Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2004:549
HistoryDec 02, 2004 - 12:00 a.m.

(RHSA-2004:549) kernel security update

2004-12-0200:00:00
access.redhat.com
29

0.215 Low

EPSS

Percentile

96.5%

JSON

The Linux kernel handles the basic functions of the operating system.

This update includes fixes for several security issues:

A missing serialization flaw in unix_dgram_recvmsg was discovered that
affects kernels prior to 2.4.28. A local user could potentially make
use of a race condition in order to gain privileges. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-1068 to this issue.

Paul Starzetz of iSEC discovered various flaws in the ELF binary
loader affecting kernels prior to 2.4.28. A local user could use thse
flaws to gain read access to executable-only binaries or possibly gain
privileges. (CAN-2004-1070, CAN-2004-1071, CAN-2004-1072, CAN-2004-1073)

A flaw when setting up TSS limits was discovered that affects AMD AMD64
and Intel EM64T architecture kernels prior to 2.4.23. A local user could
use this flaw to cause a denial of service (crash) or possibly gain
privileges. (CAN-2004-0812)

An integer overflow flaw was discovered in the ubsec_keysetup function
in the Broadcom 5820 cryptonet driver. On systems using this driver,
a local user could cause a denial of service (crash) or possibly gain
elevated privileges. (CAN-2004-0619)

Stefan Esser discovered various flaws including buffer overflows in
the smbfs driver affecting kernels prior to 2.4.28. A local user may be
able to cause a denial of service (crash) or possibly gain privileges.
In order to exploit these flaws the user would require control of
a connected Samba server. (CAN-2004-0883, CAN-2004-0949)

SGI discovered a bug in the elf loader that affects kernels prior to
2.4.25 which could be triggered by a malformed binary. On
architectures other than x86, a local user could create a malicious
binary which could cause a denial of service (crash). (CAN-2004-0136)

Conectiva discovered flaws in certain USB drivers affecting kernels
prior to 2.4.27 which used the copy_to_user function on uninitialized
structures. These flaws could allow local users to read small amounts
of kernel memory. (CAN-2004-0685)

All Red Hat Enterprise Linux 3 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.

Related

nessus 23
redhat 7
suse 2
securityvulns 5
openvas 24
ubuntu 3
debian 7
osv 6
nvd 13
cve 13
cvelist 13
ubuntucve 6
cert 2
checkpoint_advisories 1
prion 1
gentoo 1
centos 3
nessus
nessus
RHEL 3 : kernel (RHSA-2004:549)
2004-12-13 00:00:00
RHEL 2.1 : kernel (RHSA-2004:505)
2004-12-14 00:00:00
RHEL 2.1 / 3 : openmotif (RHSA-2004:537)
2004-12-13 00:00:00
redhat
redhat
(RHSA-2004:505) Updated kernel packages fix security vulnerability
2004-12-13 00:00:00
(RHSA-2004:504) Updated Itanium kernel packages resolve security issues
2004-12-13 00:00:00
(RHSA-2005:275) ia32el security update
2005-05-18 00:00:00
suse
suse
local and remote denial of service in kernel
2004-12-01 14:31:07
local privilege escalation in kernel
2004-12-21 19:35:11
securityvulns
securityvulns
Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities
2004-11-18 00:00:00
[ GLSA 200408-24 ] Linux Kernel: Multiple information leaks
2004-08-30 00:00:00
Linux kernel privilege escalation
2007-02-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-60-0)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-30-1)
2022-08-26 00:00:00
Debian: Security Advisory (DSA-1069-1)
2023-03-08 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2005-01-14 00:00:00
Linux kernel vulnerabilities
2004-11-19 00:00:00
Linux kernel vulnerabilities
2004-12-15 00:00:00
debian
debian
[SECURITY] [DSA 1070-1] New Linux kernel 2.4.19 packages fix several vulnerabilities
2006-05-21 06:24:21
[SECURITY] [DSA 1067-1] New Linux kernel 2.4.16 packages fix several vulnerabilities
2006-05-20 08:20:15
[SECURITY] [DSA 1069-1] New Linux kernel 2.4.18 packages fix several vulnerabilities
2006-05-21 02:53:34
osv
osv
kernel-source-2.4.19 - several vulnerabilities
2006-05-21 00:00:00
kernel-source-2.4.18 - several
2006-05-20 00:00:00
kernel-source-2.4.17 - several vulnerabilities
2006-05-29 00:00:00
nvd
nvd
CVE-2004-0619
2004-12-06 05:00:00
CVE-2004-0685
2004-12-23 05:00:00
CVE-2004-0883
2005-01-10 05:00:00
cve
cve
CVE-2004-0883
2005-01-10 05:00:00
CVE-2004-0949
2005-01-10 05:00:00
CVE-2004-0685
2004-12-23 05:00:00
cvelist
cvelist
CVE-2004-0619
2004-06-30 04:00:00
CVE-2004-0685
2004-10-26 04:00:00
CVE-2004-0883
2004-12-01 05:00:00
ubuntucve
ubuntucve
CVE-2004-0685
2004-12-23 00:00:00
CVE-2004-1070
2005-01-10 00:00:00
CVE-2004-0883
2005-01-10 00:00:00
cert
cert
SMB filesystem read system call vulnerable to buffer overflow
2005-02-02 00:00:00
Linux kernel USB drivers do not initialize kernel memory properly
2004-10-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel SMB Filesystem smb_receive Transaction2 - Ver2 (CVE-2004-0949)
2014-12-28 00:00:00
prion
prion
Design/Logic Flaw
2007-02-15 18:28:00
gentoo
gentoo
Linux Kernel: Multiple information leaks
2004-08-25 00:00:00
centos
centos
kernel security update
2005-04-29 05:42:41
kernel security update
2006-02-02 22:07:50
kernel security update
2005-04-22 21:54:37

0.215 Low

EPSS

Percentile

96.5%

JSON
Related for RHSA-2004:549
nessus23redhat7suse2securityvulns5openvas24ubuntu3debian7osv6nvd13cve13cvelist13ubuntucve6cert2checkpoint_advisories1prion1gentoo1centos3