Red Hat Local Security Checks : RedHat Security Advisory RHSA-2004:017

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.51098

Category: Red Hat Local Security Checks

Title: RedHat Security Advisory RHSA-2004:017

Summary: NOSUMMARY

Description: Description:

The remote host is missing updates announced in
advisory RHSA-2004:017.

The Linux kernel handles the basic functions of the operating
system.

This is the first regular kernel update for Red Hat Enterprise
Linux version 3. It contains a new critical security fix, many
other bug fixes, several device driver updates, and numerous
performance and scalability enhancements.

On AMD64 systems, a fix was made to the eflags checking in
32-bit ptrace emulation that could have allowed local users
to elevate their privileges. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0001 to this issue.

Other bug fixes were made in the following kernel areas:
VM, NPTL, IPC, kernel timer, ext3, NFS, netdump, SCSI,
ACPI, several device drivers, and machine-dependent
support for the x86_64, ppc64, and s390 architectures.

The VM subsystem was improved to better handle extreme
loads and resource contention (such as might occur during
heavy database application usage). This has resulted in
a significantly reduced possibility of hangs, OOM kills,
and low-mem exhaustion.

Several NPTL fixes were made to resolve POSIX compliance
issues concerning process IDs and thread IDs. A section
in the Release Notes elaborates on a related issue with
file record locking in multi-threaded applications.

AMD64 kernels are now configured with NUMA support,
S390 kernels now have CONFIG_BLK_STATS enabled, and
DMA capability was restored in the IA64 agpgart driver.

The following drivers have been upgraded to new versions:

cmpci ------ 6.36
e100 ------- 2.3.30-k1
e1000 ------ 5.2.20-k1
ips -------- 6.10.52
megaraid --- v1.18k
megaraid2 -- v2.00.9

All Red Hat Enterprise Linux 3 users are advised to upgrade
their kernels to the packages associated with their machine
architectures and configurations as listed in this erratum.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-017.html

Risk factor : High

CVSS Score:
7.2

Cross-Ref: BugTraq ID: 9429
Common Vulnerability Exposure (CVE) ID: CVE-2004-0001
http://www.securityfocus.com/bid/9429
CERT/CC vulnerability note: VU#337238
http://www.kb.cert.org/vuls/id/337238
http://security.gentoo.org/glsa/glsa-200402-06.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A868
http://www.redhat.com/support/errata/RHSA-2004-017.html
XForce ISS Database: linux-ptrace-gain-privilege(14888)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14888

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.51098
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2004:017
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2004:017. The Linux kernel handles the basic functions of the operating system. This is the first regular kernel update for Red Hat Enterprise Linux version 3. It contains a new critical security fix, many other bug fixes, several device driver updates, and numerous performance and scalability enhancements. On AMD64 systems, a fix was made to the eflags checking in 32-bit ptrace emulation that could have allowed local users to elevate their privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0001 to this issue. Other bug fixes were made in the following kernel areas: VM, NPTL, IPC, kernel timer, ext3, NFS, netdump, SCSI, ACPI, several device drivers, and machine-dependent support for the x86_64, ppc64, and s390 architectures. The VM subsystem was improved to better handle extreme loads and resource contention (such as might occur during heavy database application usage). This has resulted in a significantly reduced possibility of hangs, OOM kills, and low-mem exhaustion. Several NPTL fixes were made to resolve POSIX compliance issues concerning process IDs and thread IDs. A section in the Release Notes elaborates on a related issue with file record locking in multi-threaded applications. AMD64 kernels are now configured with NUMA support, S390 kernels now have CONFIG_BLK_STATS enabled, and DMA capability was restored in the IA64 agpgart driver. The following drivers have been upgraded to new versions: cmpci ------ 6.36 e100 ------- 2.3.30-k1 e1000 ------ 5.2.20-k1 ips -------- 6.10.52 megaraid --- v1.18k megaraid2 -- v2.00.9 All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-017.html Risk factor : High CVSS Score: 7.2
Cross-Ref:	BugTraq ID: 9429 Common Vulnerability Exposure (CVE) ID: CVE-2004-0001 http://www.securityfocus.com/bid/9429 CERT/CC vulnerability note: VU#337238 http://www.kb.cert.org/vuls/id/337238 http://security.gentoo.org/glsa/glsa-200402-06.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A868 http://www.redhat.com/support/errata/RHSA-2004-017.html XForce ISS Database: linux-ptrace-gain-privilege(14888) https://exchange.xforce.ibmcloud.com/vulnerabilities/14888
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com