Patch  oval:com.redhat.rhsa:def:20050366
RHSA-2005:366: kernel security update (Important)  

The Linux kernel handles the basic functions of the operating system.
A flaw in the fib_seq_start function was discovered. A local user could use this flaw to cause a denial of service (system crash) via /proc/net/route. (CAN-2005-1041)
A flaw in the tmpfs file system was discovered. A local user could use this flaw to cause a denial of service (system crash). (CAN-2005-0977)
An integer overflow flaw was found when writing to a sysfs file. A local user could use this flaw to overwrite kernel memory, causing a denial of service (system crash) or arbitrary code execution. (CAN-2005-0867)
Keith Owens reported a flaw in the Itanium unw_unwind_to_user function. A local user could use this flaw to cause a denial of service (system crash) on Itanium architectures. (CAN-2005-0135)
A flaw in the NFS client O_DIRECT error case handling was discovered. A local user could use this flaw to cause a denial of service (system crash). (CAN-2005-0207)
A small memory leak when defragmenting local packets was discovered that affected the Linux 2.6 kernel netfilter subsystem. A local user could send a large number of carefully crafted fragments leading to memory exhaustion (CAN-2005-0210)
A flaw was discovered in the Linux PPP driver. On systems allowing remote users to connect to a server using ppp, a remote client could cause a denial of service (system crash). (CAN-2005-0384)
A flaw was discovered in the ext2 file system code. When a new directory is created, the ext2 block written to disk is not initialized, which could lead to an information leak if a disk image is made available to unprivileged users. (CAN-2005-0400)
A flaw in fragment queuing was discovered that affected the Linux kernel netfilter subsystem. On systems configured to filter or process network packets (e.g. firewalling), a remote attacker could send a carefully crafted set of fragmented packets to a machine and cause a denial of service (system crash). In order to sucessfully exploit this flaw, the attacker would need to know or guess some aspects of the firewall ruleset on the target system. (CAN-2005-0449)
A number of flaws were found in the Linux 2.6 kernel. A local user could use these flaws to read kernel memory or cause a denial of service (crash). (CAN-2005-0529, CAN-2005-0530, CAN-2005-0531)
An integer overflow in sys_epoll_wait in eventpoll.c was discovered. A local user could use this flaw to overwrite low kernel memory. This memory is usually unused, not usually resulting in a security consequence. (CAN-2005-0736)
A flaw when freeing a pointer in load_elf_library was discovered. A local user could potentially use this flaw to cause a denial of service (crash). (CAN-2005-0749)
A flaw was discovered in the bluetooth driver system. On systems where the bluetooth modules are loaded, a local user could use this flaw to gain elevated (root) privileges. (CAN-2005-0750)
A race condition was discovered that affected the Radeon DRI driver. A local user who has DRI privileges on a Radeon graphics card may be able to use this flaw to gain root privileges. (CAN-2005-0767)
Multiple range checking flaws were discovered in the iso9660 file system handler. An attacker could create a malicious file system image which would cause a denial or service or potentially execute arbitrary code if mounted. (CAN-2005-0815)
A flaw was discovered when setting line discipline on a serial tty. A local user may be able to use this flaw to inject mouse movements or keystrokes when another user is logged in. (CAN-2005-0839)
Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
Please note that
Create Date: 2005-04-19 Last Update Date: 2005-08-09

Affected Platforms/Products

Affected Products (CPE + CVE references)
Platforms: unix (from OVAL definitions)
  • Red Hat Enterprise Linux 4

References

Total : 37 Click here to view references

Criteria

The patch should be installed
IF : All of the following are true
IF : Red Hat Enterprise Linux 4 is installed
Linux : RPM Test :  Red Hat Enterprise Linux 4 is installed 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030315001 (Object depth limit may be exceeded) !!!
version pattern match ^4[^\d]
linux : rpminfo_state 
IF : Any one of the following are true
IF : All of the following are true
IF : kernel-smp is signed with Red Hat master key
Linux : RPM Test :  kernel-smp is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416004 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : kernel-smp is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-smp is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416004 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : All of the following are true
IF : kernel-devel is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-devel is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092003 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : kernel-devel is signed with Red Hat master key
Linux : RPM Test :  kernel-devel is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092003 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : All of the following are true
IF : kernel-hugemem is signed with Red Hat master key
Linux : RPM Test :  kernel-hugemem is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416010 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : kernel-hugemem is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-hugemem is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416010 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : All of the following are true
IF : kernel-smp-devel is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-smp-devel is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092006 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : kernel-smp-devel is signed with Red Hat master key
Linux : RPM Test :  kernel-smp-devel is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092006 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : All of the following are true
IF : kernel-hugemem-devel is signed with Red Hat master key
Linux : RPM Test :  kernel-hugemem-devel is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092008 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : kernel-hugemem-devel is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-hugemem-devel is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20050092008 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : All of the following are true
IF : kernel is signed with Red Hat master key
Linux : RPM Test :  kernel is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416002 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : kernel is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416002 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 
IF : All of the following are true
IF : kernel-doc is signed with Red Hat master key
Linux : RPM Test :  kernel-doc is signed with Red Hat master key 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416007 (Object depth limit may be exceeded) !!!
signature_keyid equals 219180cddb42a60e
linux : rpminfo_state 
IF : kernel-doc is earlier than 0:2.6.9-5.0.5.EL
Linux : RPM Test :  kernel-doc is earlier than 0:2.6.9-5.0.5.EL 
At least one of the objects listed below must exist on the system (Existence check)
Unknown object oval:com.redhat.rhsa:obj:20030416007 (Object depth limit may be exceeded) !!!
RPM Version less than 0:2.6.9-5.0.5.EL (datatype=evr_string)
linux : rpminfo_state 

Quick Help

evr_string datatype
Represents epoch, version, and release number as a single version string
Other Help Topics
Data Types
What is an Object?
What is a State?
What is a Test?
Other Help Topics
Regular Expression Patterns
Some object or state definitions are defined as regular expression patterns, you should interpret the regexp pattern while evaluating them.

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html