[SSA:2004-167-01] kernel DoS
New kernel packages are available for Slackware 8.1, 9.0, 9.1,
and -current to fix a denial of service security issue. Without
a patch to asm-i386/i387.h, a local user can crash the machine.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
Here are the details from the Slackware 9.1 ChangeLog
Tue Jun 15 02:11:41 PDT 2004
patches/packages/kernel-ide-2.4.26-i486-3.tgz: Patched local DoS
(CAN-2004-0554). Without this patch to asm-i386/i387.h a local user
can crash the kernel.
(* Security fix *)
patches/packages/kernel-source-2.4.26-noarch-2.tgz: Patched local DoS
(CAN-2004-0554). The new patch can be found here, too:
patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz
(* Security fix *)
patches/kernels/*: Patched local DoS (CAN-2004-0554).
(* Security fix *)
Where to find the new packages
Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-ide-2.4.18-i386-6.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/kernel-source-2.4.18-noarch-7.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/kernels/
Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-ide-2.4.21-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kernel-source-2.4.21-noarch-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/kernels/
Updated packages for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-ide-2.4.26-i486-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/kernel-source-2.4.26-noarch-2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/kernels/
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-ide-2.4.26-i486-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-2.4.26-i386-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-2.4.26-noarch-4.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/kernels/
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-generic-2.6.6-i486-5.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-headers-2.6.6-i386-3.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-2.6.6/kernel-source-2.6.6-noarch-3.tgz
Just the patch for 2.4.x kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz
77d9eb0640f07df4167aaa53e0b42e2e CAN-2004-0554.i387.fnclex.diff.gz
Just the patch for 2.6.x kernels:
ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/source/linux-2.6.x/CAN-2004-0554.i387.fnclex.diff.gz
e453d64187eac2216bebf85d72449fcb CAN-2004-0554.i387.fnclex.diff.gz
MD5 signatures
Slackware 8.1 packages:
8bbced2d1f09d033de89ae5957427a25 kernel-ide-2.4.18-i386-6.tgz
050aa2dd8d38f0ba3de2fca621eb13c9 kernel-source-2.4.18-noarch-7.tgz
Slackware 9.0 packages:
21dbafdcf32d84c22daddc349a719420 kernel-ide-2.4.21-i486-4.tgz
56ca0fbf5778283a1d9a76a278cb7cf5 kernel-source-2.4.21-noarch-4.tgz
Slackware 9.1 packages:
614b79763721126939569f235d4524d6 kernel-ide-2.4.26-i486-3.tgz
43681f735928641a2b5fc786604bca77 kernel-source-2.4.26-noarch-2.tgz
Slackware -current packages:
7a19720356937bcc0f360b8b158a1419 kernel-ide-2.4.26-i486-4.tgz
c0d2d8b2977d5c86d100fe02a8c2681b kernel-headers-2.4.26-i386-3.tgz
8fbb66feb2d108baa6af6a895fc7f49a kernel-source-2.4.26-noarch-4.tgz
91ccc5ff7a5be15afdee86a60c6b408d kernel-generic-2.6.6-i486-5.tgz
bdcb17009e79bb375dad7fecdd7e60ae kernel-headers-2.6.6-i386-3.tgz
ed7c1e42f537414db8cd4dda8e2e9077 kernel-source-2.6.6-noarch-3.tgz
Installation instructions
Use upgradepkg to install the new packages.
After installing the kernel-ide package you will need to run lilo ('lilo'
at a command prompt) or create a new system boot disk ('makebootdisk'), and
reboot.
If desired, a kernel from the kernels/ directory may be used instead. For
example, to use the kernel in kernels/scsi.s/, you would copy it to the
boot directory like this:
cd kernels/scsi.s
cp bzImage /boot/vmlinuz-scsi.s-2.4.26
Create a symbolic link:
ln -sf /boot/vmlinuz-scsi.s-2.4.26 /boot/vmlinuz
Then, run 'lilo' or create a new system boot disk and reboot.
- ID
- SSA:2004-167-01
- Severity
- low
- Severity from
- CVE-2004-0554
- URL
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.612137
- Published
-
2004-06-15T17:53:26
(20 years ago) - Modified
-
2004-06-15T17:53:26
(20 years ago) - Rights
- Slackware Linux Security Team
- Other Advisories
GLSA-200407-02
VU:973654| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:slackbuild/slackware/kernel-source?arch=noarch&distro=slackware-current | slackware |
 kernel-source
|
< 2.4.26 | slackware-current | noarch | |
| Affected | pkg:slackbuild/slackware/kernel-source?arch=noarch&distro=slackware-current | slackware |
kernel-source
|
< 2.6.6 | slackware-current | noarch | |
| Affected | pkg:slackbuild/slackware/kernel-source?arch=noarch&distro=slackware-9.1 | slackware |
kernel-source
|
< 2.4.26 | slackware-9.1 | noarch | |
| Affected | pkg:slackbuild/slackware/kernel-source?arch=noarch&distro=slackware-9.0 | slackware |
kernel-source
|
< 2.4.21 | slackware-9.0 | noarch | |
| Affected | pkg:slackbuild/slackware/kernel-source?arch=noarch&distro=slackware-8.1 | slackware |
kernel-source
|
< 2.4.18 | slackware-8.1 | noarch | |
| Affected | pkg:slackbuild/slackware/kernel-ide?arch=i486&distro=slackware-current | slackware |
kernel-ide
|
< 2.4.26 | slackware-current | i486 | |
| Affected | pkg:slackbuild/slackware/kernel-ide?arch=i486&distro=slackware-9.1 | slackware |
kernel-ide
|
< 2.4.26 | slackware-9.1 | i486 | |
| Affected | pkg:slackbuild/slackware/kernel-ide?arch=i486&distro=slackware-9.0 | slackware |
kernel-ide
|
< 2.4.21 | slackware-9.0 | i486 | |
| Affected | pkg:slackbuild/slackware/kernel-ide?arch=i386&distro=slackware-8.1 | slackware |
kernel-ide
|
< 2.4.18 | slackware-8.1 | i386 | |
| Affected | pkg:slackbuild/slackware/kernel-headers?arch=i386&distro=slackware-current | slackware |
kernel-headers
|
< 2.4.26 | slackware-current | i386 | |
| Affected | pkg:slackbuild/slackware/kernel-headers?arch=i386&distro=slackware-current | slackware |
kernel-headers
|
< 2.6.6 | slackware-current | i386 | |
| Affected | pkg:slackbuild/slackware/kernel-generic?arch=i486&distro=slackware-current | slackware |
kernel-generic
|
< 2.6.6 | slackware-current | i486 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |