Slackware: kernel Multiple vulnerabilities
Summary
Here are the details from the Slackware 9.0 ChangeLog: Tue Jun 17 19:41:55 PDT 2003 New precompiled Linux 2.4.21 kernels and source packages are now available for Slackware 9.0. These fix a few problems with the ptrace patch used with the 2.4.20 kernel, and add a few extra drivers (like Silicon Image Serial-ATA support). The new kernel also fixes a number of security issues, such as a routing cache problem in 2.4.20 and earlier can allow an attacker to cause hash collisions in the prerouting chain that consume CPU resources resulting in a denial-of-service (CAN-2003-0244). patches/packages/kernel-headers-2.4.21-i386-1.tgz: Upgraded to Linux 2.4.21 kernel headers. patches/packages/kernel-ide-2.4.21-i486-1.tgz: Upgraded to Linux 2.4.21. patches/packages/kernel-modules-2.4.21-i486-1.tgz: Upgraded kernel modules to Linux 2.4.21. patches/packages/kernel-modules-2.4.21_xfs-i486-1.tgz: Upgraded the XFS-patched kernel modules package to Linux 2.4.21-xfs. These are needed for the xfs.i kernel. patches/packages/kernel-source-2.4.21-noarch-1.tgz: Upgraded to Linux 2.4.21 source. patches/kernels/*: Upgraded to Linux 2.4.21. (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware 9.0: INSTALLATION INSTRUCTIONS: If you are using the standard Slackware "bare.i" kernel, you may update your kernel like this: upgradepkg kernel-ide-2.4.21-i486-1.tgz kernel-modules-2.4.21-i486-1.tgz Then, reinstall your boot loader. This may be as simple as running 'lilo' as root, or you may use 'makebootdisk' to create a new boot floppy. If you use a different kernel, you'll want to use upgradepkg to update the appropriate kernel modules package (kernel-modules-2.4.21-i486-1.tgz for most kernels, but if you use the xfs.i kernel with XFS patches, then you will need to use the kernel-modules-2.4.21_xfs-i486-1.tgz package instead). Then, install the kernel from the kernels/ directory. For example, to install the adaptec.s kernel: cd kernels/adaptec.s rm -f /boot/System.map /boot/config /boot/vmlinuz cp -a System.map.gz config bzImage /boot gzip -d /boot/System.map.gz mv /boot/bzImage /boot/vmlinuz Then, reinstall your boot loader. You may also wish to update your installed kernel sources: upgradepkg kernel-headers-2.4.21-i386-1.tgz kernel-source-2.4.21-noarch-1.tgz If you use XFS or Speakup you'll need to apply additional patches found here: Slackware Linux Security Team slackware security@slackware.com
Where Find New Packages
MD5 Signatures
Installation Instructions