Re: Kernel 2.4.24 available for SLES8?
On Wed, Jan 14, 2004 at 01:16:34PM -0500, Eric Sammons wrote: We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Is the bug that 2.4.24 fixes exploitable on non-x86 architectures? Adam
Re: Kernel 2.4.24 available for SLES8?
More than likely, SUSE will _not_ issue a 2.4.24 kernel. What usually happens is that the fix for a particular problem is back-ported to the level they're currently distributed. This avoids problems with ISV software needing to be recertified on a new kernel, etc. SUSE has issued fixes for all their other architectures. I would imagine they have issued one for S/390 and zSeries as well. Mark Post -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
They issued kernel 2.4.21-94 yesterday. What fix are you looking for? Marcy Cortes Wells Fargo Services Company -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
Service_pack_3 on SLES8 did upgrade the kernel from 2.4.19 to 2.4.21, so anything is possible. Thousands of years ago, cats were worshipped as gods. Cats have never forgotten this. _ Anonymous Gordon Wolfe, Ph.D. (425)865-5940 VM Technical Services, The Boeing Company -- From: Post, Mark K Reply To: Linux on 390 Port Sent: Wednesday, January 14, 2004 10:23 AM To: [EMAIL PROTECTED] Subject: Re: Kernel 2.4.24 available for SLES8? More than likely, SUSE will _not_ issue a 2.4.24 kernel. What usually happens is that the fix for a particular problem is back-ported to the level they're currently distributed. This avoids problems with ISV software needing to be recertified on a new kernel, etc. SUSE has issued fixes for all their other architectures. I would imagine they have issued one for S/390 and zSeries as well. Mark Post -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
there was an update released yesterday. details : Applies to Product(s): SuSE Linux Enterprise Server 8 for IBM S/390 and IBM zSeries Package: k_deflt Release: 20040112 Obsoletes: none Indications This update should be installed. Contraindications This kernel requires PTF UM30652 installed on systems using Guest LAN / Hipersockets with z/VM 4.3. Description This This update fixes a security vulnerability in the Linux kernel (CAN-2003-0985) and contains additional fixes and IBM codedrops. The changes in detail are: Security fix * Add missing check in mremap (CAN-2003-0985) IBM code drop from 2003-12-18 * DASD driver sets improper default cache mode on ESS. * Massive workload combined with ESS flascopy leading to I/O hang. IBM code drop from 2003-11-28 * PCICCs fail to be detected under z90crypt. * z90crypt doesn't support dynamic device node generation. * Unable to reconnect when using z/VM 3.1 at remote peer. * fake_ll problems when IPv6 is not active in qeth. * multicast_router handling for IPv6 on OSA. * sclp: signal shutdown does not work. * zfcp: unwary memory allocation during error recovery. IBM code drop from 2003-10-31 * Crashes, triggered by IUCV and CTC when calling dst_link_failure(). * DHCP does not work with HiperSockets guest LAN. * Fixed S390 Debug Feature usage. * Incorrect calculation of max_blocks in DIAG discipline. * Race Conditions in qeth when more than one osasnmpd is running. * VIPA and Proxy ARP problems on qeth. * Avoid hang during initialization on I/O errors. * Console: kernel compilation fails in drivers/s390/char/ctrlchar.c. * Crashes triggered by s390 network drivers calling dst_link_failure(). * fake_ll source MAC problem. * Tape: Fix implementation of NOP mtio operation. * Tape: Initially boxed tapes might become invisible. * z90crypt incorrectly detects PCIXCC as PCICC. * zfcp: SCSI I/O stall due to missed local-link-up event. * zfcp: arbitrary (and bewildering) order of entries in /proc/scsi/zfcp/map. * zfcp: incomplete fix for dynamic SCSI adapter addition in scsi_mod. * zfcp: infinite error recovery escalation for certain port failure. Further improvements * Corrected hangcheck driver * Fix a pointer arithmetic bug in the xattr code. * nfsd-fhalias (for HA-NFS): avoid console spew from invalid IP 0. * Fix bad ffs() return value, fixes fat and netfilter. * Fix NFS directio bug that causes data corruption when creating files larger than 4 GB. * Added missing epoll() syscalls. -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 12:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
It seems that my security department is talking about some privilege escalation vulnerability. I am still trying to get more information. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems Marcy Cortes [EMAIL PROTECTED] Sent by: Linux on 390 Port [EMAIL PROTECTED] 01/14/2004 01:29 PM Please respond to Linux on 390 Port To: [EMAIL PROTECTED] cc: Subject:Re: Kernel 2.4.24 available for SLES8? They issued kernel 2.4.21-94 yesterday. What fix are you looking for? Marcy Cortes Wells Fargo Services Company -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
there are several of vulnerabilities that are x86 specific. the one that immediately comes to mind is the one that plagued the debian servers. -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 2:50 PM To: [EMAIL PROTECTED] Subject: Re: Kernel 2.4.24 available for SLES8? It seems that my security department is talking about some privilege escalation vulnerability. I am still trying to get more information. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems Marcy Cortes [EMAIL PROTECTED] Sent by: Linux on 390 Port [EMAIL PROTECTED] 01/14/2004 01:29 PM Please respond to Linux on 390 Port To: [EMAIL PROTECTED] cc: Subject:Re: Kernel 2.4.24 available for SLES8? They issued kernel 2.4.21-94 yesterday. What fix are you looking for? Marcy Cortes Wells Fargo Services Company -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
On Mer, 2004-01-14 at 18:17, Adam Thornton wrote: On Wed, Jan 14, 2004 at 01:16:34PM -0500, Eric Sammons wrote: We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Is the bug that 2.4.24 fixes exploitable on non-x86 architectures? Its very dependant on the exact platform. I would not be suprised to find that S/390 was immune or mostly immune. The way kernel v user space works on 390 is quite different to a PC. Most vendors btw will have backported the fixes rather than moving to 2.4.24.
Re: Kernel 2.4.24 available for SLES8?
On Wed, Jan 14, 2004 at 03:03:25PM -0600, Little, Chris wrote: there are several of vulnerabilities that are x86 specific. the one that immediately comes to mind is the one that plagued the debian servers. If you mean CAN-2003-0961, that vulnerability is not i386-specific, though it only affects a subset of Linux architectures. -- - mdz
Re: Kernel 2.4.24 available for SLES8?
thank you. i stand corrected. -Original Message- From: Matt Zimmerman [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 3:32 PM To: [EMAIL PROTECTED] Subject: Re: Kernel 2.4.24 available for SLES8? On Wed, Jan 14, 2004 at 03:03:25PM -0600, Little, Chris wrote: there are several of vulnerabilities that are x86 specific. the one that immediately comes to mind is the one that plagued the debian servers. If you mean CAN-2003-0961, that vulnerability is not i386-specific, though it only affects a subset of Linux architectures. -- - mdz
Re: Kernel 2.4.24 available for SLES8?
Here is the more exact finding our security group is concerned with: There are 2 recently discovered Linux Kernel vulnerabilities that could result in an attacker gaining elevated privileges on a Linux server. One involves exploiting the kernel function do_mremap()--insufficient bounds checking in the mremap system call; the other involves an exploit that allows an attacker to cause data stored in the kernel memory space to leak into user space via weaknesses in the real time clock (rtc) routines. IN both cases the vulnerability can be removed by upgrading the Linux kernel to version 2.2.24. Thanks! Eric Sammons Marcy Cortes [EMAIL PROTECTED] Sent by: Linux on 390 Port [EMAIL PROTECTED] 01/14/2004 01:29 PM Please respond to Linux on 390 Port To: [EMAIL PROTECTED] cc: Subject:Re: Kernel 2.4.24 available for SLES8? They issued kernel 2.4.21-94 yesterday. What fix are you looking for? Marcy Cortes Wells Fargo Services Company -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems
Re: Kernel 2.4.24 available for SLES8?
SLES 8 kernel 2.4.21-94 seems to include the mremap problem: |This This update fixes a security vulnerability in the Linux |kernel (CAN-2003-0985) and contains additional fixes and IBM |codedrops. The changes in detail are: | | Security fix | | * Add missing check in mremap (CAN-2003-0985) Don't know about the other one. Marcy Cortes Wells Fargo Services Company -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Eric Sammons Sent: Wednesday, January 14, 2004 14:58 To: [EMAIL PROTECTED] Subject: Re: [LINUX-390] Kernel 2.4.24 available for SLES8? Here is the more exact finding our security group is concerned with: There are 2 recently discovered Linux Kernel vulnerabilities that could result in an attacker gaining elevated privileges on a Linux server. One involves exploiting the kernel function do_mremap()--insufficient bounds checking in the mremap system call; the other involves an exploit that allows an attacker to cause data stored in the kernel memory space to leak into user space via weaknesses in the real time clock (rtc) routines. IN both cases the vulnerability can be removed by upgrading the Linux kernel to version 2.2.24. Thanks! Eric Sammons
Re: Kernel 2.4.24 available for SLES8?
I believe that 2.4.21-95 has the do_mremap() problem addressed. I have this url from SuSE: http://sdb.suse.de/download/s390x/update/SuSE-SLES/8/rpm/s390x/k_deflt-2.4.2 1-95.s390x.rpm -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 2:58 PM To: [EMAIL PROTECTED] Subject: Re: Kernel 2.4.24 available for SLES8? Here is the more exact finding our security group is concerned with: There are 2 recently discovered Linux Kernel vulnerabilities that could result in an attacker gaining elevated privileges on a Linux server. One involves exploiting the kernel function do_mremap()--insufficient bounds checking in the mremap system call; the other involves an exploit that allows an attacker to cause data stored in the kernel memory space to leak into user space via weaknesses in the real time clock (rtc) routines. IN both cases the vulnerability can be removed by upgrading the Linux kernel to version 2.2.24. Thanks! Eric Sammons Marcy Cortes [EMAIL PROTECTED] Sent by: Linux on 390 Port [EMAIL PROTECTED] 01/14/2004 01:29 PM Please respond to Linux on 390 Port To: [EMAIL PROTECTED] cc: Subject:Re: Kernel 2.4.24 available for SLES8? They issued kernel 2.4.21-94 yesterday. What fix are you looking for? Marcy Cortes Wells Fargo Services Company -Original Message- From: Eric Sammons [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 14, 2004 1:17 PM To: [EMAIL PROTECTED] Subject: Kernel 2.4.24 available for SLES8? We are still working on our support contact so I am not sure I can get the quick and dirty from SuSE yet, so I wonder does anyone in this group know the availability status of 2.4.24 for SLES8? Also, anything to watch for or perhaps a readme for fixes, enhancements etc. . . Our security folks want us at this level ASAP so if it is available this could light the fire under our purchasing group. Thanks! Eric Sammons (804)697-3925 FRIT - Unix Systems