-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                      ESB-2004.0542 -- MDKSA-2004:087
           Updated kernel packages fix multiple vulnerabilities
                              30 August 2004

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Publisher:              Mandrake
Operating System:       Linux variants
Impact:                 Access Privileged Data
Access:                 Existing Account
CVE Names:              CAN-2004-0415

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           kernel
 Advisory ID:            MDKSA-2004:087
 Date:                   August 26th, 2004

 Affected versions:	 10.0, 9.1, 9.2, Corporate Server 2.1,
			 Multi Network Firewall 8.2
 ______________________________________________________________________

 Problem Description:

 A race condition was discovered in the 64bit file offset handling by
 Paul Starzetz from iSEC.  The file offset pointer (f_pos) is changed
 during reading, writing, and seeking through a file in order to point
 to the current position of a file.  The value conversion between both
 the 32bit and 64bit API in the kernel, as well as access to the f_pos
 pointer, is defective.  As a result, a local attacker can abuse this
 vulnerability to gain access to uninitialized kernel memory, mostly
 via entries in the /proc filesystem.  This kernel memory can possibly
 contain information like the root password, and other sensitive data.
 
 The updated kernel packages provided are patched to protect against
 this vulnerability, and all users are encouraged to upgrade
 immediately.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 bb124a3bef37b02afc1f76b250934602  10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.i586.rpm
 1b5a1a95566b8c95ade266280299f1f7  10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.i586.rpm
 71e3945f2ee90f470b51f432da1796de  10.0/RPMS/kernel-enterprise-2.4.25.8mdk-1-1mdk.i586.rpm
 971e6cb84758a85702d8327a4f38fc28  10.0/RPMS/kernel-enterprise-2.6.3.16mdk-1-1mdk.i586.rpm
 45b678133982d69d20bdf0f6d20b0824  10.0/RPMS/kernel-i686-up-4GB-2.4.25.8mdk-1-1mdk.i586.rpm
 5452c94f1f7d67304254e12b673b5221  10.0/RPMS/kernel-i686-up-4GB-2.6.3.16mdk-1-1mdk.i586.rpm
 c70db4c0885bc44e7c730cd81c605957  10.0/RPMS/kernel-p3-smp-64GB-2.4.25.8mdk-1-1mdk.i586.rpm
 a3f4ca2258bd51a06d1a4d9e8c91a0d0  10.0/RPMS/kernel-p3-smp-64GB-2.6.3.16mdk-1-1mdk.i586.rpm
 3043c3d2248621d3e78c6706e0b21ec8  10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.i586.rpm
 6ffee0960561541e90df6fe4a94eaeee  10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.i586.rpm
 a31a725de8ed04ae8f9e7513393f25d1  10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.i586.rpm
 9123ffa0c274535a9a4ec81b133878d4  10.0/RPMS/kernel-source-2.4.25-8mdk.i586.rpm
 6433dbb5cc1c2f022babb91f85d9fc6f  10.0/RPMS/kernel-source-2.6.3-16mdk.i586.rpm
 fcca7cf53668562b0a32a6586308be56  10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.i586.rpm
 106cadf9771a8c9f95307c8d50acafb4  10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm
 afe1f32f4d1bf50d8c26532d7306ae5e  10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 9a3392f21a14b6f39ab58b5c668c00d6  amd64/10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.amd64.rpm
 55af2f01328e9639950a574ee8581742  amd64/10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.amd64.rpm
 0f7a1d450d538737dfd372b1cfa94427  amd64/10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.amd64.rpm
 19ca45c3907d9e199fa4fae81f5eecce  amd64/10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.amd64.rpm
 210177187fcb6b2d8c2e5e35236c94e0  amd64/10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.amd64.rpm
 8af7563fa5bd6bbdb624673e20ca30f8  amd64/10.0/RPMS/kernel-source-2.4.25-8mdk.amd64.rpm
 1c9e60cccf8f7c23631f66e3b8fefbbb  amd64/10.0/RPMS/kernel-source-2.6.3-16mdk.amd64.rpm
 eb66d33a1f7145b073d19d4400dfd9cd  amd64/10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.amd64.rpm
 106cadf9771a8c9f95307c8d50acafb4  amd64/10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm
 afe1f32f4d1bf50d8c26532d7306ae5e  amd64/10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm

 Corporate Server 2.1:
 bd6420c05282c010ce169a0bc3ef2a1d  corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.i586.rpm
 b7851dbc3d0ef68f1817f22344945af3  corporate/2.1/RPMS/kernel-enterprise-2.4.19.44mdk-1-1mdk.i586.rpm
 1522b26f3002f9acdd62c7459d93e8ae  corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm
 3f9ac5a25a9873b1d6467fe901bc7ac2  corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.i586.rpm
 270dfc0bc5e527dc9a0f5fc19c320871  corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.i586.rpm
 d5440f2645457193cfba59858066d6fa  corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm

 Corporate Server 2.1/x86_64:
 d9732081e8aba92f7b456bd47210919b  x86_64/corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.x86_64.rpm
 b5e1a9b21150f93cf2cccf1844832bee  x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.x86_64.rpm
 09cfe0193ecbd936b97638d925d6d4d6  x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.x86_64.rpm
 b7c8fe8c80e8e485a0064ff005206758  x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.x86_64.rpm
 d5440f2645457193cfba59858066d6fa  x86_64/corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm

 Mandrakelinux 9.1:
 bec690d551d3da5058df6a511f156c21  9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.i586.rpm
 b6298da605021f7396d556db58fe6a05  9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.i586.rpm
 ea57e0af847c3638589f8c1131841cf2  9.1/RPMS/kernel-secure-2.4.21.0.33mdk-1-1mdk.i586.rpm
 f429f092a0c6691b83434d139af63595  9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.i586.rpm
 49be199554329b217c7194dcb1da8214  9.1/RPMS/kernel-source-2.4.21-0.33mdk.i586.rpm
 db80c98bd9fddc1c7f92e424fb749cfe  9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 1c7115fb314313abf81c9e6ee4378077  ppc/9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.ppc.rpm
 d1b8770b326fe538f463b87840a6b837  ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.ppc.rpm
 42c2b5da02f580744452becdd3a1eaf4  ppc/9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.ppc.rpm
 ff5b1972d84a48b355665b37136d9a7e  ppc/9.1/RPMS/kernel-source-2.4.21-0.33mdk.ppc.rpm
 db80c98bd9fddc1c7f92e424fb749cfe  ppc/9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm

 Mandrakelinux 9.2:
 5bef940a1edbe8ae1095bcd10467302b  9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.i586.rpm
 6ee21d50e3fbe39be2e6b3b224fd1447  9.2/RPMS/kernel-enterprise-2.4.22.37mdk-1-1mdk.i586.rpm
 fcabb78046a63d6075d1197bc214ee6a  9.2/RPMS/kernel-i686-up-4GB-2.4.22.37mdk-1-1mdk.i586.rpm
 d22d6bd72c99f1af8a69a64e86208331  9.2/RPMS/kernel-p3-smp-64GB-2.4.22.37mdk-1-1mdk.i586.rpm
 1af0175e3ba79bd5e2334009760995d6  9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.i586.rpm
 f5ee987671743c3982cc1a3418a309da  9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.i586.rpm
 fc84de2d936d56056ef1599bf36bfe2f  9.2/RPMS/kernel-source-2.4.22-37mdk.i586.rpm
 e8901a215c637e9b6778d141cd0d6af2  9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 e6246736f56fb7c91d4fcc0222ffc0a6  amd64/9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.amd64.rpm
 fb74e209e096634ddad88216ab1d2151  amd64/9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.amd64.rpm
 42661d2b2f08d2ca0c29c49bb88808b2  amd64/9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.amd64.rpm
 57fac850dd2cfe63a54dc292a5982f4e  amd64/9.2/RPMS/kernel-source-2.4.22-37mdk.amd64.rpm
 e8901a215c637e9b6778d141cd0d6af2  amd64/9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm

 Multi Network Firewall 8.2:
 5a3f94088190a341b3e0ba4244c64244  mnf8.2/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm
 d5440f2645457193cfba59858066d6fa  mnf8.2/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBLqD4mqjQ0CJFipgRAkbuAJ4huLrspfbpxJsZ3GMmzzlTl6uAMACgm1cg
WLjUXxU2NNHprF42QDLY29M=
=Hg6j
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQTJ2dSh9+71yA2DNAQKYWgQAh30qLBl1h0ipwb+tfArAWdYBn56fUrZO
Vw7WXR2tFPBWhfDkmmOwZ3BeK6eKfHk6BEVuL+jXXEKj2rqktzD4OTryUwJp3QOM
GIixMIC0hw1Hd77EEiOvNC2IywG7TAjFIDKmCl2LS9PqI9/nhMCu3cCcLYcFSUVZ
BuZSGZ2qyno=
=u6TP
-----END PGP SIGNATURE-----