FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Enterprise Watch List

 
 
LinkBack Thread Tools
 
Old 05-05-2010, 01:19 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2010:0394-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0394.html
Issue date: 2010-05-05
CVE Names: CVE-2010-0729 CVE-2010-1083 CVE-2010-1085
CVE-2010-1086 CVE-2010-1188
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues, several bugs,
and add three enhancements are now available for Red Hat Enterprise Linux
4.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* RHSA-2009:1024 introduced a flaw in the ptrace implementation on Itanium
systems. ptrace_check_attach() was not called during certain ptrace()
requests. Under certain circumstances, a local, unprivileged user could use
this flaw to call ptrace() on a process they do not own, giving them
control over that process. (CVE-2010-0729, Important)

* a flaw was found in the kernel's Unidirectional Lightweight Encapsulation
(ULE) implementation. A remote attacker could send a specially-crafted ISO
MPEG-2 Transport Stream (TS) frame to a target system, resulting in a
denial of service. (CVE-2010-1086, Important)

* a use-after-free flaw was found in tcp_rcv_state_process() in the
kernel's TCP/IP protocol suite implementation. If a system using IPv6 had
the IPV6_RECVPKTINFO option set on a listening socket, a remote attacker
could send an IPv6 packet to that system, causing a kernel panic.
(CVE-2010-1188, Important)

* a divide-by-zero flaw was found in azx_position_ok() in the Intel High
Definition Audio driver, snd-hda-intel. A local, unprivileged user could
trigger this flaw to cause a denial of service. (CVE-2010-1085, Moderate)

* an information leak flaw was found in the kernel's USB implementation.
Certain USB errors could result in an uninitialized kernel buffer being
sent to user-space. An attacker with physical access to a target system
could use this flaw to cause an information leak. (CVE-2010-1083, Low)

Red Hat would like to thank Ang Way Chuang for reporting CVE-2010-1086.

Bug fixes:

* a regression prevented the Broadcom BCM5761 network device from working
when in the first (top) PCI-E slot of Hewlett-Packard (HP) Z600 systems.
Note: The card worked in the 2nd or 3rd PCI-E slot. (BZ#567205)

* the Xen hypervisor supports 168 GB of RAM for 32-bit guests. The physical
address range was set incorrectly, however, causing 32-bit,
para-virtualized Red Hat Enterprise Linux 4.8 guests to crash when launched
on AMD64 or Intel 64 hosts that have more than 64 GB of RAM. (BZ#574392)

* RHSA-2009:1024 introduced a regression, causing diskdump to fail on
systems with certain adapters using the qla2xxx driver. (BZ#577234)

* a race condition caused TX to stop in a guest using the virtio_net
driver. (BZ#580089)

* on some systems, using the "arp_validate=3" bonding option caused both
links to show as "down" even though the arp_target was responding to ARP
requests sent by the bonding driver. (BZ#580842)

* in some circumstances, when a Red Hat Enterprise Linux client connected
to a re-booted Windows-based NFS server, server-side filehandle-to-inode
mapping changes caused a kernel panic. "bad_inode_ops" handling was changed
to prevent this. Note: filehandle-to-inode mapping changes may still cause
errors, but not panics. (BZ#582908)

* when installing a Red Hat Enterprise Linux 4 guest via PXE, hard-coded
fixed-size scatterlists could conflict with host requests, causing the
guest's kernel to panic. With this update, dynamically allocated
scatterlists are used, resolving this issue. (BZ#582911)

Enhancements:

* kernel support for connlimit. Note: iptables errata update RHBA-2010:0395
is also required for connlimit to work correctly. (BZ#563223)

* support for the Intel architectural performance monitoring subsystem
(arch_perfmon). On supported CPUs, arch_perfmon offers means to mark
performance events and options for configuring and counting these events.
(BZ#582913)

* kernel support for OProfile sampling of Intel microarchitecture (Nehalem)
CPUs. This update alone does not address OProfile support for such CPUs. A
future oprofile package update will allow OProfile to work on Intel Nehalem
CPUs. (BZ#582241)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues and add these enhancements. The system must
be rebooted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

563223 - [RFE ] Connlimit kernel module support [rhel-4.9] [rhel-4.8.z]
566624 - CVE-2010-1083 kernel: information leak via userspace USB interface
567168 - CVE-2010-1085 kernel: ALSA: hda-intel: Avoid divide by zero crash
567205 - RHEL4.8: Broadcom 5761 NIC does not work [rhel-4.8.z]
569237 - CVE-2010-1086 kernel: dvb-core: DoS bug in ULE decapsulation code
572007 - CVE-2010-0729 kernel: ia64: ptrace: peek_or_poke requests miss ptrace_check_attach()
574392 - [RHEL4 Xen]: i386 Guest crash when host has >= 64G RAM [rhel-4.8.z]
577234 - qla2xxx flash programming changes in 4.8 broke diskdump [rhel-4.8.z]
577711 - CVE-2010-1188 kernel: ipv6: skb is unexpectedly freed
580089 - virtio_net 'eth0' interface in a RHEL 4.8 KVM virtual machine becomes unresponsive due to stopped state [rhel-4.8.z]
580842 - [RHEL 4] bonding option arp_validate=3 does not seem to function properly with vlan tagging [rhel-4.8.z]
582241 - [RHEL 4.7] oprofile doesn't work with Nehalem (kernel support) [rhel-4.8.z]
582908 - RHEL4.8-i686 panic in vfs_getattr64() Bad EIP value. [rhel-4.8.z]
582911 - i386 rhel4.8 kvm guests crashes in virtio during installation [rhel-4.8.z]
582913 - [Intel 4.9] Support arch_perfmon for oprofile (kernel support) [rhel-4.8.z]

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm

i386:
kernel-2.6.9-89.0.25.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.25.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm
kernel-devel-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm

ppc:
kernel-2.6.9-89.0.25.EL.ppc64.rpm
kernel-2.6.9-89.0.25.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.0.25.EL.ppc64.rpm
kernel-devel-2.6.9-89.0.25.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.0.25.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.ppc64.rpm

s390:
kernel-2.6.9-89.0.25.EL.s390.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.s390.rpm
kernel-devel-2.6.9-89.0.25.EL.s390.rpm

s390x:
kernel-2.6.9-89.0.25.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.s390x.rpm
kernel-devel-2.6.9-89.0.25.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm

i386:
kernel-2.6.9-89.0.25.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm

i386:
kernel-2.6.9-89.0.25.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.25.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm
kernel-devel-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.25.EL.src.rpm

i386:
kernel-2.6.9-89.0.25.EL.i686.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm

ia64:
kernel-2.6.9-89.0.25.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.ia64.rpm
kernel-devel-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.0.25.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-0729.html
https://www.redhat.com/security/data/cve/CVE-2010-1083.html
https://www.redhat.com/security/data/cve/CVE-2010-1085.html
https://www.redhat.com/security/data/cve/CVE-2010-1086.html
https://www.redhat.com/security/data/cve/CVE-2010-1188.html
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFL4XBuXlSAg2UNWIIRAtx2AJ4r6Jah1Ep+xF8dajeuxC nYpWuDdgCfXuJL
l8rui+Lz7Xo0Np3sWW0v9RI=
=YmP8
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-04-2011, 03:57 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:0004-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0004.html
Issue date: 2011-01-04
CVE Names: CVE-2010-3432 CVE-2010-3442 CVE-2010-3699
CVE-2010-3858 CVE-2010-3859 CVE-2010-3865
CVE-2010-3876 CVE-2010-3880 CVE-2010-4083
CVE-2010-4157 CVE-2010-4161 CVE-2010-4242
CVE-2010-4247 CVE-2010-4248
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues, several bugs,
and add an enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A flaw was found in sctp_packet_config() in the Linux kernel's Stream
Control Transmission Protocol (SCTP) implementation. A remote attacker
could use this flaw to cause a denial of service. (CVE-2010-3432,
Important)

* A missing integer overflow check was found in snd_ctl_new() in the Linux
kernel's sound subsystem. A local, unprivileged user on a 32-bit system
could use this flaw to cause a denial of service or escalate their
privileges. (CVE-2010-3442, Important)

* A heap overflow flaw in the Linux kernel's Transparent Inter-Process
Communication protocol (TIPC) implementation could allow a local,
unprivileged user to escalate their privileges. (CVE-2010-3859, Important)

* An integer overflow flaw was found in the Linux kernel's Reliable
Datagram Sockets (RDS) protocol implementation. A local, unprivileged user
could use this flaw to cause a denial of service or escalate their
privileges. (CVE-2010-3865, Important)

* A flaw was found in the Xenbus code for the unified block-device I/O
interface back end. A privileged guest user could use this flaw to cause a
denial of service on the host system running the Xen hypervisor.
(CVE-2010-3699, Moderate)

* Missing sanity checks were found in setup_arg_pages() in the Linux
kernel. When making the size of the argument and environment area on the
stack very large, it could trigger a BUG_ON(), resulting in a local denial
of service. (CVE-2010-3858, Moderate)

* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for
monitoring the sockets of INET transport protocols. By sending a netlink
message with certain bytecode, a local, unprivileged user could cause a
denial of service. (CVE-2010-3880, Moderate)

* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver
in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit
system could use this flaw to cause a denial of service or escalate their
privileges. (CVE-2010-4157, Moderate)

* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243
introduced a regression. A local, unprivileged user could use this flaw to
cause a denial of service. (CVE-2010-4161, Moderate)

* A NULL pointer dereference flaw was found in the Bluetooth HCI UART
driver in the Linux kernel. A local, unprivileged user could use this flaw
to cause a denial of service. (CVE-2010-4242, Moderate)

* It was found that a malicious guest running on the Xen hypervisor could
place invalid data in the memory that the guest shared with the blkback and
blktap back-end drivers, resulting in a denial of service on the host
system. (CVE-2010-4247, Moderate)

* A flaw was found in the Linux kernel's CPU time clocks implementation for
the POSIX clock interface. A local, unprivileged user could use this flaw
to cause a denial of service. (CVE-2010-4248, Moderate)

* Missing initialization flaws in the Linux kernel could lead to
information leaks. (CVE-2010-3876, CVE-2010-4083, Low)

Red Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,
CVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting
CVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for
reporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy
Kulikov for reporting CVE-2010-3876.

This update also fixes several bugs and adds an enhancement. Documentation
for the bug fixes and the enhancement will be available shortly from the
Technical Notes document, linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

636411 - CVE-2010-3699 kernel: guest->host denial of service from invalid xenbus transitions
637675 - CVE-2010-3432 kernel: sctp: do not reset the packet during sctp_packet_config
638478 - CVE-2010-3442 kernel: prevent heap corruption in snd_ctl_new()
641410 - CVE-2010-4242 kernel: missing tty ops write function presence check in hci_uart_tty_open()
643339 - [Intel/Cisco 5.6 Bug] ixgbe: include ability to disable MSI-X [rhel-5.5.z]
643344 - kernel: Problem with execve(2) reintroduced [rhel-5.5.z]
643345 - netback does not properly get to the Connected state after it's been Closed [rhel-5.5.z]
643347 - kernel: security: testing the wrong variable in create_by_name() [rhel-5.5.z]
645222 - CVE-2010-3858 kernel: setup_arg_pages: diagnose excessive argument size
645867 - CVE-2010-3859 kernel: tipc: heap overflow in tipc_msg_build()
646765 - RHEL5.6 Include DL580 G7 in bfsort whitelist [rhel-5.5.z]
647416 - CVE-2010-3865 kernel: iovec integer overflow in net/rds/rdma.c
647681 - bond0 only works in promisc mode [rhel-5.5.z]
648673 - CVE-2010-4083 kernel: ipc/sem.c: reading uninitialized stack memory
648938 - x86_64 host on Nehalem-EX machines will panic when installing a 4.8 GA kvm guest [rhel-5.5.z]
649255 - bnx2 adapter periodically dropping received packets [rhel-5.5.z]
649715 - CVE-2010-3876 kernel: net/packet/af_packet.c: reading uninitialized stack memory
651147 - CVE-2010-4157 kernel: gdth: integer overflow in ioc_general()
651264 - CVE-2010-3880 kernel: logic error in INET_DIAG bytecode auditing
651805 - GFS2: stuck in inode wait, no glocks stuck [rhel-5.5.z]
651811 - GFS2: BUG_ON kernel panic in gfs2_glock_hold on 2.6.18-226 [rhel-5.5.z]
651818 - [5.5] Hangs up during booting due to a spinlock problem. [rhel-5.5.z]
652534 - CVE-2010-4161 kernel: rhel5 commit 6865201191 caused deadlock
652561 - Scheduling while atomic when removing slave tg3 interface from bonding [rhel-5.5.z]
653335 - flock performance with DLM in RHEL 5.5 [rhel-5.5.z]
656206 - CVE-2010-4247 xen: request-processing loop is unbounded in blkback
656264 - CVE-2010-4248 kernel: posix-cpu-timers: workaround to suppress the problems with mt exec
657028 - [NetApp 5.6 bug] SCSI ALUA handler fails to handle ALUA transitioning properly [rhel-5.5.z]
657029 - [NetApp 5.6 bug] qla2xxx: Kernel panic on qla24xx_queuecommand [rhel-5.5.z]
657319 - [Stratus 5.6 bug] System crashes at uhci_scan_schedule(). [rhel-5.5.z]
658079 - lpfc: set heartbeat timer off by default [rhel-5.5.z]
658378 - lpfc: fix a BUG_ON in lpfc_abort_handler [rhel-5.5.z]
658379 - lpfc: fix panic in lpfc_scsi_cmd_iocb_cmpl [rhel-5.5.z]
658520 - add round_jiffies_up and related routines [rhel-5.5.z]
658857 - dcache unused accounting problem [rhel-5.5.z]
658864 - lpfc: fix crashes on NULL pnode dereference [rhel-5.5.z]
658934 - [NetApp 5.6 bug] regression: allow offlined devs to be set to running [rhel-5.5.z]
663353 - System crashes at .nfs_flush_incompatible [rhel-5.5.z]
663381 - [REG][5.6] kernel panic occurs by writing a file on optional mount "sync/noac" of NFSv4. [rhel-5.5.z]
664416 - [REG][5.6] kernel panic occurs by reading an empty file on optional mount "sync/noac" of NFSv4. [rhel-5.5.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-194.32.1.el5.src.rpm

i386:
kernel-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.i686.rpm
kernel-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-headers-2.6.18-194.32.1.el5.i386.rpm
kernel-xen-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-194.32.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.x86_64.rpm
kernel-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-headers-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-194.32.1.el5.src.rpm

i386:
kernel-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.i686.rpm
kernel-devel-2.6.18-194.32.1.el5.i686.rpm
kernel-headers-2.6.18-194.32.1.el5.i386.rpm
kernel-xen-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-194.32.1.el5.i686.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.i686.rpm

ia64:
kernel-2.6.18-194.32.1.el5.ia64.rpm
kernel-debug-2.6.18-194.32.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.ia64.rpm
kernel-devel-2.6.18-194.32.1.el5.ia64.rpm
kernel-headers-2.6.18-194.32.1.el5.ia64.rpm
kernel-xen-2.6.18-194.32.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-194.32.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-194.32.1.el5.noarch.rpm

ppc:
kernel-2.6.18-194.32.1.el5.ppc64.rpm
kernel-debug-2.6.18-194.32.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.ppc64.rpm
kernel-devel-2.6.18-194.32.1.el5.ppc64.rpm
kernel-headers-2.6.18-194.32.1.el5.ppc.rpm
kernel-headers-2.6.18-194.32.1.el5.ppc64.rpm
kernel-kdump-2.6.18-194.32.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-194.32.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-194.32.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-194.32.1.el5.s390x.rpm
kernel-debug-2.6.18-194.32.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.s390x.rpm
kernel-devel-2.6.18-194.32.1.el5.s390x.rpm
kernel-headers-2.6.18-194.32.1.el5.s390x.rpm
kernel-kdump-2.6.18-194.32.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-194.32.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-194.32.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-194.32.1.el5.x86_64.rpm
kernel-devel-2.6.18-194.32.1.el5.x86_64.rpm
kernel-headers-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-194.32.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.32.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-3432.html
https://www.redhat.com/security/data/cve/CVE-2010-3442.html
https://www.redhat.com/security/data/cve/CVE-2010-3699.html
https://www.redhat.com/security/data/cve/CVE-2010-3858.html
https://www.redhat.com/security/data/cve/CVE-2010-3859.html
https://www.redhat.com/security/data/cve/CVE-2010-3865.html
https://www.redhat.com/security/data/cve/CVE-2010-3876.html
https://www.redhat.com/security/data/cve/CVE-2010-3880.html
https://www.redhat.com/security/data/cve/CVE-2010-4083.html
https://www.redhat.com/security/data/cve/CVE-2010-4157.html
https://www.redhat.com/security/data/cve/CVE-2010-4161.html
https://www.redhat.com/security/data/cve/CVE-2010-4242.html
https://www.redhat.com/security/data/cve/CVE-2010-4247.html
https://www.redhat.com/security/data/cve/CVE-2010-4248.html
https://access.redhat.com/security/updates/classification/#important
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.5_Technical_Notes/kernel.html#RHSA-2011-0004

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNI1F5XlSAg2UNWIIRAuxcAJ9FgzZ5Oh6aP6XpdwEDDK zJubbGrwCdETvg
aQKBoUrl/VhCU9P+EwVwMKU=
=92/g
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 05-10-2011, 06:17 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:0498-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0498.html
Issue date: 2011-05-10
CVE Names: CVE-2010-4250 CVE-2010-4565 CVE-2010-4649
CVE-2011-0006 CVE-2011-0711 CVE-2011-0712
CVE-2011-0726 CVE-2011-1013 CVE-2011-1016
CVE-2011-1019 CVE-2011-1044 CVE-2011-1079
CVE-2011-1080 CVE-2011-1093 CVE-2011-1573
================================================== ===================

1. Summary:

Updated kernel packages that fix several security issues, various bugs, and
add an enhancement are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* An integer overflow flaw in ib_uverbs_poll_cq() could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2010-4649, Important)

* An integer signedness flaw in drm_modeset_ctl() could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2011-1013, Important)

* The Radeon GPU drivers in the Linux kernel were missing sanity checks for
the Anti Aliasing (AA) resolve register values which could allow a local,
unprivileged user to cause a denial of service or escalate their privileges
on systems using a graphics card from the ATI Radeon R300, R400, or R500
family of cards. (CVE-2011-1016, Important)

* A flaw in dccp_rcv_state_process() could allow a remote attacker to
cause a denial of service, even when the socket was already closed.
(CVE-2011-1093, Important)

* A flaw in the Linux kernel's Stream Control Transmission Protocol (SCTP)
implementation could allow a remote attacker to cause a denial of service
if the sysctl "net.sctp.addip_enable" and "auth_enable" variables were
turned on (they are off by default). (CVE-2011-1573, Important)

* A memory leak in the inotify_init() system call. In some cases, it could
leak a group, which could allow a local, unprivileged user to eventually
cause a denial of service. (CVE-2010-4250, Moderate)

* A missing validation of a null-terminated string data structure element
in bnep_sock_ioctl() could allow a local user to cause an information leak
or a denial of service. (CVE-2011-1079, Moderate)

* An information leak in bcm_connect() in the Controller Area Network (CAN)
Broadcast Manager implementation could allow a local, unprivileged user to
leak kernel mode addresses in "/proc/net/can-bcm". (CVE-2010-4565, Low)

* A flaw was found in the Linux kernel's Integrity Measurement Architecture
(IMA) implementation. When SELinux was disabled, adding an IMA rule which
was supposed to be processed by SELinux would cause ima_match_rules() to
always succeed, ignoring any remaining rules. (CVE-2011-0006, Low)

* A missing initialization flaw in the XFS file system implementation could
lead to an information leak. (CVE-2011-0711, Low)

* Buffer overflow flaws in snd_usb_caiaq_audio_init() and
snd_usb_caiaq_midi_init() could allow a local, unprivileged user with
access to a Native Instruments USB audio device to cause a denial of
service or escalate their privileges. (CVE-2011-0712, Low)

* The start_code and end_code values in "/proc/[pid]/stat" were not
protected. In certain scenarios, this flaw could be used to defeat Address
Space Layout Randomization (ASLR). (CVE-2011-0726, Low)

* A flaw in dev_load() could allow a local user who has the CAP_NET_ADMIN
capability to load arbitrary modules from "/lib/modules/", instead of only
netdev modules. (CVE-2011-1019, Low)

* A flaw in ib_uverbs_poll_cq() could allow a local, unprivileged user to
cause an information leak. (CVE-2011-1044, Low)

* A missing validation of a null-terminated string data structure element
in do_replace() could allow a local user who has the CAP_NET_ADMIN
capability to cause an information leak. (CVE-2011-1080, Low)

Red Hat would like to thank Vegard Nossum for reporting CVE-2010-4250;
Vasiliy Kulikov for reporting CVE-2011-1079, CVE-2011-1019, and
CVE-2011-1080; Dan Rosenberg for reporting CVE-2010-4565 and CVE-2011-0711;
Rafael Dominguez Vega for reporting CVE-2011-0712; and Kees Cook for
reporting CVE-2011-0726.

This update also fixes various bugs and adds an enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to resolve these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

656830 - CVE-2010-4250 kernel: inotify memory leak
664544 - CVE-2010-4565 kernel: CAN info leak
667912 - CVE-2011-0006 kernel: ima: fix add LSM rule bug
667916 - CVE-2010-4649 CVE-2011-1044 kernel: IB/uverbs: Handle large number of entries in poll CQ
670850 - [6.0] System reset when changing EFI variable on large memory system [rhel-6.0.z]
677260 - CVE-2011-0711 kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1
677881 - CVE-2011-0712 kernel: ALSA: caiaq - Fix possible string-buffer overflow
679925 - CVE-2011-1013 kernel: drm_modeset_ctl signedness issue
680000 - CVE-2011-1016 kernel: drm/radeon/kms: check AA resolve registers on r300
680360 - CVE-2011-1019 kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN
681260 - CVE-2011-1079 kernel: bnep device field missing NULL terminator
681262 - CVE-2011-1080 kernel: ebtables stack infoleak
682954 - CVE-2011-1093 kernel: dccp: fix oops on Reset after close
683810 - [6.1] Common code infrastructure for VLAN null tagging [rhel-6.0.z]
684275 - kernel: BUG: warning at drivers/char/tty_audit.c:55/tty_audit_buf_free() [rhel-6.0.z]
684569 - CVE-2011-0726 kernel: proc: protect mm start_code/end_code in /proc/pid/stat
691777 - Bonded and vlan tagged network does not work in KVM guest [rhel-6.0.z]
694073 - 82576 stuck after PCI AER error [rhel-6.0.z]
694186 - kswapd0 100% [rhel-6.0.z]
695383 - CVE-2011-1573 kernel: sctp: fix to calc the INIT/INIT-ACK chunk length correctly to set
696889 - emc_clariion error handler panics with multiple failures [rhel-6.0.z]
698109 - Bond interface flapping and increasing rx_missed_errors [rhel-6.0.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-71.29.1.el6.src.rpm

i386:
kernel-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.29.1.el6.i686.rpm
kernel-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-headers-2.6.32-71.29.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.29.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.29.1.el6.noarch.rpm
perf-2.6.32-71.29.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.29.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.29.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-71.29.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-71.29.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.29.1.el6.noarch.rpm
perf-2.6.32-71.29.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.29.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.29.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-71.29.1.el6.src.rpm

i386:
kernel-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.29.1.el6.i686.rpm
kernel-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-headers-2.6.32-71.29.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.29.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.29.1.el6.noarch.rpm
perf-2.6.32-71.29.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-71.29.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-71.29.1.el6.ppc64.rpm
kernel-debug-2.6.32-71.29.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-71.29.1.el6.ppc64.rpm
kernel-devel-2.6.32-71.29.1.el6.ppc64.rpm
kernel-headers-2.6.32-71.29.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-71.29.1.el6.s390x.rpm
kernel-debug-2.6.32-71.29.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-71.29.1.el6.s390x.rpm
kernel-devel-2.6.32-71.29.1.el6.s390x.rpm
kernel-headers-2.6.32-71.29.1.el6.s390x.rpm
kernel-kdump-2.6.32-71.29.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-71.29.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-71.29.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.29.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.29.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-71.29.1.el6.src.rpm

i386:
kernel-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-71.29.1.el6.i686.rpm
kernel-devel-2.6.32-71.29.1.el6.i686.rpm
kernel-headers-2.6.32-71.29.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-71.29.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.29.1.el6.noarch.rpm
perf-2.6.32-71.29.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-71.29.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-71.29.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.29.1.el6.x86_64.rpm
kernel-headers-2.6.32-71.29.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-4250.html
https://www.redhat.com/security/data/cve/CVE-2010-4565.html
https://www.redhat.com/security/data/cve/CVE-2010-4649.html
https://www.redhat.com/security/data/cve/CVE-2011-0006.html
https://www.redhat.com/security/data/cve/CVE-2011-0711.html
https://www.redhat.com/security/data/cve/CVE-2011-0712.html
https://www.redhat.com/security/data/cve/CVE-2011-0726.html
https://www.redhat.com/security/data/cve/CVE-2011-1013.html
https://www.redhat.com/security/data/cve/CVE-2011-1016.html
https://www.redhat.com/security/data/cve/CVE-2011-1019.html
https://www.redhat.com/security/data/cve/CVE-2011-1044.html
https://www.redhat.com/security/data/cve/CVE-2011-1079.html
https://www.redhat.com/security/data/cve/CVE-2011-1080.html
https://www.redhat.com/security/data/cve/CVE-2011-1093.html
https://www.redhat.com/security/data/cve/CVE-2011-1573.html
https://access.redhat.com/security/updates/classification/#important
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Technical_Notes/ape.html#RHSA-2011-0498

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNyYEIXlSAg2UNWIIRApOPAJ9d2GxxFDJ3540hXC1DkG SR/w1uaACgxDSg
CYFkRIX8d97QT3PFWn9Hjao=
=hZyP
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 08-23-2011, 02:48 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:1189-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1189.html
Issue date: 2011-08-23
CVE Names: CVE-2011-1182 CVE-2011-1576 CVE-2011-1593
CVE-2011-1776 CVE-2011-1898 CVE-2011-2183
CVE-2011-2213 CVE-2011-2491 CVE-2011-2492
CVE-2011-2495 CVE-2011-2497 CVE-2011-2517
CVE-2011-2689 CVE-2011-2695
================================================== ===================

1. Summary:

Updated kernel packages that fix several security issues, various bugs, and
add two enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

Security issues:

* Using PCI passthrough without interrupt remapping support allowed KVM
guests to generate MSI interrupts and thus potentially inject traps. A
privileged guest user could use this flaw to crash the host or possibly
escalate their privileges on the host. The fix for this issue can prevent
PCI passthrough working and guests starting. Refer to Red Hat Bugzilla bug
715555 for details. (CVE-2011-1898, Important)

* Flaw in the client-side NLM implementation could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-2491, Important)

* Integer underflow in the Bluetooth implementation could allow a remote
attacker to cause a denial of service or escalate their privileges by
sending a specially-crafted request to a target system via Bluetooth.
(CVE-2011-2497, Important)

* Buffer overflows in the netlink-based wireless configuration interface
implementation could allow a local user, who has the CAP_NET_ADMIN
capability, to cause a denial of service or escalate their privileges on
systems that have an active wireless interface. (CVE-2011-2517, Important)

* Flaw in the way the maximum file offset was handled for ext4 file systems
could allow a local, unprivileged user to cause a denial of service.
(CVE-2011-2695, Important)

* Flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker
on the local network could use this flaw to send crafted packets to a
target, possibly causing a denial of service. (CVE-2011-1576, Moderate)

* Integer signedness error in next_pidmap() could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-1593, Moderate)

* Race condition in the memory merging support (KSM) could allow a local,
unprivileged user to cause a denial of service. KSM is off by default, but
on systems running VDSM, or on KVM hosts, it is likely turned on by the
ksm/ksmtuned services. (CVE-2011-2183, Moderate)

* Flaw in inet_diag_bc_audit() could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-2213, Moderate)

* Flaw in the way space was allocated in the Global File System 2 (GFS2)
implementation. If the file system was almost full, and a local,
unprivileged user made an fallocate() request, it could result in a denial
of service. Setting quotas to prevent users from using all available disk
space would prevent exploitation of this flaw. (CVE-2011-2689, Moderate)

* Local, unprivileged users could send signals via the sigqueueinfo system
call, with si_code set to SI_TKILL and with spoofed process and user IDs,
to other processes. This flaw does not allow existing permission checks to
be bypassed; signals can only be sent if your privileges allow you to
already do so. (CVE-2011-1182, Low)

* Heap overflow in the EFI GUID Partition Table (GPT) implementation could
allow a local attacker to cause a denial of service by mounting a disk
containing crafted partition tables. (CVE-2011-1776, Low)

* Structure padding in two structures in the Bluetooth implementation was
not initialized properly before being copied to user-space, possibly
allowing local, unprivileged users to leak kernel stack memory to
user-space. (CVE-2011-2492, Low)

* /proc/[PID]/io is world-readable by default. Previously, these files
could be read without any further restrictions. A local, unprivileged user
could read these files, belonging to other, possibly privileged processes
to gather confidential information, such as the length of a password used
in a process. (CVE-2011-2495, Low)

Red Hat would like to thank Vasily Averin for reporting CVE-2011-2491; Dan
Rosenberg for reporting CVE-2011-2497 and CVE-2011-2213; Ryan Sweat for
reporting CVE-2011-1576; Robert Swiecki for reporting CVE-2011-1593; Andrea
Righi for reporting CVE-2011-2183; Julien Tinnes of the Google Security
Team for reporting CVE-2011-1182; Timo Warns for reporting CVE-2011-1776;
Marek Kroemeke and Filip Palian for reporting CVE-2011-2492; and Vasiliy
Kulikov of Openwall for reporting CVE-2011-2495.

4. Solution:

Refer to the Technical Notes, available shortly from the link in the
References, for bug fix and enhancement details.

Users should upgrade to these updated packages, which contain
backported patches to correct these issues, and fix the bugs and add
the enhancements noted in the Technical Notes. The system must be
rebooted for this update to take effect.

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

690028 - CVE-2011-1182 kernel signal spoofing issue
695173 - CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP
697822 - CVE-2011-1593 kernel: proc: signedness issue in next_pidmap()
703019 - CVE-2011-2492 kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace
703026 - CVE-2011-1776 kernel: validate size of EFI GUID partition entries
709393 - CVE-2011-2491 kernel: rpc task leak after flock()ing NFS share
710338 - CVE-2011-2183 kernel: ksm: race between ksmd and exiting task
713827 - Parallel port issue in RHEL 6.0 server
714536 - CVE-2011-2213 kernel: inet_diag: insufficient validation
714982 - GFS2: Update to rhel6.1 broke dovecot writing to a gfs2 filesystem
715555 - CVE-2011-1898 virt: VT-d (PCI passthrough) MSI trap injection
716539 - bump domain memory limits [6.1.z]
716805 - CVE-2011-2497 kernel: bluetooth: buffer overflow in l2cap config request
716825 - CVE-2011-2495 kernel: /proc/PID/io infoleak
718152 - CVE-2011-2517 kernel: nl80211: missing check for valid SSID size in scan operations
720861 - CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize
722557 - CVE-2011-2695 kernel: ext4: kernel panic when writing data to the last block of sparse file

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-131.12.1.el6.src.rpm

i386:
kernel-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.12.1.el6.i686.rpm
kernel-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-headers-2.6.32-131.12.1.el6.i686.rpm
perf-2.6.32-131.12.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.12.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.12.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.12.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.12.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.12.1.el6.x86_64.rpm
perf-2.6.32-131.12.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-131.12.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-131.12.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.12.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.12.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.12.1.el6.x86_64.rpm
perf-2.6.32-131.12.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-131.12.1.el6.src.rpm

i386:
kernel-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.12.1.el6.i686.rpm
kernel-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-headers-2.6.32-131.12.1.el6.i686.rpm
perf-2.6.32-131.12.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.12.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.12.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.12.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-131.12.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-131.12.1.el6.ppc64.rpm
kernel-debug-2.6.32-131.12.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-131.12.1.el6.ppc64.rpm
kernel-devel-2.6.32-131.12.1.el6.ppc64.rpm
kernel-headers-2.6.32-131.12.1.el6.ppc64.rpm
perf-2.6.32-131.12.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-131.12.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-131.12.1.el6.s390x.rpm
kernel-debug-2.6.32-131.12.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-131.12.1.el6.s390x.rpm
kernel-devel-2.6.32-131.12.1.el6.s390x.rpm
kernel-headers-2.6.32-131.12.1.el6.s390x.rpm
kernel-kdump-2.6.32-131.12.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-131.12.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-131.12.1.el6.s390x.rpm
perf-2.6.32-131.12.1.el6.s390x.rpm
perf-debuginfo-2.6.32-131.12.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.12.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.12.1.el6.x86_64.rpm
perf-2.6.32-131.12.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-131.12.1.el6.src.rpm

i386:
kernel-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.12.1.el6.i686.rpm
kernel-devel-2.6.32-131.12.1.el6.i686.rpm
kernel-headers-2.6.32-131.12.1.el6.i686.rpm
perf-2.6.32-131.12.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.12.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.12.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.12.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.12.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.12.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.12.1.el6.x86_64.rpm
perf-2.6.32-131.12.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.12.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1182.html
https://www.redhat.com/security/data/cve/CVE-2011-1576.html
https://www.redhat.com/security/data/cve/CVE-2011-1593.html
https://www.redhat.com/security/data/cve/CVE-2011-1776.html
https://www.redhat.com/security/data/cve/CVE-2011-1898.html
https://www.redhat.com/security/data/cve/CVE-2011-2183.html
https://www.redhat.com/security/data/cve/CVE-2011-2213.html
https://www.redhat.com/security/data/cve/CVE-2011-2491.html
https://www.redhat.com/security/data/cve/CVE-2011-2492.html
https://www.redhat.com/security/data/cve/CVE-2011-2495.html
https://www.redhat.com/security/data/cve/CVE-2011-2497.html
https://www.redhat.com/security/data/cve/CVE-2011-2517.html
https://www.redhat.com/security/data/cve/CVE-2011-2689.html
https://www.redhat.com/security/data/cve/CVE-2011-2695.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1189
https://bugzilla.redhat.com/show_bug.cgi?id=715555

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOU72NXlSAg2UNWIIRAvuvAJ0XW+pjVB73eYV6dyMHJA KRZqTyygCeIAtM
+72YbSFubpSk5fCdBrnH5XY=
=wVAB
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 10-05-2011, 09:51 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:1350-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1350.html
Issue date: 2011-10-05
CVE Names: CVE-2011-1160 CVE-2011-1745 CVE-2011-1746
CVE-2011-1833 CVE-2011-2022 CVE-2011-2484
CVE-2011-2496 CVE-2011-2521 CVE-2011-2723
CVE-2011-2898 CVE-2011-2918
================================================== ===================

1. Summary:

Updated kernel packages that fix several security issues, various bugs, and
add one enhancement are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Flaws in the AGPGART driver implementation when handling certain IOCTL
commands could allow a local user to cause a denial of service or escalate
their privileges. (CVE-2011-1745, CVE-2011-2022, Important)

* An integer overflow flaw in agp_allocate_memory() could allow a local
user to cause a denial of service or escalate their privileges.
(CVE-2011-1746, Important)

* A race condition flaw was found in the Linux kernel's eCryptfs
implementation. A local attacker could use the mount.ecryptfs_private
utility to mount (and then access) a directory they would otherwise not
have access to. Note: To correct this issue, the RHSA-2011:1241
ecryptfs-utils update, which provides the user-space part of the fix, must
also be installed. (CVE-2011-1833, Moderate)

* A denial of service flaw was found in the way the taskstats subsystem
handled the registration of process exit handlers. A local, unprivileged
user could register an unlimited amount of these handlers, leading to
excessive CPU time and memory use. (CVE-2011-2484, Moderate)

* A flaw was found in the way mapping expansions were handled. A local,
unprivileged user could use this flaw to cause a wrapping condition,
triggering a denial of service. (CVE-2011-2496, Moderate)

* A flaw was found in the Linux kernel's Performance Events implementation.
It could falsely lead the NMI (Non-Maskable Interrupt) Watchdog to detect a
lockup and panic the system. A local, unprivileged user could use this flaw
to cause a denial of service (kernel panic) using the perf tool.
(CVE-2011-2521, Moderate)

* A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO
(Generic Receive Offload) fields being left in an inconsistent state. An
attacker on the local network could use this flaw to trigger a denial of
service. GRO is enabled by default in all network drivers that support it.
(CVE-2011-2723, Moderate)

* A flaw was found in the way the Linux kernel's Performance Events
implementation handled PERF_COUNT_SW_CPU_CLOCK counter overflow. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2011-2918, Moderate)

* A flaw was found in the Linux kernel's Trusted Platform Module (TPM)
implementation. A local, unprivileged user could use this flaw to leak
information to user-space. (CVE-2011-1160, Low)

* Flaws were found in the tpacket_rcv() and packet_recvmsg() functions in
the Linux kernel. A local, unprivileged user could use these flaws to leak
information to user-space. (CVE-2011-2898, Low)

Red Hat would like to thank Vasiliy Kulikov of Openwall for reporting
CVE-2011-1745, CVE-2011-2022, CVE-2011-1746, and CVE-2011-2484; the Ubuntu
Security Team for reporting CVE-2011-1833; Robert Swiecki for reporting
CVE-2011-2496; Li Yu for reporting CVE-2011-2521; Brent Meshier for
reporting CVE-2011-2723; and Peter Huewe for reporting CVE-2011-1160. The
Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall and Dan
Rosenberg as the original reporters of CVE-2011-1833.

This update also fixes various bugs and adds one enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

684671 - CVE-2011-1160 kernel: tpm infoleaks
698996 - CVE-2011-1745 CVE-2011-2022 kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls
698998 - CVE-2011-1746 kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()
713463 - UV: fscache taints kernel; NFS requires fscache; NFS taints kernel
715436 - CVE-2011-2484 kernel: taskstats: duplicate entries in listener mode can lead to DoS
716538 - CVE-2011-2496 kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
719228 - CVE-2011-2521 kernel: perf, x86: fix Intel fixed counters base initialization
726552 - CVE-2011-2723 kernel: gro: only reset frag0 when skb can be pulled
728023 - CVE-2011-2898 kernel: af_packet: infoleak
730706 - CVE-2011-2918 kernel: perf: Fix software event overflow
731172 - CVE-2011-1833 kernel: ecryptfs: mount source TOCTOU race
732379 - [bnx2x_extract_max_cfg:1079(ethxx)]Illegal configuration detected for Max BW - using 100 instead [rhel-6.1.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-131.17.1.el6.src.rpm

i386:
kernel-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.17.1.el6.i686.rpm
kernel-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-headers-2.6.32-131.17.1.el6.i686.rpm
perf-2.6.32-131.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.17.1.el6.x86_64.rpm
perf-2.6.32-131.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-131.17.1.el6.src.rpm

noarch:
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.17.1.el6.x86_64.rpm
perf-2.6.32-131.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-131.17.1.el6.src.rpm

i386:
kernel-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.17.1.el6.i686.rpm
kernel-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-headers-2.6.32-131.17.1.el6.i686.rpm
perf-2.6.32-131.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm

ppc64:
kernel-2.6.32-131.17.1.el6.ppc64.rpm
kernel-bootwrapper-2.6.32-131.17.1.el6.ppc64.rpm
kernel-debug-2.6.32-131.17.1.el6.ppc64.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.ppc64.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.ppc64.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.ppc64.rpm
kernel-debuginfo-common-ppc64-2.6.32-131.17.1.el6.ppc64.rpm
kernel-devel-2.6.32-131.17.1.el6.ppc64.rpm
kernel-headers-2.6.32-131.17.1.el6.ppc64.rpm
perf-2.6.32-131.17.1.el6.ppc64.rpm
perf-debuginfo-2.6.32-131.17.1.el6.ppc64.rpm

s390x:
kernel-2.6.32-131.17.1.el6.s390x.rpm
kernel-debug-2.6.32-131.17.1.el6.s390x.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.s390x.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.s390x.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.s390x.rpm
kernel-debuginfo-common-s390x-2.6.32-131.17.1.el6.s390x.rpm
kernel-devel-2.6.32-131.17.1.el6.s390x.rpm
kernel-headers-2.6.32-131.17.1.el6.s390x.rpm
kernel-kdump-2.6.32-131.17.1.el6.s390x.rpm
kernel-kdump-debuginfo-2.6.32-131.17.1.el6.s390x.rpm
kernel-kdump-devel-2.6.32-131.17.1.el6.s390x.rpm
perf-2.6.32-131.17.1.el6.s390x.rpm
perf-debuginfo-2.6.32-131.17.1.el6.s390x.rpm

x86_64:
kernel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.17.1.el6.x86_64.rpm
perf-2.6.32-131.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-131.17.1.el6.src.rpm

i386:
kernel-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.i686.rpm
kernel-debuginfo-common-i686-2.6.32-131.17.1.el6.i686.rpm
kernel-devel-2.6.32-131.17.1.el6.i686.rpm
kernel-headers-2.6.32-131.17.1.el6.i686.rpm
perf-2.6.32-131.17.1.el6.i686.rpm
perf-debuginfo-2.6.32-131.17.1.el6.i686.rpm

noarch:
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm

x86_64:
kernel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm
kernel-debuginfo-common-x86_64-2.6.32-131.17.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.17.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.17.1.el6.x86_64.rpm
perf-2.6.32-131.17.1.el6.x86_64.rpm
perf-debuginfo-2.6.32-131.17.1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1160.html
https://www.redhat.com/security/data/cve/CVE-2011-1745.html
https://www.redhat.com/security/data/cve/CVE-2011-1746.html
https://www.redhat.com/security/data/cve/CVE-2011-1833.html
https://www.redhat.com/security/data/cve/CVE-2011-2022.html
https://www.redhat.com/security/data/cve/CVE-2011-2484.html
https://www.redhat.com/security/data/cve/CVE-2011-2496.html
https://www.redhat.com/security/data/cve/CVE-2011-2521.html
https://www.redhat.com/security/data/cve/CVE-2011-2723.html
https://www.redhat.com/security/data/cve/CVE-2011-2898.html
https://www.redhat.com/security/data/cve/CVE-2011-2918.html
https://access.redhat.com/security/updates/classification/#important
https://rhn.redhat.com/errata/RHSA-2011-1241.html
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1350

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOjNFsXlSAg2UNWIIRAncnAJ9Eon/Io2iz0R/PUxF8qdDNeX3c/ACgo0RP
1tmPLgJU379yVB6lK9EZ1dc=
=qyeH
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 10-20-2011, 05:36 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:1386-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1386.html
Issue date: 2011-10-20
CVE Names: CVE-2009-4067 CVE-2011-1160 CVE-2011-1585
CVE-2011-1833 CVE-2011-2484 CVE-2011-2496
CVE-2011-2695 CVE-2011-2699 CVE-2011-2723
CVE-2011-2942 CVE-2011-3131 CVE-2011-3188
CVE-2011-3191 CVE-2011-3209 CVE-2011-3347
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* The maximum file offset handling for ext4 file systems could allow a
local, unprivileged user to cause a denial of service. (CVE-2011-2695,
Important)

* IPv6 fragment identification value generation could allow a remote
attacker to disrupt a target system's networking, preventing legitimate
users from accessing its services. (CVE-2011-2699, Important)

* A malicious CIFS (Common Internet File System) server could send a
specially-crafted response to a directory read request that would result in
a denial of service or privilege escalation on a system that has a CIFS
share mounted. (CVE-2011-3191, Important)

* A local attacker could use mount.ecryptfs_private to mount (and then
access) a directory they would otherwise not have access to. Note: To
correct this issue, the RHSA-2011:1241 ecryptfs-utils update must also be
installed. (CVE-2011-1833, Moderate)

* A flaw in the taskstats subsystem could allow a local, unprivileged user
to cause excessive CPU time and memory use. (CVE-2011-2484, Moderate)

* Mapping expansion handling could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-2496, Moderate)

* GRO (Generic Receive Offload) fields could be left in an inconsistent
state. An attacker on the local network could use this flaw to cause a
denial of service. GRO is enabled by default in all network drivers that
support it. (CVE-2011-2723, Moderate)

* RHSA-2011:1065 introduced a regression in the Ethernet bridge
implementation. If a system had an interface in a bridge, and an attacker
on the local network could send packets to that interface, they could cause
a denial of service on that system. Xen hypervisor and KVM (Kernel-based
Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942,
Moderate)

* A flaw in the Xen hypervisor IOMMU error handling implementation could
allow a privileged guest user, within a guest operating system that has
direct control of a PCI device, to cause performance degradation on the
host and possibly cause it to hang. (CVE-2011-3131, Moderate)

* IPv4 and IPv6 protocol sequence number and fragment ID generation could
allow a man-in-the-middle attacker to inject packets and possibly hijack
connections. Protocol sequence number and fragment IDs are now more random.
(CVE-2011-3188, Moderate)

* A flaw in the kernel's clock implementation could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-3209, Moderate)

* Non-member VLAN (virtual LAN) packet handling for interfaces in
promiscuous mode and also using the be2net driver could allow an attacker
on the local network to cause a denial of service. (CVE-2011-3347,
Moderate)

* A flaw in the auerswald USB driver could allow a local, unprivileged user
to cause a denial of service or escalate their privileges by inserting a
specially-crafted USB device. (CVE-2009-4067, Low)

* A flaw in the Trusted Platform Module (TPM) implementation could allow a
local, unprivileged user to leak information to user space. (CVE-2011-1160,
Low)

* A local, unprivileged user could possibly mount a CIFS share that
requires authentication without knowing the correct password if the mount
was already mounted by another local user. (CVE-2011-1585, Low)

Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699;
Darren Lavender for reporting CVE-2011-3191; the Ubuntu Security Team for
reporting CVE-2011-1833; Vasiliy Kulikov of Openwall for reporting
CVE-2011-2484; Robert Swiecki for reporting CVE-2011-2496; Brent Meshier
for reporting CVE-2011-2723; Dan Kaminsky for reporting CVE-2011-3188;
Yasuaki Ishimatsu for reporting CVE-2011-3209; Somnath Kotur for reporting
CVE-2011-3347; Rafael Dominguez Vega for reporting CVE-2009-4067; and Peter
Huewe for reporting CVE-2011-1160. The Ubuntu Security Team acknowledges
Vasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of
CVE-2011-1833.

4. Solution:

This update also fixes several bugs and adds one enhancement.
Documentation for these changes will be available shortly from the
Technical Notes document linked to in the References section.

Users should upgrade to these updated packages, which contain
backported patches to correct these issues, and fix the bugs and add
the enhancement noted in the Technical Notes. The system must be
rebooted for this update to take effect.

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

684671 - CVE-2011-1160 kernel: tpm infoleaks
697394 - CVE-2011-1585 kernel: cifs session reuse
715436 - CVE-2011-2484 kernel: taskstats: duplicate entries in listener mode can lead to DoS
716538 - CVE-2011-2496 kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
722393 - CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
722557 - CVE-2011-2695 kernel: ext4: kernel panic when writing data to the last block of sparse file
723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable
726552 - CVE-2011-2723 kernel: gro: only reset frag0 when skb can be pulled
728518 - win2003 i386 guest BSOD when created with e1000 nic [rhel-5.7.z]
730341 - CVE-2011-3131 kernel: xen: IOMMU fault livelock
730682 - [EL5.7] igb: failed to activate WOL on 2nd LAN port on i350 [rhel-5.7.z]
730686 - Huge performance regression in NFS client [rhel-5.7.z]
730917 - CVE-2011-2942 kernel: bridge: null pointer dereference in __br_deliver
731172 - CVE-2011-1833 kernel: ecryptfs: mount source TOCTOU race
732658 - CVE-2011-3188 kernel: net: improve sequence number generation
732869 - CVE-2011-3191 kernel: cifs: signedness issue in CIFSFindNext()
732878 - CVE-2011-3209 kernel: panic occurs when clock_gettime() is called
733665 - Incorrect values in /proc/sys/vm/dirty_writeback_centises and dirty_expire_centisecs [rhel-5.7.z]
736425 - CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS
738389 - Patch needed to allow MTU >1500 on vif prior to connecting to bridge [rhel-5.7.z]
738392 - netfront MTU drops to 1500 after domain migration [rhel-5.7.z]
739823 - 2.6.18-238.1.1.el5 or newer won't boot under Xen HVM due to linux-2.6-virt-nmi-don-t-print-nmi-stuck-messages-on-guests.patch [rhel-5.7.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-274.7.1.el5.src.rpm

i386:
kernel-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.i686.rpm
kernel-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-headers-2.6.18-274.7.1.el5.i386.rpm
kernel-xen-2.6.18-274.7.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.7.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.7.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-274.7.1.el5.src.rpm

i386:
kernel-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.i686.rpm
kernel-devel-2.6.18-274.7.1.el5.i686.rpm
kernel-headers-2.6.18-274.7.1.el5.i386.rpm
kernel-xen-2.6.18-274.7.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.7.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.7.1.el5.i686.rpm

ia64:
kernel-2.6.18-274.7.1.el5.ia64.rpm
kernel-debug-2.6.18-274.7.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.ia64.rpm
kernel-devel-2.6.18-274.7.1.el5.ia64.rpm
kernel-headers-2.6.18-274.7.1.el5.ia64.rpm
kernel-xen-2.6.18-274.7.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-274.7.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-274.7.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm

ppc:
kernel-2.6.18-274.7.1.el5.ppc64.rpm
kernel-debug-2.6.18-274.7.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.ppc64.rpm
kernel-devel-2.6.18-274.7.1.el5.ppc64.rpm
kernel-headers-2.6.18-274.7.1.el5.ppc.rpm
kernel-headers-2.6.18-274.7.1.el5.ppc64.rpm
kernel-kdump-2.6.18-274.7.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-274.7.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-274.7.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-274.7.1.el5.s390x.rpm
kernel-debug-2.6.18-274.7.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.s390x.rpm
kernel-devel-2.6.18-274.7.1.el5.s390x.rpm
kernel-headers-2.6.18-274.7.1.el5.s390x.rpm
kernel-kdump-2.6.18-274.7.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-274.7.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-274.7.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.7.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.7.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.7.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.7.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2009-4067.html
https://www.redhat.com/security/data/cve/CVE-2011-1160.html
https://www.redhat.com/security/data/cve/CVE-2011-1585.html
https://www.redhat.com/security/data/cve/CVE-2011-1833.html
https://www.redhat.com/security/data/cve/CVE-2011-2484.html
https://www.redhat.com/security/data/cve/CVE-2011-2496.html
https://www.redhat.com/security/data/cve/CVE-2011-2695.html
https://www.redhat.com/security/data/cve/CVE-2011-2699.html
https://www.redhat.com/security/data/cve/CVE-2011-2723.html
https://www.redhat.com/security/data/cve/CVE-2011-2942.html
https://www.redhat.com/security/data/cve/CVE-2011-3131.html
https://www.redhat.com/security/data/cve/CVE-2011-3188.html
https://www.redhat.com/security/data/cve/CVE-2011-3191.html
https://www.redhat.com/security/data/cve/CVE-2011-3209.html
https://www.redhat.com/security/data/cve/CVE-2011-3347.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1386
https://rhn.redhat.com/errata/RHSA-2011-1241.html
https://rhn.redhat.com/errata/RHSA-2011-1065.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOoFwHXlSAg2UNWIIRAjeRAJ96y38FGmEtyTMBRZFSXh 0DzC5ryQCgqSPG
/bUSsPcuZoEItpFWsA7sg0o=
=SPIP
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 11-29-2011, 02:04 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2011:1479-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1479.html
Issue date: 2011-11-29
CVE Names: CVE-2011-1162 CVE-2011-1898 CVE-2011-2203
CVE-2011-2494 CVE-2011-3363 CVE-2011-4110
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Using PCI passthrough without interrupt remapping support allowed Xen
hypervisor guests to generate MSI interrupts and thus potentially inject
traps. A privileged guest user could use this flaw to crash the host or
possibly escalate their privileges on the host. The fix for this issue can
prevent PCI passthrough working and guests starting. Refer to Red Hat
Bugzilla bug 715555 for details. (CVE-2011-1898, Important)

* A flaw was found in the way CIFS (Common Internet File System) shares
with DFS referrals at their root were handled. An attacker on the local
network who is able to deploy a malicious CIFS server could create a CIFS
network share that, when mounted, would cause the client system to crash.
(CVE-2011-3363, Moderate)

* A NULL pointer dereference flaw was found in the way the Linux kernel's
key management facility handled user-defined key types. A local,
unprivileged user could use the keyctl utility to cause a denial of
service. (CVE-2011-4110, Moderate)

* A flaw in the way memory containing security-related data was handled in
tpm_read() could allow a local, unprivileged user to read the results of a
previously run TPM command. (CVE-2011-1162, Low)

* A NULL pointer dereference flaw was found in the Linux kernel's HFS file
system implementation. A local attacker could use this flaw to cause a
denial of service by mounting a disk that contains a specially-crafted HFS
file system with a corrupted MDB extent record. (CVE-2011-2203, Low)

* The I/O statistics from the taskstats subsystem could be read without
any restrictions. A local, unprivileged user could use this flaw to gather
confidential information, such as the length of a password used in a
process. (CVE-2011-2494, Low)

Red Hat would like to thank Yogesh Sharma for reporting CVE-2011-3363;
Peter Huewe for reporting CVE-2011-1162; Clement Lecigne for reporting
CVE-2011-2203; and Vasiliy Kulikov of Openwall for reporting CVE-2011-2494.

This update also fixes several bugs and adds one enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

712774 - CVE-2011-2203 kernel: hfs_find_init() sb-&gt;ext_tree NULL pointer dereference
715555 - CVE-2011-1898 virt: VT-d (PCI passthrough) MSI trap injection
716842 - CVE-2011-2494 kernel: taskstats io infoleak
732629 - CVE-2011-1162 kernel: tpm: infoleak
738291 - CVE-2011-3363 kernel: cifs: always do is_path_accessible check in cifs_mount
741273 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time [rhel-5.7.z]
745726 - Host crash when pass-through fails [rhel-5.7.z]
751297 - CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-274.12.1.el5.src.rpm

i386:
kernel-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.i686.rpm
kernel-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-headers-2.6.18-274.12.1.el5.i386.rpm
kernel-xen-2.6.18-274.12.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.12.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.12.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-274.12.1.el5.src.rpm

i386:
kernel-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.i686.rpm
kernel-devel-2.6.18-274.12.1.el5.i686.rpm
kernel-headers-2.6.18-274.12.1.el5.i386.rpm
kernel-xen-2.6.18-274.12.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.12.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.12.1.el5.i686.rpm

ia64:
kernel-2.6.18-274.12.1.el5.ia64.rpm
kernel-debug-2.6.18-274.12.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.ia64.rpm
kernel-devel-2.6.18-274.12.1.el5.ia64.rpm
kernel-headers-2.6.18-274.12.1.el5.ia64.rpm
kernel-xen-2.6.18-274.12.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-274.12.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-274.12.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm

ppc:
kernel-2.6.18-274.12.1.el5.ppc64.rpm
kernel-debug-2.6.18-274.12.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.ppc64.rpm
kernel-devel-2.6.18-274.12.1.el5.ppc64.rpm
kernel-headers-2.6.18-274.12.1.el5.ppc.rpm
kernel-headers-2.6.18-274.12.1.el5.ppc64.rpm
kernel-kdump-2.6.18-274.12.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-274.12.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-274.12.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-274.12.1.el5.s390x.rpm
kernel-debug-2.6.18-274.12.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.s390x.rpm
kernel-devel-2.6.18-274.12.1.el5.s390x.rpm
kernel-headers-2.6.18-274.12.1.el5.s390x.rpm
kernel-kdump-2.6.18-274.12.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-274.12.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-274.12.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.12.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.12.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.12.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.12.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1162.html
https://www.redhat.com/security/data/cve/CVE-2011-1898.html
https://www.redhat.com/security/data/cve/CVE-2011-2203.html
https://www.redhat.com/security/data/cve/CVE-2011-2494.html
https://www.redhat.com/security/data/cve/CVE-2011-3363.html
https://www.redhat.com/security/data/cve/CVE-2011-4110.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1479
https://bugzilla.redhat.com/show_bug.cgi?id=715555

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFO1PQ3XlSAg2UNWIIRAoHZAJ0aagTQGZfUmhp52e0+8e EQislfnQCgi+He
RYgOv/moSP4Gdui4XtzxTFw=
=VAV9
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 01-10-2012, 07:23 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2012:0007-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0007.html
Issue date: 2012-01-10
CVE Names: CVE-2011-1020 CVE-2011-3637 CVE-2011-4077
CVE-2011-4132 CVE-2011-4324 CVE-2011-4325
CVE-2011-4330 CVE-2011-4348
================================================== ===================

1. Summary:

Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* A buffer overflow flaw was found in the way the Linux kernel's XFS file
system implementation handled links with overly long path names. A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2011-4077, Important)

* The fix for CVE-2011-2482 provided by RHSA-2011:1212 introduced a
regression: on systems that do not have Security-Enhanced Linux (SELinux)
in Enforcing mode, a socket lock race could occur between sctp_rcv() and
sctp_accept(). A remote attacker could use this flaw to cause a denial of
service. By default, SELinux runs in Enforcing mode on Red Hat Enterprise
Linux 5. (CVE-2011-4348, Important)

* The proc file system could allow a local, unprivileged user to obtain
sensitive information or possibly cause integrity issues. (CVE-2011-1020,
Moderate)

* A missing validation flaw was found in the Linux kernel's m_stop()
implementation. A local, unprivileged user could use this flaw to trigger a
denial of service. (CVE-2011-3637, Moderate)

* A flaw was found in the Linux kernel's Journaling Block Device (JBD).
A local attacker could use this flaw to crash the system by mounting a
specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)

* A flaw was found in the Linux kernel's encode_share_access()
implementation. A local, unprivileged user could use this flaw to trigger a
denial of service by creating a regular file on an NFSv4 (Network File
System version 4) file system via mknod(). (CVE-2011-4324, Moderate)

* A flaw was found in the Linux kernel's NFS implementation. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2011-4325, Moderate)

* A missing boundary check was found in the Linux kernel's HFS file system
implementation. A local attacker could use this flaw to cause a denial of
service or escalate their privileges by mounting a specially-crafted disk.
(CVE-2011-4330, Moderate)

Red Hat would like to thank Kees Cook for reporting CVE-2011-1020, and
Clement Lecigne for reporting CVE-2011-4330.

This update also fixes several bugs and adds one enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

680358 - CVE-2011-1020 kernel: no access restrictions of /proc/pid/* after setuid program exec
747848 - CVE-2011-3637 kernel: proc: fix oops on invalid /proc/<pid>/maps access
749156 - CVE-2011-4077 kernel: xfs: potential buffer overflow in xfs_readlink()
753341 - CVE-2011-4132 kernel: jbd/jbd2: invalid value of first log block leads to oops
755431 - CVE-2011-4330 kernel: hfs: add sanity check for file name length
755440 - CVE-2011-4324 kernel: nfsv4: mknod(2) DoS
755455 - CVE-2011-4325 kernel: nfs: diotest4 from LTP crash client null pointer deref
757143 - CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-274.17.1.el5.src.rpm

i386:
kernel-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.i686.rpm
kernel-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-headers-2.6.18-274.17.1.el5.i386.rpm
kernel-xen-2.6.18-274.17.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.17.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-274.17.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.17.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-274.17.1.el5.src.rpm

i386:
kernel-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.i686.rpm
kernel-devel-2.6.18-274.17.1.el5.i686.rpm
kernel-headers-2.6.18-274.17.1.el5.i386.rpm
kernel-xen-2.6.18-274.17.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-274.17.1.el5.i686.rpm
kernel-xen-devel-2.6.18-274.17.1.el5.i686.rpm

ia64:
kernel-2.6.18-274.17.1.el5.ia64.rpm
kernel-debug-2.6.18-274.17.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.ia64.rpm
kernel-devel-2.6.18-274.17.1.el5.ia64.rpm
kernel-headers-2.6.18-274.17.1.el5.ia64.rpm
kernel-xen-2.6.18-274.17.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-274.17.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-274.17.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-274.17.1.el5.noarch.rpm

ppc:
kernel-2.6.18-274.17.1.el5.ppc64.rpm
kernel-debug-2.6.18-274.17.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.ppc64.rpm
kernel-devel-2.6.18-274.17.1.el5.ppc64.rpm
kernel-headers-2.6.18-274.17.1.el5.ppc.rpm
kernel-headers-2.6.18-274.17.1.el5.ppc64.rpm
kernel-kdump-2.6.18-274.17.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-274.17.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-274.17.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-274.17.1.el5.s390x.rpm
kernel-debug-2.6.18-274.17.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.s390x.rpm
kernel-devel-2.6.18-274.17.1.el5.s390x.rpm
kernel-headers-2.6.18-274.17.1.el5.s390x.rpm
kernel-kdump-2.6.18-274.17.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-274.17.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-274.17.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-274.17.1.el5.x86_64.rpm
kernel-devel-2.6.18-274.17.1.el5.x86_64.rpm
kernel-headers-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-274.17.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-274.17.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-1020.html
https://www.redhat.com/security/data/cve/CVE-2011-3637.html
https://www.redhat.com/security/data/cve/CVE-2011-4077.html
https://www.redhat.com/security/data/cve/CVE-2011-4132.html
https://www.redhat.com/security/data/cve/CVE-2011-4324.html
https://www.redhat.com/security/data/cve/CVE-2011-4325.html
https://www.redhat.com/security/data/cve/CVE-2011-4330.html
https://www.redhat.com/security/data/cve/CVE-2011-4348.html
https://access.redhat.com/security/updates/classification/#important
https://rhn.redhat.com/errata/RHSA-2011-1212.html
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2012-0007

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPDJ4hXlSAg2UNWIIRAuwSAJ45E2JYyzfv5ar9QjRCIj nlGVxAigCgtRBR
eCyiujSZWtFGuKTLRUAdq2I=
=D0XJ
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 04-17-2012, 06:58 PM
 
Default Important: kernel security, bug fix, and enhancement update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2012:0480-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0480.html
Issue date: 2012-04-17
CVE Names: CVE-2012-1583
================================================== ===================

1. Summary:

Updated kernel packages that fix one security issue, various bugs, and add
one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6
implementation could lead to a use-after-free or double free flaw in
tunnel6_rcv(). A remote attacker could use this flaw to send
specially-crafted packets to a target system that is using IPv6 and also
has the xfrm6_tunnel kernel module loaded, causing it to crash.
(CVE-2012-1583, Important)

If you do not run applications that use xfrm6_tunnel, you can prevent the
xfrm6_tunnel module from being loaded by creating (as the root user) a
"/etc/modprobe.d/xfrm6_tunnel.conf" file, and adding the following line to
it:

blacklist xfrm6_tunnel

This way, the xfrm6_tunnel module cannot be loaded accidentally. A reboot
is not necessary for this change to take effect.

This update also fixes various bugs and adds an enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct this issue, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

752304 - CVE-2012-1583 kernel: ipv6: panic using raw sockets
801726 - RHEL5.8 NFSv4 regression - "ls" returns "-ENOTDIR" when listing a subdirectory of exported mount [rhel-5.8.z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-308.4.1.el5.src.rpm

i386:
kernel-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.i686.rpm
kernel-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-headers-2.6.18-308.4.1.el5.i386.rpm
kernel-xen-2.6.18-308.4.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-xen-devel-2.6.18-308.4.1.el5.i686.rpm

noarch:
kernel-doc-2.6.18-308.4.1.el5.noarch.rpm

x86_64:
kernel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.x86_64.rpm
kernel-devel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-headers-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-308.4.1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-308.4.1.el5.src.rpm

i386:
kernel-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.i686.rpm
kernel-devel-2.6.18-308.4.1.el5.i686.rpm
kernel-headers-2.6.18-308.4.1.el5.i386.rpm
kernel-xen-2.6.18-308.4.1.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-308.4.1.el5.i686.rpm
kernel-xen-devel-2.6.18-308.4.1.el5.i686.rpm

ia64:
kernel-2.6.18-308.4.1.el5.ia64.rpm
kernel-debug-2.6.18-308.4.1.el5.ia64.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.ia64.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.ia64.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.ia64.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.ia64.rpm
kernel-devel-2.6.18-308.4.1.el5.ia64.rpm
kernel-headers-2.6.18-308.4.1.el5.ia64.rpm
kernel-xen-2.6.18-308.4.1.el5.ia64.rpm
kernel-xen-debuginfo-2.6.18-308.4.1.el5.ia64.rpm
kernel-xen-devel-2.6.18-308.4.1.el5.ia64.rpm

noarch:
kernel-doc-2.6.18-308.4.1.el5.noarch.rpm

ppc:
kernel-2.6.18-308.4.1.el5.ppc64.rpm
kernel-debug-2.6.18-308.4.1.el5.ppc64.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.ppc64.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.ppc64.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.ppc64.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.ppc64.rpm
kernel-devel-2.6.18-308.4.1.el5.ppc64.rpm
kernel-headers-2.6.18-308.4.1.el5.ppc.rpm
kernel-headers-2.6.18-308.4.1.el5.ppc64.rpm
kernel-kdump-2.6.18-308.4.1.el5.ppc64.rpm
kernel-kdump-debuginfo-2.6.18-308.4.1.el5.ppc64.rpm
kernel-kdump-devel-2.6.18-308.4.1.el5.ppc64.rpm

s390x:
kernel-2.6.18-308.4.1.el5.s390x.rpm
kernel-debug-2.6.18-308.4.1.el5.s390x.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.s390x.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.s390x.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.s390x.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.s390x.rpm
kernel-devel-2.6.18-308.4.1.el5.s390x.rpm
kernel-headers-2.6.18-308.4.1.el5.s390x.rpm
kernel-kdump-2.6.18-308.4.1.el5.s390x.rpm
kernel-kdump-debuginfo-2.6.18-308.4.1.el5.s390x.rpm
kernel-kdump-devel-2.6.18-308.4.1.el5.s390x.rpm

x86_64:
kernel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-308.4.1.el5.x86_64.rpm
kernel-devel-2.6.18-308.4.1.el5.x86_64.rpm
kernel-headers-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-308.4.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-308.4.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2012-1583.html
https://access.redhat.com/security/updates/classification/#important
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.8_Technical_Notes/kernel.html#RHSA-2012-0480

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPjb0hXlSAg2UNWIIRAjiSAKCo2/sv25aI+XcZZbuMgj6DL0AujQCcDYKm
TI5pRLCMawNZ+u30AkZLRaE=
=+A4/
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 

Thread Tools




All times are GMT. The time now is 12:47 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org