0.2.EL.ppc64.rpm
282bb4f0e5bfbec228a742ab6666665d kernel-source-2.4.21-15.0.2.EL.s390.rpm
6e9628389fa69aafc9c910e4b37a425a kernel-source-2.4.21-15.0.2.EL.s390x.rpm
44be30f820be806621b47786ebff1844 kernel-source-2.4.21-15.0.2.EL.x86_64.rpm
17f10f04cffc9751afb1499aaff00fdc kernel-unsupported-2.4.21-15.0.2.EL.athlon.rpm
89ee51cb60f7a1f34e66cbb16abcba07 kernel-unsupported-2.4.21-15.0.2.EL.i686.rpm
144943d76b23470572326c84b57c0dd9 kernel-unsupported-2.4.21-15.0.2.EL.ia32e.rpm
60e5c1f1efa438a658b12e16543214cd kernel-unsupported-2.4.21-15.0.2.EL.ia64.rpm
57f0111e6443fd5a39099731cc0856e8 kernel-unsupported-2.4.21-15.0.2.EL.ppc64iseries.rpm
22f38c0c1abee45e0ac24caa19e06311 kernel-unsupported-2.4.21-15.0.2.EL.ppc64pseries.rpm
8f67e244ba867a103e6b211d3d0d1fba kernel-unsupported-2.4.21-15.0.2.EL.s390.rpm
3522c33c18eb876b5033ef12398707fe kernel-unsupported-2.4.21-15.0.2.EL.s390x.rpm
aa060423c3136a26ca31a7aafa337380 kernel-unsupported-2.4.21-15.0.2.EL.x86_64.rpm


These packages are GPG signed by Red Hat for security. Our key is
available from https://www.redhat.com/security/team/key.html

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:

md5sum <filename>


8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA0pQzXlSAg2UNWIIRAnebAJ92x5UDw32uwjVFVe9Eat4cQQqXAwCgkRtl
OG3QYv33e4XJlyE9npuygvs=
=Joca
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Slackware

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  kernel DoS (SSA:2004-167-01)

New kernel packages are available for Slackware 8.1, 9.0, 9.1,
and -current to fix a denial of service security issue.  Without
a patch to asm-i386/i387.h, a local user can crash the machine.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Tue Jun 15 02:11:41 PDT 2004
patches/packages/kernel-ide-2.4.26-i486-3.tgz:  Patched local DoS
 (CAN-2004-0554).  Without this patch to asm-i386/i387.h a local user
 can crash the kernel.
 (* Security fix *)
patches/packages/kernel-source-2.4.26-noarch-2.tgz:  Patched local DoS
 (CAN-2004-0554).  The new patch can be found here, too:
 patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz
 (* Security fix *)
patches/kernels/*:  Patched local DoS (CAN-2004-0554).
 (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-ide-2.4.18-i386-6.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-source-2.4.18-noarch-7.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/kernels/

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-ide-2.4.21-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-source-2.4.21-noarch-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/kernels/

Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.26-i486-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.26-noarch-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.26-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.26-i386-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.26-noarch-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-generic-2.6.6-i486-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-headers-2.6.6-i386-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-source-2.6.6-noarch-3.tgz

Just the patch for 2.4.x kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz
77d9eb0640f07df4167aaa53e0b42e2e  CAN-2004-0554.i387.fnclex.diff.gz

Just the patch for 2.6.x kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/source/linux-2.6.x/CAN-2004-0554.i387.fnclex.diff.gz
e453d64187eac2216bebf85d72449fcb  CAN-2004-0554.i387.fnclex.diff.gz


MD5 signatures:
+-------------+

Slackware 8.1 packages:
8bbced2d1f09d033de89ae5957427a25  kernel-ide-2.4.18-i386-6.tgz
050aa2dd8d38f0ba3de2fca621eb13c9  kernel-source-2.4.18-noarch-7.tgz

Slackware 9.0 packages:
21dbafdcf32d84c22daddc349a719420  kernel-ide-2.4.21-i486-4.tgz
56ca0fbf5778283a1d9a76a278cb7cf5  kernel-source-2.4.21-noarch-4.tgz

Slackware 9.1 packages:
614b79763721126939569f235d4524d6  kernel-ide-2.4.26-i486-3.tgz
43681f735928641a2b5fc786604bca77  kernel-source-2.4.26-noarch-2.tgz

Slackware -current packages:
7a19720356937bcc0f360b8b158a1419  kernel-ide-2.4.26-i486-4.tgz
c0d2d8b2977d5c86d100fe02a8c2681b  kernel-headers-2.4.26-i386-3.tgz
8fbb66feb2d108baa6af6a895fc7f49a  kernel-source-2.4.26-noarch-4.tgz
91ccc5ff7a5be15afdee86a60c6b408d  kernel-generic-2.6.6-i486-5.tgz
bdcb17009e79bb375dad7fecdd7e60ae  kernel-headers-2.6.6-i386-3.tgz
ed7c1e42f537414db8cd4dda8e2e9077  kernel-source-2.6.6-noarch-3.tgz


Installation instructions:
+------------------------+

Use upgradepkg to install the new packages.
After installing the kernel-ide package you will need to run lilo ('lilo'
at a command prompt) or create a new system boot disk ('makebootdisk'), and
reboot.

If desired, a kernel from the kernels/ directory may be used instead.  For
example, to use the kernel in kernels/scsi.s/, you would copy it to the
boot directory like this:

cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.26

Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.26 /boot/vmlinuz

Then, run 'lilo' or create a new system boot disk and reboot.


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAzzc6akRjwEAQIjMRAmNLAJ9cY5eDhdmZJBDc4IoJD+owJ2PlkACcCOWh
DyVVz1pzzG06SBnUbpC/iHg=
=luGU
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SuSE Inc.

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Vulnerable

Vendor Statement

We will release a new kernel package as soon as possible. Our customers can update their systems by using the YaST Online Update (YOU) tool or installing the RPM file directly from http://www.suse.de/en/private/download/updates/index.html.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________

                       SUSE Security Announcement

       Package:                kernel
       Announcement-ID:        SuSE-SA:2004:017
       Date:                   Wednesday, Jun 16th 2004 15:20 MEST
       Affected products:      8.0, 8.1, 8.2, 9.0, 9.1
                               SuSE Linux Database Server,
                               SuSE eMail Server III, 3.1
                               SuSE Linux Enterprise Server 7, 8
                               SuSE Linux Firewall on CD/Admin host
                               SuSE Linux Connectivity Server
                               SuSE Linux Office Server
       Vulnerability Type:     local denial-of-service attack
       Severity (1-10):        4
       SUSE default package:   no
       Cross References:       CAN-2004-0554

   Content of this advisory:
       1) security vulnerability resolved:
            - floating point exception causes system crash
          problem description, discussion, solution and upgrade information
       2) pending vulnerabilities, solutions, workarounds:
            - icecast
            - sitecopy
            - cadaver
            - OpenOffice_org
            - tripwire
            - postgresql
            - lha
            - XDM
            - mod_proxy
        3) standard appendix (further information)

______________________________________________________________________________

1)  problem description, brief discussion, solution, upgrade information

   The Linux kernel is vulnerable to a local denial-of-service attack.
   By using a C program it is possible to trigger a floating point
   exception that puts the kernel into an unusable state.
   To execute this attack a malicious user needs shell access to the
   victim's machine.
   The severity of this bug is considered low because local denial-of-
   service attacks are hard to prevent in general.
   Additionally the bug is limited to x86 and x86_64 architecture.



   SPECIAL INSTALL INSTRUCTIONS:
   ==============================
   The following paragraphs will guide you through the installation
   process in a step-by-step fashion. The character sequence "****"
   marks the beginning of a new paragraph. In some cases, the steps
   outlined in a particular paragraph may or may not be applicable
   to your situation.
   Therefore, please make sure to read through all of the steps below
   before attempting any of these procedures.
   All of the commands that need to be executed are required to be
   run as the superuser (root). Each step relies on the steps before
   it to complete successfully.
   Note: The update packages for the SuSE Linux Enterprise Server 7
   (SLES7) are being tested at the moment and will be published as soon
   as possible.


 **** Step 1: Determine the needed kernel type

   Please use the following command to find the kernel type that is
   installed on your system:

     rpm -qf /boot/vmlinuz

   Following are the possible kernel types (disregard the version and
   build number following the name separated by the "-" character)

     k_deflt   # default kernel, good for most systems.
     k_i386    # kernel for older processors and chipsets
     k_athlon  # kernel made specifically for AMD Athlon(tm) family processors
     k_psmp    # kernel for Pentium-I dual processor systems
     k_smp     # kernel for SMP systems (Pentium-II and above)
     k_smp4G   # kernel for SMP systems which supports a maximum of 4G of RAM
     kernel-64k-pagesize
     kernel-bigsmp
     kernel-default
     kernel-smp

 **** Step 2: Download the package for your system

   Please download the kernel RPM package for your distribution with the
   name as indicated by Step 1. The list of all kernel rpm packages is
   appended below. Note: The kernel-source package does not
   contain a binary kernel in bootable form. Instead, it contains the
   sources that the binary kernel rpm packages are created from. It can be
   used by administrators who have decided to build their own kernel.
   Since the kernel-source.rpm is an installable (compiled) package that
   contains sources for the linux kernel, it is not the source RPM for
   the kernel RPM binary packages.

   The kernel RPM binary packages for the distributions can be found at the
   locations below ftp://ftp.suse.com/pub/suse/i386/update/.

     8.0/images/
     8.1/rpm/i586
     8.2/rpm/i586
     9.0/rpm/i586
     9.1/rpm/i586

   After downloading the kernel RPM package for your system, you should
   verify the authenticity of the kernel rpm package using the methods as
   listed in section 3) of each SUSE Security Announcement.


 **** Step 3: Installing your kernel rpm package

   Install the rpm package that you have downloaded in Steps 3 or 4 with
   the command
       rpm -Uhv --nodeps --force <K_FILE.RPM>
   where <K_FILE.RPM> is the name of the rpm package that you downloaded.

   Warning: After performing this step, your system will likely not be
            able to boot if the following steps have not been fully
            followed.


   If you run SUSE LINUX 8.1 and haven't applied the kernel update
   (SUSE-SA:2003:034), AND you are using the freeswan package, you also
   need to update the freeswan rpm as a dependency as offered
   by YOU (YaST Online Update). The package can be downloaded from
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/

 **** Step 4: configuring and creating the initrd

   The initrd is a ramdisk that is loaded into the memory of your
   system together with the kernel boot image by the bootloader. The
   kernel uses the content of this ramdisk to execute commands that must
   be run before the kernel can mount its actual root filesystem. It is
   usually used to initialize SCSI drivers or NIC drivers for diskless
   operation.

   The variable INITRD_MODULES in /etc/sysconfig/kernel determines
   which kernel modules will be loaded in the initrd before the kernel
   has mounted its actual root filesystem. The variable should contain
   your SCSI adapter (if any) or filesystem driver modules.

   With the installation of the new kernel, the initrd has to be
   re-packed with the update kernel modules. Please run the command

     mk_initrd

   as root to create a new init ramdisk (initrd) for your system.
   On SuSE Linux 8.1 and later, this is done automatically when the
   RPM is installed.


 **** Step 5: bootloader

   If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
   are two options:
   Depending on your software configuration, you have either the lilo
   bootloader or the grub bootloader installed and initialized on your
   system.
   The grub bootloader does not require any further actions to be
   performed after the new kernel images have been moved in place by the
   rpm Update command.
   If you have a lilo bootloader installed and initialized, then the lilo
   program must be run as root. Use the command

     grep LOADER_TYPE /etc/sysconfig/bootloader

   to find out which boot loader is configured. If it is lilo, then you
   must run the lilo command as root. If grub is listed, then your system
   does not require any bootloader initialization.

   Warning: An improperly installed bootloader may render your system
            unbootable.

 **** Step 6: reboot

   If all of the steps above have been successfully completed on your
   system, then the new kernel including the kernel modules and the
   initrd should be ready to boot. The system needs to be rebooted for
   the changes to become active. Please make sure that all steps have
   completed, then reboot using the command
       shutdown -r now
   or
       init 6

   Your system should now shut down and reboot with the new kernel.


   There is no workaround known.


   Please download the update package for your distribution and verify its
   integrity by the methods listed in section 3) of this announcement.
   Then, install the package using the command "rpm -Fhv file.rpm" to apply
   the update.
   Our maintenance customers are being notified individually. The packages
   are being offered to install from the maintenance web.


   Intel i386 Platform:

   SuSE-9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.75.i586.rpm
     8d11469e1815c5b2fa143fce62c17b95

    ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.75.i586.rpm
     75222182ad4c766b6482e5b83658819d
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.75.i586.rpm
     45f1244f153ab1387a9dc67e7bcf20bb
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.75.i586.rpm
     517647d955770503fe61ae2549c453dd
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.75.src.rpm
     9103503f430b9d854630ecb8855a2fb3
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.75.nosrc.rpm
     9381c56f1f64835c5379dde278ac768d
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.75.nosrc.rpm
     4f47dc2be58f5315cf596c051c2892b5
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.75.nosrc.rpm
     732c1e7d2a9e41780464eccdc0d54505

   SuSE-9.0:
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-226.i586.rpm
     7b6022e2f80325b42fa7dc3188360530
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-226.i586.rpm
     594efe04ccc233e890bfb277e8296c2d
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-226.i586.rpm
     f41d088cf20bfe583e57f95a6b46d625
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-226.i586.rpm
     39e2c09ece3f22b50eb777b85a7218ef
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-226.i586.rpm
     83398954810403b9dfb65bcf1af25352
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-226.i586.rpm
     18dde4a8af68dd1f78a0177c3214457a
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-226.src.rpm
     d5b037aaf122b1b05917e3f0b475baae
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-226.src.rpm
     e10aea97785eb12716ad7d5e20cbd723
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-226.src.rpm
     54b8bbd368998abc1a63224caa880473
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-226.src.rpm
     f944b14978ecd211c26f8169238292bf
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-226.src.rpm
     66a116aeb9757c538a0643e8322095a7
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-226.src.rpm
     5e3694ba088fd39891a5979380679d20

   SuSE-8.2:
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-113.i586.rpm
     a5843cb4e2b16515d70574d83113ac48
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-113.i586.rpm
     724529485d3a304f0479f9216fc361af
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-113.i586.rpm
     b0e687c208053d546b7057257beb7d32
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-113.i586.rpm
     749b101e7fc4aa5c62e2a5b650002803
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-113.i586.rpm
     3377544a5f6d9c73fdfe05140fce0813
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-113.src.rpm
     0a41c750b8cd3953d47e27ea15c58697
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-113.src.rpm
     a5e5790e5f7fe62905d29750543c9e20
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-113.src.rpm
     9defa7cb706e924f8336dd03fafbcfd5
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-113.src.rpm
     8469dbc8810dd292100d085e00bb6081
   ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-113.src.rpm
     d990fcbace1f21ff383abdf7608a17ef

   SuSE-8.1:
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-226.i586.rpm
     43ee5eae102f0258a414dd15e3fd9433
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-226.i586.rpm
     0c6289e168307d615bfe6cef9ebcf879
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-226.i586.rpm
     003a38c53fe91070eeae85983930c70e
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-226.i586.rpm
     657d08fa4b5a2ba7de2a314a7d1622e1
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-226.i586.rpm
     e19239b4ca52ebd21f775b5e6195f144
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-226.src.rpm
     ee67f5db0ea2f1431f46b7dd27815a56
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-226.src.rpm
     b29021156d6582e315666b16231b2a60
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-226.src.rpm
     ce5e47d527cee6968cd95bb8430d3e18
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-226.src.rpm
     a081a0f1e31f5491cdeba1fea5ea6411
   ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-226.src.rpm
     1dbfd3b5f272fc75342ae55bbe7ab45c

   SuSE-8.0:
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-299.i386.rpm
     7de319a4e6c667fba359686b814d4a73
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-299.i386.rpm
     df5aad7c423625a19af151bbba0f2ca8
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-299.i386.rpm
     cb02c8381962eda997ebb115ef68ae4c
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-299.i386.rpm
     903c6e61927803c2d592ac50fe9da6ce
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-299.i386.rpm
     e2abf9ccdc8191e7d2ace58e8a1b5b5a
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-299.nosrc.rpm
     622c85342dd84abd0400103902d05eed
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-299.src.rpm
     37916ea39febc4dd43fabfccce9322db
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-299.src.rpm
     0dde0e6758e42de5479e8776475ae76f
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-299.src.rpm
     523bef4e31fa67f078d5fcbdc426a4c0
   ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-299.src.rpm
     06a2a062a54764a30adae0b8ea40cb29



   Opteron x86_64 Platform:

   SuSE-9.1:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.75.x86_64.rpm
     1c878b1e29a9bea40547637b6a307b2d
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.75.x86_64.rpm
     16de3ee2390bb2b92f9fe50451d4f082
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.75.x86_64.rpm
     c310268daa83f18fcfd4cf19434f06e0
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.75.src.rpm
     2fed0a8f3936027261add7d1cbfa5341
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.75.nosrc.rpm
     9ad26d15566337c83273121390ea4e32
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.75.nosrc.rpm
     352951be42b3093efb0148320a6f4c27

   SuSE-9.0:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-226.x86_64.rpm
     ced9c66ffa28bf7e7c795781f92083fe
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-226.x86_64.rpm
     60539bc47e8cac0664ac5ca824d311e0
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-226.x86_64.rpm
     083aeedd2a88ccc2e00c8f66cd61b81c
   source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-226.src.rpm
     58c40a206f6f615daa3486fc6d6ade38
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-226.src.rpm
     1c234f6c0475680b41c644c575ff8ef6
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-226.src.rpm
     e9b90824615859405b1979793662bc0d

______________________________________________________________________________

2)  Pending vulnerabilities in SUSE Distributions and Workarounds:

   - icecast
   The icecast service is vulnerable to a remote denial-of-service
   attack. Update packages will be available soon.

   - sitecopy
   The sitecopy package includes a vulnerable version of the
   neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
   available soon.

   - cadaver
   The cadaver package includes a vulnerable version of the
   neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
   available soon.

   - OpenOffice_org
   The OpenOffice_org package includes a vulnerable version
   of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
   will be available soon.

   - tripwire
   A format string bug in tripwire can be exploited locally
   to gain root permissions. Update packages will be available soon.

    - postgresql
   A buffer overflow in psqlODBC could be exploited to crash the
   application using it. E.g. a PHP script that uses ODBC to access a
   PostgreSQL database can be utilized to crash the surrounding Apache
   web-server. Other parts of PostgreSQL are not affected.
   Update packages will be available soon.

   - lha
   Minor security fix for a buffer overflow while handling command
   line options. This buffer overflow could be exploited in conjunction
   with other mechanisms to gain higher privileges or access the system
   remotely.

   - XDM/XFree86
   This update resolves random listening to ports by XDM
   that allows to connect via the XDMCP. SUSE LINUX 9.1
   is affected only.
   New packages are currently being tested and will be
   available soon.

   - mod_proxy
   A buffer overflow can be triggered by malicious remote
   servers that return a negative Content-Length value.
   This vulnerability can be used to execute commands remotely
   New packages are currently being tested and will be
   available soon.

______________________________________________________________________________

3)  standard appendix: authenticity verification, additional information

 - Package authenticity verification:

   SUSE update packages are available on many mirror ftp servers around
   the world. While this service is considered valuable and important
   to the free and open source software community, many users wish to be
   certain as to be the origin of the package and its content before
   installing the package. There are two independent verification methods
   that can be used to prove the authenticity of a downloaded file or
   rpm package:
   1) md5sums as provided in the (cryptographically signed) announcement.
   2) using the internal gpg signatures of the rpm package.

   1) execute the command
       md5sum <name-of-the-file.rpm>
      after you have downloaded the file from a SUSE ftp server or its
      mirrors. Then, compare the resulting md5sum with the one that is
      listed in the announcement. Since the announcement containing the
      checksums is cryptographically signed (usually using the key
      security@suse.de), the checksums offer proof of the authenticity
      of the package.
      We recommend against subscribing to security lists which cause the
      email message containing the announcement to be modified so that
      the signature does not match after transport through the mailing
      list software.
      Downsides: You must be able to verify the authenticity of the
      announcement in the first place. If RPM packages are being rebuilt
      and a new version of a package is published on the ftp server, all
      md5 sums for the files are useless.

   2) rpm package signatures provide an easy way to verify the authenticity
      of an rpm package. Use the command
       rpm -v --checksig <file.rpm>
      to verify the signature of the package, where <file.rpm> is the
      filename of the rpm package that you have downloaded. Of course,
      package authenticity verification can only target an un-installed rpm
      package file.
      Prerequisites:
       a) gpg is installed
       b) The package is signed using a certain key. The public part of this
          key must be installed by the gpg program in the directory
          ~/.gnupg/ under the user's home directory who performs the
          signature verification (usually root). You can import the key
          that is used by SUSE in rpm packages for SUSE Linux by saving
          this announcement to a file ("announcement.txt") and
          running the command (do "su -" to be root):
           gpg --batch; gpg < announcement.txt | gpg --import
          SUSE Linux distributions version 7.1 and thereafter install the
          key "build@suse.de" upon installation or upgrade, provided that
          the package gpg is installed. The file containing the public key
          is placed at the top-level directory of the first CD (pubring.gpg)
          and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .


 - SUSE runs two security mailing lists to which any interested party may
   subscribe:

   suse-security@suse.com
       -   general/linux/SUSE security discussion.
           All SUSE security announcements are sent to this list.
           To subscribe, send an email to
               <suse-security-subscribe@suse.com>.

   suse-security-announce@suse.com
       -   SUSE's announce-only mailing list.
           Only SUSE's security announcements are sent to this list.
           To subscribe, send an email to
               <suse-security-announce-subscribe@suse.com>.

   For general information or the frequently asked questions (faq)
   send mail to:
       <suse-security-info@suse.com> or
       <suse-security-faq@suse.com> respectively.

   =====================================================================
   SUSE's security contact is <security@suse.com> or <security@suse.de>.
   The <security@suse.de> public key is listed below.
   =====================================================================
______________________________________________________________________________

   The information in this advisory may be distributed or reproduced,
   provided that the advisory is not modified in any way. In particular,
   it is desired that the clear-text signature must show proof of the
   authenticity of the text.
   SUSE Linux AG makes no warranties of any kind whatsoever with respect
   to the information contained in this security advisory.

Type Bits/KeyID    Date       User ID
pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X

11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iQEVAwUBQNBTgney5gA9JdPZAQHB7Af/XRy01sYB1rDi0L+TwlQtW4nr4vwrJTOt
6pA/M+oNsW0SUPK3kCcN+v7mvuIrA69c1VZeYgfI4/dy0bdMntcVkOliikn0+m0i
e2SvKYY+/KC8wZaUIrKFbH4PA0Gdf40GmNVj4uq5KdwohJLGQDTa8eguiYocMjXv
E8QAdGTaPXEBGz8Ode6YMYAbauHbWXip9x6TyQ7NgiQ4mylabmmw8AUebVyM4oWS
a28uoT8nWPu+BwYNW0zt26clPhLvmHWFpIpqyaWERaWMuCrFHwlc753B2PCOVdnm
Yj/ugqlkkGRysclITz3WFbUGUKtd91AdZAEK6l+MxkuqRDZmNUYgHw==
=q9W1
-----END PGP SIGNATURE-----

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Trustix Secure Linux

Notified:  June 16, 2004 Updated:  June 16, 2004

Status

  Vulnerable

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2004-0034

Package name:      kernel
Summary:           Local DoS
Date:              2004-06-16
Affected versions: Trustix Secure Linux 2.0
                  Trustix Secure Linux 2.1
                  Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
 The kernel package contains the Linux kernel (vmlinuz), the core of your
 Trustix Secure Linux operating system.  The kernel handles the basic
 functions of the operating system:  memory allocation, process allocation,
 device input and output, etc.

Problem description:
 A flaw was by accident discovered by Stian Skjelstad when he was doing
 some code tests during vacation. He was quite surprised when I discovered
 that the code he was trying froze his machine. He reported it to the
 Linux-kernel mailing list and the gcc bugzilla 2004-06-09.

 See CAN-2004-0554 at http://cve.mitre.org/ for more information.


Action:
 We recommend that all systems with this package installed be upgraded.
 Please note that if you do not need the functionality provided by this
 package, you may want to remove it from your system.


Location:
 All Trustix Secure Linux updates are available from
 <URI:http://http.trustix.org/pub/trustix/updates/>
 <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
 Trustix Secure Linux is a small Linux distribution for servers. With focus
 on security and stability, the system is painlessly kept safe and up to
 date from day one using swup, the automated software updater.


Automatic updates:
 Users of the SWUP tool can enjoy having updates automatically
 installed using 'swup --upgrade'.


Public testing:
 Most updates for Trustix Secure Linux are made available for public
 testing some time before release.
 If you want to contribute by testing the various packages in the
 testing tree, please feel free to share your findings on the
 tsl-discuss mailinglist.
 The testing tree is located at
 <URI:http://tsldev.trustix.org/horizon/>

 You may also use swup for public testing of updates:
 
 site {
     class = 0
     location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
     regexp = ".*"
 }
 

Questions?
 Check out our mailing lists:
 <URI:http://www.trustix.org/support/>


Verification:
 This advisory along with all Trustix packages are signed with the
 TSL sign key.
 This key is available from:
 <URI:http://www.trustix.org/TSL-SIGN-KEY>

 The advisory itself is available from the errata pages at
 <URI:http://www.trustix.org/errata/trustix-2.0/> and
 <URI:http://www.trustix.org/errata/trustix-2.1/>
 or directly at
 <URI:http://www.trustix.org/errata/2004/0034>


MD5sums of the packages:
- --------------------------------------------------------------------------
4eeda04ede3e7538c560d78db0087abf  2.1/rpms/kernel-2.4.26-2tr.i586.rpm
f116f17ce723574940cf5653e24b189b  2.1/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
beb2d9638544bbe1e3d3d4c4f3bc0841  2.1/rpms/kernel-doc-2.4.26-2tr.i586.rpm
1da3f4c3c5489ad6441c1deb77ade460  2.1/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
33a3d2cc288d8feca38bf723a532d5fc  2.1/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
2eca74fa29f9ab94400c3b660f1cb7d4  2.1/rpms/kernel-smp-2.4.26-2tr.i586.rpm
87d8729ae10b644fd4293028064b4449  2.1/rpms/kernel-source-2.4.26-2tr.i586.rpm
5e79ec0c2f39096258f277b6c9742010  2.1/rpms/kernel-utils-2.4.26-2tr.i586.rpm
19085e9447cf6c6e442dc7b5cce2741d  2.0/rpms/kernel-2.4.26-2tr.i586.rpm
65a65ef1e6387ff9d1c00f4775baf824  2.0/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm
cfe247f0b22f9f9964ad192610030429  2.0/rpms/kernel-doc-2.4.26-2tr.i586.rpm
be9eaf3ea57f93f12732927230014e5d  2.0/rpms/kernel-firewall-2.4.26-2tr.i586.rpm
7ac9ad8333acd85d59337ab963021c95  2.0/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm
ff07e3390ca40209e1a3e8cd4b5b6d3a  2.0/rpms/kernel-smp-2.4.26-2tr.i586.rpm
5216d7c88b49b6f4588ff68ca15a9bc5  2.0/rpms/kernel-source-2.4.26-2tr.i586.rpm
5881e9c49f504248ccdb983430f3d3cf  2.0/rpms/kernel-utils-2.4.26-2tr.i586.rpm
24ea881f70d85501dde7b0bd280db86b  e2/kernel-2.4.26-2tr.i586.rpm
b19ab411d3ecb4033b828a1dbd8b7d6e  e2/kernel-BOOT-2.4.26-2tr.i586.rpm
86bf9bee49f8aca7220c1be1fa085bc6  e2/kernel-doc-2.4.26-2tr.i586.rpm
2ae2ddcca0440e2a7995208500b05b88  e2/kernel-firewall-2.4.26-2tr.i586.rpm
53b6077acf13c8c1ae2358ad078b1710  e2/kernel-firewallsmp-2.4.26-2tr.i586.rpm
7ad7e859f539438ca7ada4ed0b12ea76  e2/kernel-smp-2.4.26-2tr.i586.rpm
2719c667ccbeabd5e40eadc747663ad3  e2/kernel-source-2.4.26-2tr.i586.rpm
c340c5b408699be1d6d44a2d9b9211c8  e2/kernel-utils-2.4.26-2tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFA0DFii8CEzsK9IksRAteIAJ97XC+eJOVpi/AVkvkk9W9O2byoGgCfYxMo
K4oBAeXOexvaNTo652IzAnA=
=7CnB
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Apple Computer Inc.

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Not Vulnerable

Vendor Statement

Apple products are not affected by the issue reported in Vulnerability Note VU#973654.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

BSDI

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cray Inc.

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Debian

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

EMC Corporation

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

FreeBSD

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fujitsu

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hewlett-Packard Company

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hitachi

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM eServer

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ingrian Networks

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Juniper Networks

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MontaVista Software

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NEC Corporation

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NetBSD

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nokia

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Novell

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenBSD

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Openwall GNU/*/Linux

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SGI

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sequent

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sony Corporation

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sun Microsystems Inc.

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

The SCO Group (SCO Linux)

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

The SCO Group (SCO UnixWare)

Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TurboLinux

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Unisys

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Wind River Systems Inc.

Notified:  June 15, 2004 Updated:  June 16, 2004

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Credit

This vulnerability was discovered by Stian Skjelstad.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs: CVE-2004-0554
Severity Metric: 11.81
Date Public: 2004-06-14
Date First Published: 2004-06-15
Date Last Updated: 2004-08-23 17:54 UTC
Document Revision: 21

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.