TITLE:
Linux Kernel Denial of Service Vulnerabilities

READ ONLINE:
http://www.secunia.com/advisories/8936/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
SuSE Linux Office Server
SuSE Linux Firewall on CD/Admin host
SuSE Linux Enterprise Server 8
SuSE Linux Enterprise Server 7
SuSE Linux Database Server
SuSE Linux Connectivity Server
SuSE Linux 8.x
SuSE Linux 7.x
SuSE eMail Server 3.x
Slackware Linux 9.0
Slackware Linux 8.x
RedHat Linux Advanced Workstation 2.1 for Itanium
RedHat Linux Advanced Server 2.1 for Itanium
RedHat Linux 9
RedHat Linux 8.0
RedHat Linux 7.3
RedHat Linux 7.2
RedHat Linux 7.1
RedHat Enterprise Linux WS
RedHat Enterprise Linux ES
RedHat Enterprise Linux AS
OpenLinux Workstation 3.x
OpenLinux Server 3.x
Mandrake Multi Network Firewall 8.x
Mandrake Linux 9.x
Mandrake Linux 8.x
Mandrake Corporate Server 2.x
Linux Kernel 2.4.x
Gentoo Linux 1.x
EnGarde Secure Professional 1.x
EnGarde Secure Linux 1.x
EnGarde Secure Community 2.x
Conectiva Linux 7.0
Conectiva Linux 8
Conectiva Linux 9
Debian GNU/Linux 3.0
Debian GNU/Linux unstable alias sid

DESCRIPTION:
Three vulnerabilities have been identified in the Linux Kernel 2.4
branch. One can be exploited to cause a Denial of Service by a
malicious person and is very similar to the recent Linux Kernel
Denial of Service. The others are local Denial of Service
vulnerabilities.

The remote Denial of Service is possible, because malicious people
can cause hash table collisions by sending a stream of maliciously
crafted fragmented TCP packets. This will cause the system to consume
large amounts of CPU resources.

For more information about hash table collisions see:
http://www.secunia.com/advisories/8786/

It is possible to cause a kernel oops, because of an unspecified
vulnerability in the tty layer. This could possibly reveal sensitive
information to local users or cause a Denial of Service.

A malformed address may cause low level mxcsr code to leave garbage
in CPU state registers. This could possibly lead to a Denial of
Service.

SOLUTION:
We are not aware of any official patches for the Linux Kernel.

Red Hat has issued updated packages:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/...20-18.7.src.rpm
ftp://updates.redhat.com/7.1/en/os/SRPMS/...06-9.71.src.rpm

athlon:
ftp://updates.redhat.com/7.1/en/os/athlon...18.7.athlon.rpm
ftp://updates.redhat.com/7.1/en/os/athlon...18.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/q...6-9.71.i386.rpm

i586:
ftp://updates.redhat.com/7.1/en/os/i586/k...0-18.7.i586.rpm
ftp://updates.redhat.com/7.1/en/os/i586/k...0-18.7.i586.rpm

i686:
ftp://updates.redhat.com/7.1/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.1/en/os/i686/k...0-18.7.i686.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/...20-18.7.src.rpm
ftp://updates.redhat.com/7.2/en/os/SRPMS/....06-9.7.src.rpm

athlon:
ftp://updates.redhat.com/7.2/en/os/athlon...18.7.athlon.rpm
ftp://updates.redhat.com/7.2/en/os/athlon...18.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/q...06-9.7.i386.rpm

i586:
ftp://updates.redhat.com/7.2/en/os/i586/k...0-18.7.i586.rpm
ftp://updates.redhat.com/7.2/en/os/i586/k...0-18.7.i586.rpm

i686:
ftp://updates.redhat.com/7.2/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.2/en/os/i686/k...0-18.7.i686.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/...20-18.7.src.rpm
ftp://updates.redhat.com/7.3/en/os/SRPMS/....06-9.7.src.rpm

athlon:
ftp://updates.redhat.com/7.3/en/os/athlon...18.7.athlon.rpm
ftp://updates.redhat.com/7.3/en/os/athlon...18.7.athlon.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/k...0-18.7.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/q...06-9.7.i386.rpm

i586:
ftp://updates.redhat.com/7.3/en/os/i586/k...0-18.7.i586.rpm
ftp://updates.redhat.com/7.3/en/os/i586/k...0-18.7.i586.rpm

i686:
ftp://updates.redhat.com/7.3/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/k...0-18.7.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/k...0-18.7.i686.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/...20-18.8.src.rpm

athlon:
ftp://updates.redhat.com/8.0/en/os/athlon...18.8.athlon.rpm
ftp://updates.redhat.com/8.0/en/os/athlon...18.8.athlon.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/k...0-18.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/k...0-18.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/k...0-18.8.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/k...0-18.8.i386.rpm

i586:
ftp://updates.redhat.com/8.0/en/os/i586/k...0-18.8.i586.rpm
ftp://updates.redhat.com/8.0/en/os/i586/k...0-18.8.i586.rpm

i686:
ftp://updates.redhat.com/8.0/en/os/i686/k...0-18.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/k...0-18.8.i686.rpm
ftp://updates.redhat.com/8.0/en/os/i686/k...0-18.8.i686.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/ke...20-18.9.src.rpm

athlon:
ftp://updates.redhat.com/9/en/os/athlon/k...18.9.athlon.rpm
ftp://updates.redhat.com/9/en/os/athlon/k...18.9.athlon.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/ker...0-18.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/ker...0-18.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/ker...0-18.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/ker...0-18.9.i386.rpm

i586:
ftp://updates.redhat.com/9/en/os/i586/ker...0-18.9.i586.rpm
ftp://updates.redhat.com/9/en/os/i586/ker...0-18.9.i586.rpm

i686:
ftp://updates.redhat.com/9/en/os/i686/ker...0-18.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/ker...0-18.9.i686.rpm
ftp://updates.redhat.com/9/en/os/i686/ker...0-18.9.i686.rpm

REPORTED BY / CREDITS:
Al Viro
Andrea Arcangeli

ORIGINAL ADVISORY:
http://rhn.redhat.com/errata/RHSA-2003-187.html

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : support@secunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419