This bug will track the various kernel issues up to July 2006.
*** Bug 188935 has been marked as a duplicate of this bug. ***
*** Bug 190082 has been marked as a duplicate of this bug. ***
*** Bug 190083 has been marked as a duplicate of this bug. ***
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are updated kernel packages to QA for FC3: * Sun Jul 16 2006 Marc Deslauriers <marcdeslauriers> 2.6.12-2.4.legacy_FC3 - - Added patches for: CVE-2005-3359 (incorrect inrement/decrement in atm module) CVE-2006-0555 (nfs: fix client panic using O_DIRECT) CVE-2006-0741 (fix for ELF exec vulnerability on EM64T) CVE-2006-0744 (fix for ELF exec vulnerability on EM64T) CVE-2006-1525 (panic in ip_route_input() via inet_rtm_getroute()) CVE-2006-1527 (netfilter/sctp: fix lockup in sctp_new) CVE-2006-1528 (local crash by dio/mmap sg/st driver) CVE-2006-1556 (LSM: add missing hooks to readv/writev) CVE-2006-1857 (SCTP HB-ACK chunk overflow) CVE-2006-1858 (SCTP chunk length overflow) CVE-2006-1860 (fcntl_setlease lockup) CVE-2006-1863 (cifs chroot issue) CVE-2006-1864 (smbfs chroot issue) CVE-2006-2071 (mprotect gives write permission to a readonly attachment) CVE-2006-2271 (SCTP ECNE chunk handling DoS) CVE-2006-2272 (SCTP incoming COOKIE_ECHO and HEARTBEAT packets DoS) CVE-2006-2274 (SCTP DATA fragments DoS) CVE-2006-2444 (SNMP NAT netfilter memory corruption) CVE-2006-2934 (SCTP netfilter DoS with chunkless packets) CVE-2006-3626 (Nasty /proc privilege escalation) 968488a6e0f4742b96c7f25eba4929bd4129a8d3 kernel-2.6.12-2.4.legacy_FC3.src.rpm ada2a7e0bb8967dacd624690c2a345b9ce33bac5 i586/kernel-2.6.12-2.4.legacy_FC3.i586.rpm 872eb6040e1bf3ccaef86c375c571ad164f33133 i586/kernel-smp-2.6.12-2.4.legacy_FC3.i586.rpm 0fc765f01b5fad2eb04a239ec3961cddab0b5f3c i686/kernel-2.6.12-2.4.legacy_FC3.i686.rpm 66a20220792e8d8392ab99abc1acaae24af31a51 i686/kernel-smp-2.6.12-2.4.legacy_FC3.i686.rpm a2de56c192a6a5dedc4e53c633fa4b7e2e415bc2 noarch/kernel-doc-2.6.12-2.4.legacy_FC3.noarch.rpm 40b1b373dc87bc7b9b80b3701a6e3821cfb66e87 x86_64/kernel-2.6.12-2.4.legacy_FC3.x86_64.rpm c1bb0f2f15b46abc48373a2b58ff1849a3c7b059 x86_64/kernel-smp-2.6.12-2.4.legacy_FC3.x86_64.rpm Available here: http://turbosphere.fedoralegacy.org/logs/fedora-3-core/163-kernel-2.6.12-2.4.legacy_FC3/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFExUxNLMAs/0C4zNoRAojgAJ442eHt1Trs9sY0PXsdpWhzZNwsdQCff2zu xLFN7rgzVeNPZS/dDyVSLCA= =6FGu -----END PGP SIGNATURE-----
06.27.24 CVE: CVE-2006-2935 Platform: Linux Title: Linux Kernel CD-ROM Driver Local Buffer Overflow Description: The Linux kernel is susceptible to a local buffer overflow issue. It fails to properly bounds check user-supplied input before using it in a memory copy operation. Linux kernel versions 2.6.17.3 and earlier are affected. Ref: http://www.securityfocus.com/bid/18847
06.27.29 CVE: Not Available Platform: Unix Title: Linux Kernel PRCTL Core Dump Handling Privilege Escalation Description: Linux kernel is exposed to a local privilege escalation issue. This issue affects "prctl" because the application handles core dump files in an insecure manner. Linux kernel versions 2.6.17.3 and earlier are vulnerable. Ref: http://rhn.redhat.com/errata/RHSA-2006-0574.html
Bug in comment #5 applies to FL kernel releases. Patch here: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197670 Bug in comment #6 doesn't apply to any FL releases.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are updated kernel packages to QA for FC3 that fix a few more issues: * Tue Aug 01 2006 Marc Deslauriers <marcdeslauriers> 2.6.12-2.5.legacy_FC3 - - Added patches for: CVE-2006-2935 (Possible buffer overflow in DVD handling) CVE-2006-1242 (Linux zero IP ID vulnerability) CVE-2006-0742 (die_if_kernel() can return DoS) CVE-2005-3055 (async usb devio oops) CVE-2006-1343 (Small information leak in SO_ORIGINAL_DST) 80171a403f1a7451872df440c5356da44d9f0f87 kernel-2.6.12-2.5.legacy_FC3.src.rpm b5e7d072ba4aed6d774514e3a84ea8fc1e94f3b0 i586/kernel-2.6.12-2.5.legacy_FC3.i586.rpm 0f0adb6317264fbcefd54f89f847f2c67a53f7f5 i586/kernel-smp-2.6.12-2.5.legacy_FC3.i586.rpm c4593480b44f4c211bbc91c6cd7c2825acee2395 i686/kernel-2.6.12-2.5.legacy_FC3.i686.rpm db05a644bb491d7b5c9957a8c52bc3582945ec61 i686/kernel-smp-2.6.12-2.5.legacy_FC3.i686.rpm 1fbb1b9b069a6802238ec28e1a0d66b15abef3a3 noarch/kernel-doc-2.6.12-2.5.legacy_FC3.noarch.rpm ba77b4394fe5c0d8d0e7e8fb9b1728a5f9e68be9 x86_64/kernel-2.6.12-2.5.legacy_FC3.x86_64.rpm 2676339fbb99886861be78b43a1ef4f6a8e21889 x86_64/kernel-smp-2.6.12-2.5.legacy_FC3.x86_64.rpm Available here: http://turbosphere.fedoralegacy.org/logs/fedora-3-core/168-kernel-2.6.12-2.5.legacy_FC3/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFE0VsTLMAs/0C4zNoRAu4QAJ9ELrxzrcn60xbwtxaJBwDSQEALqwCgu15P TsrcJPbuexiZ3zFPrZ+dpLE= =V+kG -----END PGP SIGNATURE-----
Marc: I, for one, apologize for not getting on this earlier to do PUBLISH QA on this package. As you know, I'm looking into recruiting more contri- butors to the Fedora Legacy project so things like this won't happen any more... *crossing my fingers* I intend to do Publish QA this week.
Will these security issues affect FC4's kernel? Wasn't it still being supported by Red Hat at the time this work was done by you, Marc?
FC4 was supported by RH then. There are a whole lot of new issues since these packages, so I don't think it's worthwhile QAing them.
What then may I do to best help here, Marc? Where to from here on this issue??
Removing the "publish-FC3" from the Status Whiteboard, since more work needs to done on the FC3 kernel.
There's a CVE for the bug referred to in comment #5 now -- CVE-2006-2451. I believe this applies to FC3, but is definitely already fixed in FC4.
Fedora Legacy project has ended. These will not be fixed by Fedora Legacy.