English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2004-14
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 21 May 2004
 Last revised           : 24 May 2004

 Package : kernel

 Summary : Multiple vulnerabilities within the kernel

 More information :
    The kernel package contains the Linux kernel (vmlinuz), the core of your Linux operating system.

    - Real time clock (RTC) routines in Linux kernel does not properly initialize their structures,
      which could leak kernel data to user space.
    - The R128 driver has a vulnerability.
    - Stack-based buffer overflow in the ncp_lookup function for ncpfs in kernel.
    - Buffer overflow in the ISO9660 file system component for Linux kernel.
    - The OSS code for the Sound Blaster driver in Linux 2.4.x does not properly handle certain sample sizes,
      which allows local users to cause a denial of service (crash).
    - The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written
      to the device for an ext3 file system, which allows local users to obtain sensitive information by
      reading the raw device. 
    - A "potential" buffer overflow exists in the panic() function in kernel.
    - The do_fork function in Linux 2.4.x and 2.6.x does not properly decrement the mm_count counter
      when an error occurs after the mm_struct for a child process has been activated,
      which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion).

 Impact :
    The vulnerabilities may allow an attacker to cause a denial of
    service to the kernel and gain sensitive information from your system. 

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 # turboupdate

 # turbopkg

 # zabom update kernel kernel-BOOT kernel-doc kernel-headers \
                kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   kernel-2.4.25-3.src.rpm
     36845560 43f987c9ba58bef4d2052d517bae91a3

   Binary Packages
   Size : MD5

   kernel-2.4.25-3.i586.rpm
     13768395 961cb1242dc89e6b815cece76aecfe42
   kernel-BOOT-2.4.25-3.i586.rpm
      6894271 f2ed3e7abd7cba9d90a50a8996aa8115
   kernel-doc-2.4.25-3.i586.rpm
      1573387 4d5f79df18f678771d1a8470d21810e0
   kernel-headers-2.4.25-3.i586.rpm
      1986966 7c265f85713748fc7fd20df340c8d7ee
   kernel-pcmcia-cs-2.4.25-3.i586.rpm
       365681 f74d9b0d52602a69df8825831d92edca
   kernel-smp-2.4.25-3.i586.rpm
     14161425 9cc5b89c2f126904a2cca9ebd7700531
   kernel-smp64G-2.4.25-3.i586.rpm
     14139065 65dcf2069df77cd6ecd74b234187df8a
   kernel-source-2.4.25-3.i586.rpm
     27434031 a965e854d02602e541b26409e4d1d244

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   kernel-2.4.25-3.src.rpm
     36845560 43f987c9ba58bef4d2052d517bae91a3

   Binary Packages
   Size : MD5

   kernel-2.4.25-3.i586.rpm
     13768395 961cb1242dc89e6b815cece76aecfe42
   kernel-BOOT-2.4.25-3.i586.rpm
      6894271 f2ed3e7abd7cba9d90a50a8996aa8115
   kernel-doc-2.4.25-3.i586.rpm
      1573387 4d5f79df18f678771d1a8470d21810e0
   kernel-headers-2.4.25-3.i586.rpm
      1986966 7c265f85713748fc7fd20df340c8d7ee
   kernel-pcmcia-cs-2.4.25-3.i586.rpm
       365681 f74d9b0d52602a69df8825831d92edca
   kernel-smp-2.4.25-3.i586.rpm
     14161425 9cc5b89c2f126904a2cca9ebd7700531
   kernel-smp64G-2.4.25-3.i586.rpm
     14139065 65dcf2069df77cd6ecd74b234187df8a
   kernel-source-2.4.25-3.i586.rpm
     27434031 a965e854d02602e541b26409e4d1d244

 <Turbolinux 10 Desktop>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/kernel-2.6.0-8.src.rpm
     47387817 b0e9f3c652a6692b6d4741cd2e539453

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-2.6.0-8.i586.rpm
     13148949 99104a31b0a0d5c71028a76d8bd00ad9
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-doc-2.6.0-8.i586.rpm
      1662274 c2db44905b2022da855158cd38f0de33
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-extramodules-2.6.0-8.i586.rpm
      2965265 69554343ca7d2a30a9636bd5255b0b45
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-headers-2.6.0-8.i586.rpm
      1753842 9d31c7f0e6a0a075a6bc6bc5f4ce20c7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-pcmcia-cs-2.6.0-8.i586.rpm
       315306 495778a6eb08807ce19ec0a7e3dae0db
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-smp-2.6.0-8.i586.rpm
     13768557 2361cbb154eb9aa3eaac8531fe6f3ed8
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kernel-source-2.6.0-8.i586.rpm
     28488662 0a9026a322b4706f1778c27cae6e199a

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/kernel-2.4.18-19.src.rpm
     42490854 5761fc3d88ea02e8a9f4df3df14bcf23

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-2.4.18-19.i586.rpm
     14113738 2d76e70834488d6f50d66a9afa1f597a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-BOOT-2.4.18-19.i586.rpm
      7155061 bd1dd1d261efa45d5ceaf82053236c8f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-doc-2.4.18-19.i586.rpm
      1458658 979a80fd18e5aec2fd1c5f5b31f90e0a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-headers-2.4.18-19.i586.rpm
      1823440 88f3e57e5b28a482bca32b77c36767d4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-19.i586.rpm
       330265 a0484c72d42f1b915201932daea34627
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp-2.4.18-19.i586.rpm
     14622675 a9939b840cd5d091ca04c8b4e10b2990
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp64G-2.4.18-19.i586.rpm
     14606327 a8ea380db63bef81b78b37bd66cd23b7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-source-2.4.18-19.i586.rpm
     26627664 99fc6ae43a40a3257e63e7f09853f681
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/images/dd/README.dd040520
          687 aa2f0160e7b01e2763002ad945c52ade
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/images/dd/dd040520.img
      1474560 e8ab7546a77c21ea8d5c79b9a396c5c3

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/kernel-2.4.18-19.src.rpm
     42490854 5761fc3d88ea02e8a9f4df3df14bcf23

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-2.4.18-19.i586.rpm
     14113738 2d76e70834488d6f50d66a9afa1f597a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-BOOT-2.4.18-19.i586.rpm
      7155061 bd1dd1d261efa45d5ceaf82053236c8f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-doc-2.4.18-19.i586.rpm
      1458658 979a80fd18e5aec2fd1c5f5b31f90e0a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-headers-2.4.18-19.i586.rpm
      1823440 88f3e57e5b28a482bca32b77c36767d4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-19.i586.rpm
       330265 a0484c72d42f1b915201932daea34627
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp-2.4.18-19.i586.rpm
     14622675 a9939b840cd5d091ca04c8b4e10b2990
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp64G-2.4.18-19.i586.rpm
     14606327 a8ea380db63bef81b78b37bd66cd23b7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-source-2.4.18-19.i586.rpm
     26627664 99fc6ae43a40a3257e63e7f09853f681

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/kernel-2.4.18-19.src.rpm
     42490854 5761fc3d88ea02e8a9f4df3df14bcf23

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-2.4.18-19.i586.rpm
     14113738 2d76e70834488d6f50d66a9afa1f597a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-BOOT-2.4.18-19.i586.rpm
      7155061 bd1dd1d261efa45d5ceaf82053236c8f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-doc-2.4.18-19.i586.rpm
      1458658 979a80fd18e5aec2fd1c5f5b31f90e0a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-headers-2.4.18-19.i586.rpm
      1823440 88f3e57e5b28a482bca32b77c36767d4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-19.i586.rpm
       330265 a0484c72d42f1b915201932daea34627
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp-2.4.18-19.i586.rpm
     14622675 a9939b840cd5d091ca04c8b4e10b2990
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp64G-2.4.18-19.i586.rpm
     14606327 a8ea380db63bef81b78b37bd66cd23b7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-source-2.4.18-19.i586.rpm
     26627664 99fc6ae43a40a3257e63e7f09853f681

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/kernel-2.4.18-19.src.rpm
     42490854 5761fc3d88ea02e8a9f4df3df14bcf23

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-2.4.18-19.i586.rpm
     14113738 2d76e70834488d6f50d66a9afa1f597a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-BOOT-2.4.18-19.i586.rpm
      7155061 bd1dd1d261efa45d5ceaf82053236c8f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-doc-2.4.18-19.i586.rpm
      1458658 979a80fd18e5aec2fd1c5f5b31f90e0a
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-headers-2.4.18-19.i586.rpm
      1823440 88f3e57e5b28a482bca32b77c36767d4
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-19.i586.rpm
       330265 a0484c72d42f1b915201932daea34627
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp-2.4.18-19.i586.rpm
     14622675 a9939b840cd5d091ca04c8b4e10b2990
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp64G-2.4.18-19.i586.rpm
     14606327 a8ea380db63bef81b78b37bd66cd23b7
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-source-2.4.18-19.i586.rpm
     26627664 99fc6ae43a40a3257e63e7f09853f681


 Notice : You have to reboot your system after this update is finished.

   kernel-2.4.25-3    CAN-2004-0010CAN-2004-0394CAN-2004-0427
   kernel-2.6.0-8     CAN-2004-0109CAN-2004-0427
   kernel-2.4.18-19   CAN-2003-0984CAN-2004-0003CAN-2004-0010CAN-2004-0109
                      CAN-2004-0178CAN-2004-0181CAN-2004-0394CAN-2004-0427

   [README.dd040520]
   ----------------------------------------------------------------------
   Driver disk for TL8 Server (kernel-2.4.18-5)

   At installer boot prompt, please type dd and press enter.
   boot: dd

   megaraid2:  Ver.2.10.3 support PERC4E(Si,Di,DC,SC) MegaRAID SATA-150
   bcm5700:    Ver.7.1.22 support 5901, 5705F and 5704 B0 step
   bcm4400:    Ver.3.0.7 support 4401 B0 step, no support smp64G
   aic79xx:    Ver.1.3.10, many new devices support
   aacraid:    Ver.1.1.3, support SATA RAIDs
   e100:       Ver.2.3.40, support 82541 and 82547(ICH5 CSA)
   e1000:      Ver.5.2.39, many new devices support
   ips:        Ver.7.00.15, support ServeRAID ServeRAID 7t/k/M
   cciss:      Ver.2.4.50, support HP SA 6400 U320 Expansion Module/ 6i
   mptscsih:   Ver.2.05.11.03, supoort LSI1035
   aic7xxx:    Ver.6.2.36, add other detection IDs
   ----------------------------------------------------------------------

 References:

 CVE
  [CAN-2003-0984]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984
  [CAN-2004-0003]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0003
  [CAN-2004-0010]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0010
  [CAN-2004-0109]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0109
  [CAN-2004-0178]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0178
  [CAN-2004-0181]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0181
  [CAN-2004-0394]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394
  [CAN-2004-0427]
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0427


 --------------------------------------------------------------------------
 Revision History
    21 May 2004 Initial release
    24 May 2004 added Driver disk for Turbolinux 8 Server
 --------------------------------------------------------------------------

 Copyright(C) 2004 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAsfIXK0LzjOqIJMwRAmLOAKC9YuOsD/Q4Tfc+2/dpMuYzfTSVLACfSMgJ
mBx1agLvLdKSaOW++gUuSNA=
=vLSE
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.