It is currently Fri Mar 24, 2017 9:48 pm

All times are UTC - 5 hours [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 1 post ] 
  Print view Previous topic | Next topic 
Author Message
 Post subject: Kernel Upgrade
PostPosted: Wed Jan 19, 2005 3:30 pm 
Offline
Sprintserve Staff
User avatar

Joined: Mon Jan 13, 2003 10:51 am
Posts: 128
Dear Client

All clients on Redhat Enterprise 3 and CentOS 3.4 would have their kernels updated within the next 48 hours. We will as far as possible carry up the upgrade during the off-peak hours. The upgrade requires a reboot to load the new kernel. This will result in 2-3 minutes of downtime as the server restarts, possibly longer if complications arises. This series of fixes will address several new issues discovered recently. The details are as follows:


iSEC Security Research discovered a VMA handling flaw in the uselib(2) system call of the Linux kernel. A local user could make use of this flaw to gain elevated (root) privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1235 to this issue.

A flaw was discovered where an executable could cause a VMA overlap leading to a crash. A local user could trigger this flaw by creating a carefully crafted a.out binary on 32-bit systems or a carefully crafted ELF binary on Itanium systems. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0003 to this issue.

iSEC Security Research discovered a flaw in the page fault handler code that could lead to local users gaining elevated (root) privileges on multiprocessor machines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0001 to this issue. A patch that coincidentally fixed this issue was committed to the Update 4 kernel release in December 2004. Therefore Red Hat Enterprise Linux 3 kernels provided by RHBA-2004:550 and subsequent updates are not vulnerable to this issue.

A flaw in the system call filtering code in the audit subsystem included in Red Hat Enterprise Linux 3 allowed a local user to cause a crash when auditing was enabled. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1237 to this issue.

Olaf Kirch discovered that the recent security fixes for cmsg_len handling (CAN-2004-1016) broke 32-bit compatibility on 64-bit platforms such as AMD64 and Intel EM64T. A patch to correct this issue is included.

A recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included.


If you have any questions regarding the upgrade, please contact us at support@sprintserve.net. We will like to take this opportunity to thank all of you for being with us.



Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 1 post ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron



Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
skymiles v1.1 desgined by CodeMiles Team -TemplatesDragon-.