-----BEGIN PGP SIGNED MESSAGE----- Subject: Caldera Security Advisory SA-1998.16: Security problems in the Linux kernel Topic: Linux kernel fcntl(F_SETDOWN) problem Advisory issue date: 24-July-1998 I. Problem Description Problem: The fcntl system call does not do proper permission checks when a process calls fcntl(fd, F_SETOWN, pid). II. Impact Description: This allows the SIGIO signal to be sent to any process. One of the affected processes is inetd. Vulnerable Systems: OpenLinux 1.0, 1.1, & 1.2 systems using a Linux kernel prior to version 2.0.35. III. Solution Correction: The proper solution is to upgrade to the linux-2.0.35-1 packages. They can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/010/RPMS The corresponding source code can be found at: ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/010/SRPMS The MD5 checksums (from the "md5sum" command) for these packages are: c77e01062e31999df1e737be3c76d421 RPMS/linux-kernel-binary-2.0.35-1.i386.rpm 478613e7d518071f6bfb083467bbe9d4 RPMS/linux-kernel-build-2.0.35-1.i386.rpm 064314ec09ecb943c1b2e32bd5bbc58d RPMS/linux-kernel-doc-2.0.35-1.i386.rpm 6be4d59c7ed5b977910cee56f8195620 RPMS/linux-kernel-include-2.0.35-1.i386.rpm 00447a16959910703fe39d6909b2aab5 RPMS/linux-source-alpha-2.0.35-1.i386.rpm fca1c0863c0f139c183cfbacc0842d57 RPMS/linux-source-common-2.0.35-1.i386.rpm 019c8bfe5e58b33c2fcbc8a22bc19ee0 RPMS/linux-source-i386-2.0.35-1.i386.rpm a4089ce160a98994ad332b6ff0f62722 RPMS/linux-source-m68k-2.0.35-1.i386.rpm 03bc055d6a1c7048080745cff5009954 RPMS/linux-source-mips-2.0.35-1.i386.rpm 6c084310da749e03b7ea04f2d78a9c05 RPMS/linux-source-ppc-2.0.35-1.i386.rpm d34badd0bf2dcea2b0108048f5eaa909 RPMS/linux-source-sparc-2.0.35-1.i386.rpm d6778b9503c724c361d30487c7248d98 SRPMS/linux-2.0.35-1.src.rpm You are advised to upgrade the kernel by using the update.col script. To simply install the new packages use the following commands: rpm -i linux-kernel-binary-2.0.35-1.i386.rpm rpm -i linux-kernel-build-2.0.35-1.i386.rpm rpm -i linux-kernel-doc-2.0.35-1.i386.rpm rpm -i linux-kernel-include-2.0.35-1.i386.rpm rpm -i linux-source-alpha-2.0.35-1.i386.rpm rpm -i linux-source-common-2.0.35-1.i386.rpm rpm -i linux-source-i386-2.0.35-1.i386.rpm rpm -i linux-source-m68k-2.0.35-1.i386.rpm rpm -i linux-source-mips-2.0.35-1.i386.rpm rpm -i linux-source-ppc-2.0.35-1.i386.rpm rpm -i linux-source-sparc-2.0.35-1.i386.rpm IV. References This and other Caldera security resources are located at: http://www.caldera.com/news/security/index.html This security fix closes Caldera's internal Problem Report 4043. V. PGP Signature This message was signed with the PGP key for security@caldera.com. This key can be obtained from: ftp://ftp.caldera.com/pub/pgp-keys/ Or on an OpenLinux CDROM under: /OpenLinux/pgp-keys/ $Id: SA-1998.16.txt,v 1.3 1998/07/24 13:01:53 rf Exp $ -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNbiFwen+9R4958LpAQFvDwP7BHT7ISZ3mWOB0xrqA4mI1WAgXbqCU25h mZqw5ktDNJLZd2Rs2eFSL/6RYmjBqyStmxTOw/Jqvjf34vwjoy+U6pCCjY6vdKzC JVjpyTMddaagtQr2dmiDPnh+1h2HJuT4yN37tIxYlj+E9KxFSmbIAratq2cVwTP0 ZB88KTZh5io= =YQBu -----END PGP SIGNATURE-----