• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux TTY Layer Kernel Panic Denial Of Service Vulnerability

Solution:
Mandrake Linux have released a security advisory (MDKSA-2003:074) to address this issue. Further details regarding downloading and applying these fixes can be found in the referenced advisory. Fixes are linked below.

Mandrake has issued a kernel upgrade that is patched. Please see the advisory linked to in the reference section (MDKSA-2003:066) for further information.

Red Hat Linux has released an advisory RHSA-2003:187-01 and RHSA-2003:195-06. RHBA-2003:263-05 (for non-Enterprise Red Hat distributions) has been released to address unrelated bugs but provides Kernel updates that include more recent fixes for this and other security vulnerabilities.

Debian has issued a kernel upgrade that is patched. Please see the advisories linked to in the reference section (DSA-311-1 and DSA 312-1) for URLs to fixes.

Red Hat Linux has released a new advisory . Fixes are available through the Red Hat Network. Affected users are advised to upgrade.

Debian has released a new advisory DSA 332-1. Information about obtaining and applying fixes are available in the referenced advisory.

Debian has announced in DSA 336-2 that advisory DSA 336-1 does not address this issue.

Guardian Digital has released advisory ESA-20032407-018 for EnGarde Secure Linux. See referenced advisory for additonal details.

Conectiva has released advisory CLA-2003:701 to address this issue. See referenced advisory for additional details and fix information.

Red Hat has released an advisory (RHSA-2003:198-16) containing updated IA64 fixes for Red Hat Enterprise Linux AS (v. 2.1) and Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor. These fixes are only available through the Red Hat Network which can be found at http://rhn.redhat.com/.

Conectiva has released a security advisory (CLA-2003:796) containing fixes to address this issue in Conectiva Linux 8.

Debian has released DSA 442-1 to provide fixes for s390 platforms. Please see the attached advisory for further information.


RedHat kernel-bigmem-2.4.18-14.i686.rpm

• Red Hat kernel-bigmem-2.4.20-20.8.i686.rpm
  ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-20.8.i686 .rpm

RedHat kernel-2.4.20-8.athlon.rpm

• Red Hat kernel-2.4.20-20.9.athlon.rpm
  ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-20.9.athlon.rpm

RedHat kernel-source-2.4.2-2.i386.rpm

• Red Hat kernel-source-2.4.20-20.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-20.7.i386 .rpm

RedHat kernel-2.4.20-8.i586.rpm

• Red Hat kernel-2.4.20-20.9.i386.rpm
  ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-20.9.i386.rpm


• Red Hat kernel-2.4.20-20.9.i586.rpm
  ftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-20.9.i586.rpm

RedHat kernel-2.4.7-10.i686.rpm

• Red Hat kernel-2.4.20-20.7.i686.rpm
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-20.7.i686.rpm


• Red Hat kernel-bigmem-2.4.20-20.7.i686.rpm
  ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-20.7.i686 .rpm

RedHat kernel-bigmem-2.4.20-8.i686.rpm

• Red Hat kernel-bigmem-2.4.20-20.9.i686.rpm
  ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-20.9.i686.r pm

RedHat kernel-source-2.4.20-8.i386.rpm

• Red Hat kernel-source-2.4.20-20.9.i386.rpm
  ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-20.9.i386.r pm

RedHat kernel-2.4.18-3.athlon.rpm

• Red Hat kernel-2.4.20-20.7.athlon.rpm
  ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-20.7.athlon.rp m

RedHat kernel-source-2.4.7-10.i386.rpm

• Red Hat kernel-source-2.4.20-20.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-20.7.i386 .rpm

RedHat kernel-BOOT-2.4.18-14.i386.rpm

• Red Hat kernel-BOOT-2.4.20-20.8.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-20.8.i386.r pm

RedHat kernel-2.4.2-2.i686.rpm

• Red Hat kernel-2.4.20-20.7.i686.rpm
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-20.7.i686.rpm


• Red Hat kernel-bigmem-2.4.20-20.7.i686.rpm
  ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-20.7.i686 .rpm

RedHat kernel-BOOT-2.4.7-10.i386.rpm

• Red Hat kernel-BOOT-2.4.20-20.7.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-20.7.i386.r pm

MandrakeSoft Linux Mandrake 8.2

• Mandrake kernel-2.4.19.35mdk-1-1mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-2.4.19.35mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-2.4.19.35mdk-1-1mdk.src.rpm
  Mandrake Linux 8.28.2/SRPMS/kernel-2.4.19.35mdk-1-1mdk.src.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-BOOT-2.4.19.35mdk-1-1mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-BOOT-2.4.19.35mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-doc-2.4.19-35mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-doc-2.4.19-35mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-enterprise-2.4.19.35mdk-1-1mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-enterprise-2.4.19.35mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-secure-2.4.19.35mdk-1-1mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-secure-2.4.19.35mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-smp-2.4.19.35mdk-1-1mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-smp-2.4.19.35mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-source-2.4.19-35mdk.i586.rpm
  Mandrake Linux 8.28.2/RPMS/kernel-source-2.4.19-35mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php

MandrakeSoft Linux Mandrake 9.1

• Mandrake kernel-2.4.21.0.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-BOOT-2.4.21.0.25mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-doc-2.4.21-0.25mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-enterprise-2.4.21.0.25mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-secure-2.4.21.0.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-smp-2.4.21.0.24mdk-1-1mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake kernel-source-2.4.21-0.25mdk.i586.rpm
  http://www.mandrakesecure.net/en/ftp.php