From tsl@trustix.org Wed Jun 16 17:53:35 2004 From: Trustix Security Advisor To: bugtraq@securityfocus.com Date: Wed, 16 Jun 2004 13:54:21 +0200 Subject: TSLSA-2004-0034 - kernel -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Trustix Secure Linux Bugfix Advisory #2004-0034 Package name: kernel Summary: Local DoS Date: 2004-06-16 Affected versions: Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Trustix Operating System - Enterprise Server 2 - -------------------------------------------------------------------------- Package description: The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. Problem description: A flaw was by accident discovered by Stian Skjelstad when he was doing some code tests during vacation. He was quite surprised when I discovered that the code he was trying froze his machine. He reported it to the Linux-kernel mailing list and the gcc bugzilla 2004-06-09. See CAN-2004-0554 at http://cve.mitre.org/ for more information. Action: We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location: All Trustix Secure Linux updates are available from About Trustix Secure Linux: Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater. Automatic updates: Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Public testing: Most updates for Trustix Secure Linux are made available for public testing some time before release. If you want to contribute by testing the various packages in the testing tree, please feel free to share your findings on the tsl-discuss mailinglist. The testing tree is located at You may also use swup for public testing of updates: site { class = 0 location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf" regexp = ".*" } Questions? Check out our mailing lists: Verification: This advisory along with all Trustix packages are signed with the TSL sign key. This key is available from: The advisory itself is available from the errata pages at and or directly at MD5sums of the packages: - -------------------------------------------------------------------------- 4eeda04ede3e7538c560d78db0087abf 2.1/rpms/kernel-2.4.26-2tr.i586.rpm f116f17ce723574940cf5653e24b189b 2.1/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm beb2d9638544bbe1e3d3d4c4f3bc0841 2.1/rpms/kernel-doc-2.4.26-2tr.i586.rpm 1da3f4c3c5489ad6441c1deb77ade460 2.1/rpms/kernel-firewall-2.4.26-2tr.i586.rpm 33a3d2cc288d8feca38bf723a532d5fc 2.1/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm 2eca74fa29f9ab94400c3b660f1cb7d4 2.1/rpms/kernel-smp-2.4.26-2tr.i586.rpm 87d8729ae10b644fd4293028064b4449 2.1/rpms/kernel-source-2.4.26-2tr.i586.rpm 5e79ec0c2f39096258f277b6c9742010 2.1/rpms/kernel-utils-2.4.26-2tr.i586.rpm 19085e9447cf6c6e442dc7b5cce2741d 2.0/rpms/kernel-2.4.26-2tr.i586.rpm 65a65ef1e6387ff9d1c00f4775baf824 2.0/rpms/kernel-BOOT-2.4.26-2tr.i586.rpm cfe247f0b22f9f9964ad192610030429 2.0/rpms/kernel-doc-2.4.26-2tr.i586.rpm be9eaf3ea57f93f12732927230014e5d 2.0/rpms/kernel-firewall-2.4.26-2tr.i586.rpm 7ac9ad8333acd85d59337ab963021c95 2.0/rpms/kernel-firewallsmp-2.4.26-2tr.i586.rpm ff07e3390ca40209e1a3e8cd4b5b6d3a 2.0/rpms/kernel-smp-2.4.26-2tr.i586.rpm 5216d7c88b49b6f4588ff68ca15a9bc5 2.0/rpms/kernel-source-2.4.26-2tr.i586.rpm 5881e9c49f504248ccdb983430f3d3cf 2.0/rpms/kernel-utils-2.4.26-2tr.i586.rpm 24ea881f70d85501dde7b0bd280db86b e2/kernel-2.4.26-2tr.i586.rpm b19ab411d3ecb4033b828a1dbd8b7d6e e2/kernel-BOOT-2.4.26-2tr.i586.rpm 86bf9bee49f8aca7220c1be1fa085bc6 e2/kernel-doc-2.4.26-2tr.i586.rpm 2ae2ddcca0440e2a7995208500b05b88 e2/kernel-firewall-2.4.26-2tr.i586.rpm 53b6077acf13c8c1ae2358ad078b1710 e2/kernel-firewallsmp-2.4.26-2tr.i586.rpm 7ad7e859f539438ca7ada4ed0b12ea76 e2/kernel-smp-2.4.26-2tr.i586.rpm 2719c667ccbeabd5e40eadc747663ad3 e2/kernel-source-2.4.26-2tr.i586.rpm c340c5b408699be1d6d44a2d9b9211c8 e2/kernel-utils-2.4.26-2tr.i586.rpm - -------------------------------------------------------------------------- Trustix Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFA0DFii8CEzsK9IksRAteIAJ97XC+eJOVpi/AVkvkk9W9O2byoGgCfYxMo K4oBAeXOexvaNTo652IzAnA= =7CnB -----END PGP SIGNATURE-----