[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Debian Kernel Vulnerability

Posted on 2003-12-02
10
Medium Priority
?
533 Views
Last Modified: 2010-04-22
I'm running Debian 2.4.18.  I've read there is a vulnerability in the kernel.  Where do I get a fix for this?
0
Comment
Question by:Gnustome
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 24

Expert Comment

by:shivsa
ID: 9864965
0
 
LVL 24

Assisted Solution

by:shivsa
shivsa earned 400 total points
ID: 9864994
ftp://ftp.us.debian.org/debian/pool/main/k/kernel-source-2.4.20/kernel-source-2.4.20_2.4.20-3woody.3_all.deb

unpack the kernel sources in
/usr/src/kernel-source-2.4.20 and cd-ing there:

# cp /boot/config-2.4.20 .config
# make-kpkg binary --bzimage --initrd

and then dpkg -i the resulting kernel-image deb in /usr/src --
this was for 386.
------------------------------------------

Just do "apt-cache search kernel-image" at the command line. Soon it
will appear a list of available kernel-images pre-compiled. Choose that
best fit to your system and do, as a root, "apt-get install <the name of
the image you chose.

-------------------------------------------------


0
 
LVL 2

Expert Comment

by:joele23
ID: 9872192
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Expert Comment

by:joele23
ID: 9872199
sorry I messed up the cut and paste heres the file link again

File: http://www.packetstormsecurity.nl/linux-2.25-ow1.tar.gz 
0
 
LVL 2

Expert Comment

by:joele23
ID: 9872204
0
 
LVL 2

Assisted Solution

by:joele23
joele23 earned 400 total points
ID: 9872216
and again

http://www.packetstormsecurity.nl/linux/security/linux-2.2.25-ow1.tar.gz

thats it I promise

reminder to self 'do not try to multi-task to much when youve been up for 20 hours'
0
 

Author Comment

by:Gnustome
ID: 9873099
shivsa, I executed:
apt-cache search kernel-image

I don't know which of the following to use, since I installed bf2.4 on 386 architecture that uses an AMD K6-II:

kernel-image-2.4.18-k6
kernel-headers-2.4.18-bf2.4
kernel-image-2.4.18-1-386
kernel-image-2.4.18-1-k6
kernel-image-2.4.18-bf2.4
0
 
LVL 1

Accepted Solution

by:
MKrauss earned 1200 total points
ID: 9886923
2.4.18 is not that bad, with 2.4.19 there came the ptrace isssue and with 2.4.20 or 21 had
the iptables problem and 2.4.22 has a userspace/security prob which is going back to 2.4.18 .
If you're not having external (inet) traffic to this host and its your private host then i would
leave it. If not then you MUST go to 2.4.23 !

For fixing the best is downloading the kernel image from kernel.org .

Here a short description on howto (no danger ....) :
-get the packages: fakeroot,ncurses-dev,automake,kernel-package .
-untar the new kernel image somewhere on your disk
-ln -s /somewhere/image /usr/src/linux
-cd /usr/src/linux
-cp /boot/config2.4 ??? /usr/src/linux/.config (hide it with the dot !)
-make oldconfig
-make menuconfig (optional for changing the config)
-make dep clean bzImage (watch for "exit" errors do not continiue when they occure)
-make modules bzlilo modules_install ( "             "               "          ")
-modify lilo.conf to your belongings and reboot
-when restartet you check with dmesg for you current version.

those steps are not just any pasted links, its a common working procedure.
... have fun

MK



0
 
LVL 24

Expert Comment

by:shivsa
ID: 9886994
u can use these 2.
kernel-headers-2.4.18-bf2.4
kernel-image-2.4.18-bf2.4.

i think the servers are not upto sync and new images are not posted for apt-cache. then u might wanna go to website and load the image from there.

whatever easy/convenient for u.

apt-cache is really good because this does all the job for u, search and install.
0
 

Author Comment

by:Gnustome
ID: 9893872
My Linux partition has direct connection to the internet through a router.  I hope I'm not being redundant, MK, but does your post dated 12/5/03 explain how to change from 2.4.18 to 2.4.23?
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question