7321207 2001-10-18 17:11 -0600  /357 rader/ Support Info <supinfo@caldera.com>
Sänt av: joel@lysator.liu.se
Importerad: 2001-10-19  06:21  av Brevbäraren
Extern mottagare: announce@lists.caldera.com
Extern mottagare: bugtraq@securityfocus.com
Extern mottagare: linux-security@redhat.com
Extern mottagare: linuxlist@securityportal.com
Mottagare: Bugtraq (import) <19496>
Ärende: Security Update: [CSSA-2001-036.0] Linux - Several Linux Kernel Security Problems
------------------------------------------------------------
From: Support Info <supinfo@caldera.com>
To: announce@lists.caldera.com, bugtraq@securityfocus.com,
 linux-security@redhat.com, linuxlist@securityportal.com
Message-ID: <20011018171127.A14055@phoenix.calderasystems.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera International, Inc.  Security Advisory

Subject:		Linux - several linux kernel security problems
Advisory number: 	CSSA-2001-036.0
Issue date: 		2001, October 18
Cross reference:
______________________________________________________________________________


1. Problem Description

   Yet another ptrace race condition has been found which allows local
   attackers to get access to the root account. 

   Also, a local attacker can use a recursive symlink structure setup
   to effectively cause all filesystem actions to hang for an infinite
   amount of time.

   The IPTABLES implementation in the 2.4 kernel also had a problem in
   the RELATED connection handling of the ip_conntrack_module which is
   fixed by the supplied packages.


2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux 2.3                 All packages previous to      
                                 linux-2.2.10-13 
   
   OpenLinux eServer 2.3.1       All packages previous to      
   and OpenLinux eBuilder        linux-2.2.14-12S
   
   OpenLinux eDesktop 2.4        All packages previous to      
  				 linux-2.2.14-8                                           
   OpenLinux Server 3.1          All packages previous to      
                                 linux-2.4.2-13S 
   
   OpenLinux Workstation 3.1     All packages previous to      
                                 linux-2.4.2-13D 
   


3. Solution

   Workaround

     none

   The proper solution is to upgrade to the latest packages.

4. OpenLinux 2.3

    4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

   32c753ec6dadc0f17aa1f8816c639258
   linux-kernel-binary-2.2.10-13.i386.rpm
   658484d165b5aa98abe0a8ccc3b413b9
   linux-kernel-doc-2.2.10-13.i386.rpm
   be8f85ee1d99495302b9b80db3a906f7
   linux-kernel-include-2.2.10-13.i386.rpm
   ca9cc1518d899208659fae690c4ef79a
   linux-source-alpha-2.2.10-13.i386.rpm
   41bb1351cd4db90a1958852637ffd764
   linux-source-arm-2.2.10-13.i386.rpm
   e85e1efc352d6fd2475e0b5ca466fe2f
   linux-source-common-2.2.10-13.i386.rpm
   717b44fa64a521312d6dbc961a72541e
   linux-source-i386-2.2.10-13.i386.rpm
   1fef2cc0899f4bfebc47b88524284496
   linux-source-m68k-2.2.10-13.i386.rpm
   84833d03056c2c680a24913f5e3797f7
   linux-source-mips-2.2.10-13.i386.rpm
   2475e6c69ecd2e2917b50b951b9eca6b
   linux-source-ppc-2.2.10-13.i386.rpm
   2b5714eb6ff0397e5fba9f23e2bb1ef7
   linux-source-sparc-2.2.10-13.i386.rpm
   5cd6a57d8ede20fda0fb88834c7360b4
   linux-source-sparc64-2.2.10-13.i386.rpm
   cbde8a50017727fff85603aae5c53db7  pcmcia-cs-3.0.14-4.i386.rpm
   c97ea2d01d25eaa772e4097967bc6b7f  linux-2.2.10-13.src.rpm
   ccc40c5a90dae7ac0608fa4587aaf074  pcmcia-cs-3.0.14-4.src.rpm
       
   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh --force linux-kernel-binary-2.2.10-13.i386.rpm \
              linux-kernel-doc-2.2.10-13.i386.rpm \
              linux-kernel-include-2.2.10-13.i386.rpm \
              linux-source-alpha-2.2.10-13.i386.rpm \
              linux-source-arm-2.2.10-13.i386.rpm \
              linux-source-common-2.2.10-13.i386.rpm \
              linux-source-i386-2.2.10-13.i386.rpm \
              linux-source-m68k-2.2.10-13.i386.rpm \
              linux-source-mips-2.2.10-13.i386.rpm \
              linux-source-ppc-2.2.10-13.i386.rpm \
              linux-source-sparc-2.2.10-13.i386.rpm \
              linux-source-sparc64-2.2.10-13.i386.rpm \
              pcmcia-cs-3.0.14-4.i386.rpm
         
       Please reboot to activate fixes.
       
5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0

    5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS

   5.2 Verification

   b8a6089505a26cde57351690d7c6fe16
   linux-kernel-binary-2.2.14-12S.i386.rpm
   3b6226cc2be698ff5399962b53c65f19
   linux-kernel-doc-2.2.14-12S.i386.rpm
   63ce75c07a9cad64cb27660885c12747
   linux-kernel-include-2.2.14-12S.i386.rpm
   9ad03cc52cc534f200b6148bfabe2caf
   linux-source-alpha-2.2.14-12S.i386.rpm
   ecdb11e2b8dd146dd67a08a27674a1d4
   linux-source-arm-2.2.14-12S.i386.rpm
   b1be6a17c6c2a455b550cf70ac1a52b3
   linux-source-common-2.2.14-12S.i386.rpm
   bf281540084025a7d845483536454670
   linux-source-i386-2.2.14-12S.i386.rpm
   cfab27a2ef42dc18bbb45e5f46dc78de
   linux-source-m68k-2.2.14-12S.i386.rpm
   63e723100db1117a9c3ed6539c388bcf
   linux-source-mips-2.2.14-12S.i386.rpm
   395d7553fbb15c6024a73d211e2592f7
   linux-source-ppc-2.2.14-12S.i386.rpm
   4f47a4677747e6b4220bed3b5275c882
   linux-source-sparc-2.2.14-12S.i386.rpm
   48224275244e8ede28a26b31a854660f
   linux-source-sparc64-2.2.14-12S.i386.rpm
   225740b2d7268d79efc9ccaefe6a3b5c  pcmcia-cs-3.1.4-4.i386.rpm
   b7a5b6395147fe913557df93e7c7af68  linux-2.2.14-12S.src.rpm
   e8118ebaf2a937053d02bd1948fe5461  pcmcia-cs-3.1.4-4.src.rpm
       

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh linux-kernel-binary-2.2.14-12S.i386.rpm \
              linux-kernel-doc-2.2.14-12S.i386.rpm \
              linux-kernel-include-2.2.14-12S.i386.rpm \
              linux-source-alpha-2.2.14-12S.i386.rpm \
              linux-source-arm-2.2.14-12S.i386.rpm \
              linux-source-common-2.2.14-12S.i386.rpm \
              linux-source-i386-2.2.14-12S.i386.rpm \
              linux-source-m68k-2.2.14-12S.i386.rpm \
              linux-source-mips-2.2.14-12S.i386.rpm \
              linux-source-ppc-2.2.14-12S.i386.rpm \
              linux-source-sparc-2.2.14-12S.i386.rpm \
              linux-source-sparc64-2.2.14-12S.i386.rpm \
              pcmcia-cs-3.1.4-4.i386.rpm
         
       Please reboot to activate fixes.


6. OpenLinux eDesktop 2.4

    6.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS

   6.2 Verification

   1a36056ca0abe8942fa78b5358e7a613  hwprobe-20000214-5.i386.rpm
   a7e75d7133ee094e1c30695b58382414  iBCS-2.1-11.i386.rpm
   fd002d7ec09fc9acea25db34d4f440aa
   linux-kernel-binary-2.2.14-8.i386.rpm
   6a8e1752508e78e75d5ba0cc885aeeb5
   linux-kernel-doc-2.2.14-8.i386.rpm
   a59bbd344ce23efbca734f66b98dba9c
   linux-kernel-include-2.2.14-8.i386.rpm
   897a5b1626477aa870a4ccdff523e0d6
   linux-source-alpha-2.2.14-8.i386.rpm
   ec76c541c835a14dd0d64d8b61d8161d
   linux-source-arm-2.2.14-8.i386.rpm
   0863df1fef0ccca6e1d4453885efcd53
   linux-source-common-2.2.14-8.i386.rpm
   1848e2d677d8f0a33bbce5bf0aba7632
   linux-source-i386-2.2.14-8.i386.rpm
   63b420df19c35e9259d6b750fd115dee
   linux-source-m68k-2.2.14-8.i386.rpm
   019acea7a54afece45107d0b1e8e251c
   linux-source-mips-2.2.14-8.i386.rpm
   65596e7ae3fbf7ed5e359e82ca5afabf
   linux-source-ppc-2.2.14-8.i386.rpm
   ae2456ef0760bb141a94d176bea8e0e1
   linux-source-sparc-2.2.14-8.i386.rpm
   98d6a63ce8724870d1c523fbdf564770
   linux-source-sparc64-2.2.14-8.i386.rpm
   7f902cf665550ced197f33d514fdf017  pcmcia-cs-3.1.8-4.i386.rpm
   d5ce976ed4ecbe6e0e79b3e5fad10b2b  hwprobe-20000214-5.src.rpm
   2edc7bd10bb616bd3491dcda25419e72  iBCS-2.1-11.src.rpm
   b0176aae4c7f634fe848eba57a18631f  linux-2.2.14-8.src.rpm
   0c35d5fd0362c31b907f1d609f0426c7  pcmcia-cs-3.1.8-4.src.rpm
       

   6.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

         rpm -Fvh hwprobe-20000214-5.i386.rpm iBCS-2.1-11.i386.rpm \
              linux-kernel-binary-2.2.14-8.i386.rpm \
              linux-kernel-doc-2.2.14-8.i386.rpm \
              linux-kernel-include-2.2.14-8.i386.rpm \
              linux-source-alpha-2.2.14-8.i386.rpm \
              linux-source-arm-2.2.14-8.i386.rpm \
              linux-source-common-2.2.14-8.i386.rpm \
              linux-source-i386-2.2.14-8.i386.rpm \
              linux-source-m68k-2.2.14-8.i386.rpm \
              linux-source-mips-2.2.14-8.i386.rpm \
              linux-source-ppc-2.2.14-8.i386.rpm \
              linux-source-sparc-2.2.14-8.i386.rpm \
              linux-source-sparc64-2.2.14-8.i386.rpm \
              pcmcia-cs-3.1.8-4.i386.rpm
         
       Please reboot to activate fixes.

7. OpenLinux 3.1 Server

    7.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS

   7.2 Verification

   5161253d46349fff42067e5702a34dad
   linux-kernel-binary-2.4.2-13S.i386.rpm
   ec254ad980b0505afc084ba6df09c092
   linux-kernel-include-2.4.2-13S.i386.rpm
   63d9fb7e589def7b9532ab21b82622b3
   linux-source-alpha-2.4.2-13S.i386.rpm
   609904b41f2bb4292c82460bf5eec0e9
   linux-source-arm-2.4.2-13S.i386.rpm
   7ea16f6aaa07ec0521cd391e0dc5d514
   linux-source-common-2.4.2-13S.i386.rpm
   f63f020fd7a7f553c5d0c568ce2af5c2
   linux-source-i386-2.4.2-13S.i386.rpm
   a65443cf11bea4bb5b96e3bdf58fe1b8
   linux-source-ia64-2.4.2-13S.i386.rpm
   d2fc13e507eb0ea3e3efbeb7f997de36
   linux-source-m68k-2.4.2-13S.i386.rpm
   afda830d9544aacc7a2fd21b0e2a6c21
   linux-source-mips-2.4.2-13S.i386.rpm
   6fb7efb46e508eeb0026329c5b5ff3f4
   linux-source-ppc-2.4.2-13S.i386.rpm
   2c2be2906e6975ec275e358d7965c08b
   linux-source-s390-2.4.2-13S.i386.rpm
   270dec86a98cfb100d5f7d03041952c7
   linux-source-sparc-2.4.2-13S.i386.rpm
   7c649a68cb47f833c49ca8575a53c5b8
   linux-source-superH-2.4.2-13S.i386.rpm
   d78d52a8b036c023c5182a26d50a15aa  linux-2.4.2-13S.src.rpm
       

   7.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	 /sbin/modprobe loop
         rpm -Fvh linux-kernel-binary-2.4.2-13S.i386.rpm \
              linux-kernel-include-2.4.2-13S.i386.rpm \
              linux-source-alpha-2.4.2-13S.i386.rpm \
              linux-source-arm-2.4.2-13S.i386.rpm \
              linux-source-common-2.4.2-13S.i386.rpm \
              linux-source-i386-2.4.2-13S.i386.rpm \
              linux-source-ia64-2.4.2-13S.i386.rpm \
              linux-source-m68k-2.4.2-13S.i386.rpm \
              linux-source-mips-2.4.2-13S.i386.rpm \
              linux-source-ppc-2.4.2-13S.i386.rpm \
              linux-source-s390-2.4.2-13S.i386.rpm \
              linux-source-sparc-2.4.2-13S.i386.rpm \
              linux-source-superH-2.4.2-13S.i386.rpm
         
	 /sbin/depmod -a

       Please reboot to activate fixes.

8. OpenLinux 3.1 Workstation

    8.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS

       The corresponding source code package can be found at:

       ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS

   8.2 Verification

   44a4d5cf6ba18e3476f9d8c49f9b6a04
   linux-kernel-binary-2.4.2-13D.i386.rpm
   41f5b6310a6698ef04cb4991e5d7daf4
   linux-kernel-include-2.4.2-13D.i386.rpm
   e0452c8f2e6eaf32df13597c5099437a
   linux-source-alpha-2.4.2-13D.i386.rpm
   b699082a6a539b677cabe7bb5000afe7
   linux-source-arm-2.4.2-13D.i386.rpm
   66927eef4dd9866d2ed500e61f552443
   linux-source-common-2.4.2-13D.i386.rpm
   ca948ee3d575a3ad188c31d9bbfca52f
   linux-source-i386-2.4.2-13D.i386.rpm
   43ce53295736902f1083fb54a55c38b1
   linux-source-ia64-2.4.2-13D.i386.rpm
   23bf17a23328ed04f2344de1aeb31321
   linux-source-m68k-2.4.2-13D.i386.rpm
   645f2554c0d10c342d476b88f64b793c
   linux-source-mips-2.4.2-13D.i386.rpm
   eebe1818d5d1aeeeb627f4187dd46852
   linux-source-ppc-2.4.2-13D.i386.rpm
   c78a13304eeedade4dfad8373da9f52e
   linux-source-s390-2.4.2-13D.i386.rpm
   33c67ff27fd860124956be11cd9f0c57
   linux-source-sparc-2.4.2-13D.i386.rpm
   c26bbc1c02b5746acab717e21075f378
   linux-source-superH-2.4.2-13D.i386.rpm
   062586fa561848495954969fd3f8bf73  linux-2.4.2-13D.src.rpm
       

   8.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	 /sbin/modprobe loop
         rpm -Fvh linux-kernel-binary-2.4.2-13D.i386.rpm \
              linux-kernel-include-2.4.2-13D.i386.rpm \
              linux-source-alpha-2.4.2-13D.i386.rpm \
              linux-source-arm-2.4.2-13D.i386.rpm \
              linux-source-common-2.4.2-13D.i386.rpm \
              linux-source-i386-2.4.2-13D.i386.rpm \
              linux-source-ia64-2.4.2-13D.i386.rpm \
              linux-source-m68k-2.4.2-13D.i386.rpm \
              linux-source-mips-2.4.2-13D.i386.rpm \
              linux-source-ppc-2.4.2-13D.i386.rpm \
              linux-source-s390-2.4.2-13D.i386.rpm \
              linux-source-sparc-2.4.2-13D.i386.rpm \
              linux-source-superH-2.4.2-13D.i386.rpm
         
	 /sbin/depmod -a

       Please reboot to activate fixes.

9. References

   This and other Caldera security resources are located at:

   http://www.caldera.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 10659,
   10660, 9821.


10. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through
   our security advisories. Our advisories are a service to our
   customers intended to promote secure installation and use of
   Caldera OpenLinux.

11. Acknowledgements

   Caldera International wishes to thank Rafal Wojtczuk for spotting
   and reporting these problems, and Solar Designer and Linus
   Torvalds for
   providing fixes.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7zuVL18sy83A/qfwRAjsYAJ45iDBCp7sAez5+OnYDj2vtbtg0/QCcC9/f
svO+WZ6We1enZrDIZPMpC+w=
=/J4T
-----END PGP SIGNATURE-----
(7321207) /Support Info <supinfo@caldera.com>/(Ombruten)