Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[RHSA-2008:1017-01] Important: kernel security and bug fix update

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

=====================================================================

Red Hat Security Advisory

 

Synopsis: Important: kernel security and bug fix update

Advisory ID: RHSA-2008:1017-01

Product: Red Hat Enterprise Linux

Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-1017.html

Issue date: 2008-12-16

CVE Names: CVE-2008-3831 CVE-2008-4554 CVE-2008-4576

=====================================================================

 

1. Summary:

 

Updated kernel packages that resolve several security issues and fix

various bugs are now available for Red Hat Enterprise Linux 5.

 

This update has been rated as having important security impact by the Red

Hat Security Response Team.

 

2. Relevant releases/architectures:

 

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

 

3. Description:

 

The kernel packages contain the Linux kernel, the core of any Linux

operating system.

 

* Olaf Kirch reported a flaw in the i915 kernel driver that only affects

the Intel G33 series and newer. This flaw could, potentially, lead to local

privilege escalation. (CVE-2008-3831, Important)

 

* Miklos Szeredi reported a missing check for files opened with O_APPEND in

the sys_splice(). This could allow a local, unprivileged user to bypass the

append-only file restrictions. (CVE-2008-4554, Important)

 

* a deficiency was found in the Linux kernel Stream Control Transmission

Protocol (SCTP) implementation. This could lead to a possible denial of

service if one end of a SCTP connection did not support the AUTH extension.

(CVE-2008-4576, Important)

 

In addition, these updated packages fix the following bugs:

 

* on Itanium® systems, when a multithreaded program was traced using the

command "strace -f", messages similar to the following ones were displayed,

after which the trace would stop:

 

PANIC: attached pid 10740 exited

PANIC: handle_group_exit: 10740 leader 10721

PANIC: attached pid 10739 exited

PANIC: handle_group_exit: 10739 leader 10721

...

 

In these updated packages, tracing a multithreaded program using the

"strace -f" command no longer results in these error messages, and strace

terminates normally after tracing all threads.

 

* on big-endian systems such as PowerPC, the getsockopt() function

incorrectly returned 0 depending on the parameters passed to it when the

time to live (TTL) value equaled 255.

 

* when using an NFSv4 file system, accessing the same file with two

separate processes simultaneously resulted in the NFS client process

becoming unresponsive.

 

* on AMD64 and Intel® 64 hypervisor-enabled systems, in cases in which a

syscall correctly returned '-1' in code compiled on Red Hat Enterprise

Linux 5, the same code, when run with the strace utility, would incorrectly

return an invalid return value. This has been fixed so that on AMD64 and

Intel® 64 hypervisor-enabled systems, syscalls in compiled code return the

same, correct values as syscalls do when run with strace.

 

* on the Itanium® architecture, fully-virtualized guest domains which were

created using more than 64 GB of memory caused other guest domains not to

receive interrupts, which caused a soft lockup on other guests. All guest

domains are now able to receive interrupts regardless of their allotted memory.

 

* when user-space used SIGIO notification, which wasn't disabled before

closing a file descriptor, and was then re-enabled in a different process,

an attempt by the kernel to dereference a stale pointer led to a kernel

crash. With this fix, such a situation no longer causes a kernel crash.

 

* modifications to certain pages made through a memory-mapped region could

have been lost in cases when the NFS client needed to invalidate the page

cache for that particular memory-mapped file.

 

* fully-virtualized Windows guests became unresponsive due to the vIOSAPIC

component being multiprocessor-unsafe. With this fix, vIOSAPIC is

multiprocessor-safe and Windows guests do not become unresponsive.

 

* on certain systems, keyboard controllers were not able to withstand a

continuous flow of requests to switch keyboard LEDs on or off, which

resulted in some or all key presses not being registered by the system.

 

* on the Itanium® architecture, setting the "vm.nr_hugepages" sysctl

parameter caused a kernel stack overflow resulting in a kernel panic, and

possibly stack corruption. With this fix, setting vm.nr_hugepages works

correctly.

 

* hugepages allow the Linux kernel to utilize the multiple page size

capabilities of modern hardware architectures. In certain configurations,

systems with large amounts of memory could fail to allocate most of memory

for hugepages even if it was free, which could have resulted, for example,

in database restart failures.

 

Users should upgrade to these updated packages, which contain backported

patches to correct these issues.

 

4. Solution:

 

Before applying this update, make sure that all previously-released errata

relevant to your system have been applied.

 

This update is available via Red Hat Network. Details on how to use the Red

Hat Network to apply this update are available at

http://kbase.redhat.com/faq/docs/DOC-11259

 

5. Package List:

 

Red Hat Enterprise Linux Desktop (v. 5 client):

 

Source:

ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-92.1.22.el5.src.rpm

 

i386:

kernel-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.i686.rpm

kernel-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-headers-2.6.18-92.1.22.el5.i386.rpm

kernel-xen-2.6.18-92.1.22.el5.i686.rpm

kernel-xen-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-xen-devel-2.6.18-92.1.22.el5.i686.rpm

 

noarch:

kernel-doc-2.6.18-92.1.22.el5.noarch.rpm

 

x86_64:

kernel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.x86_64.rpm

kernel-devel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-headers-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-devel-2.6.18-92.1.22.el5.x86_64.rpm

 

Red Hat Enterprise Linux (v. 5 server):

 

Source:

ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-92.1.22.el5.src.rpm

 

i386:

kernel-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-PAE-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.i686.rpm

kernel-devel-2.6.18-92.1.22.el5.i686.rpm

kernel-headers-2.6.18-92.1.22.el5.i386.rpm

kernel-xen-2.6.18-92.1.22.el5.i686.rpm

kernel-xen-debuginfo-2.6.18-92.1.22.el5.i686.rpm

kernel-xen-devel-2.6.18-92.1.22.el5.i686.rpm

 

ia64:

kernel-2.6.18-92.1.22.el5.ia64.rpm

kernel-debug-2.6.18-92.1.22.el5.ia64.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.ia64.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.ia64.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.ia64.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.ia64.rpm

kernel-devel-2.6.18-92.1.22.el5.ia64.rpm

kernel-headers-2.6.18-92.1.22.el5.ia64.rpm

kernel-xen-2.6.18-92.1.22.el5.ia64.rpm

kernel-xen-debuginfo-2.6.18-92.1.22.el5.ia64.rpm

kernel-xen-devel-2.6.18-92.1.22.el5.ia64.rpm

 

noarch:

kernel-doc-2.6.18-92.1.22.el5.noarch.rpm

 

ppc:

kernel-2.6.18-92.1.22.el5.ppc64.rpm

kernel-debug-2.6.18-92.1.22.el5.ppc64.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.ppc64.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.ppc64.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.ppc64.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.ppc64.rpm

kernel-devel-2.6.18-92.1.22.el5.ppc64.rpm

kernel-headers-2.6.18-92.1.22.el5.ppc.rpm

kernel-headers-2.6.18-92.1.22.el5.ppc64.rpm

kernel-kdump-2.6.18-92.1.22.el5.ppc64.rpm

kernel-kdump-debuginfo-2.6.18-92.1.22.el5.ppc64.rpm

kernel-kdump-devel-2.6.18-92.1.22.el5.ppc64.rpm

 

s390x:

kernel-2.6.18-92.1.22.el5.s390x.rpm

kernel-debug-2.6.18-92.1.22.el5.s390x.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.s390x.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.s390x.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.s390x.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.s390x.rpm

kernel-devel-2.6.18-92.1.22.el5.s390x.rpm

kernel-headers-2.6.18-92.1.22.el5.s390x.rpm

kernel-kdump-2.6.18-92.1.22.el5.s390x.rpm

kernel-kdump-debuginfo-2.6.18-92.1.22.el5.s390x.rpm

kernel-kdump-devel-2.6.18-92.1.22.el5.s390x.rpm

 

x86_64:

kernel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debug-devel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-debuginfo-common-2.6.18-92.1.22.el5.x86_64.rpm

kernel-devel-2.6.18-92.1.22.el5.x86_64.rpm

kernel-headers-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-debuginfo-2.6.18-92.1.22.el5.x86_64.rpm

kernel-xen-devel-2.6.18-92.1.22.el5.x86_64.rpm

 

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://www.redhat.com/security/team/key/#package

 

6. References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3831

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4554

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4576

http://www.redhat.com/security/updates/classification/#important

 

7. Contact:

 

The Red Hat security contact is . More contact

details at https://www.redhat.com/security/team/contact/

 

Copyright 2008 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.4 (GNU/Linux)

 

iD8DBQFJR2NcXlSAg2UNWIIRAtJdAKCqKJueg3rKLpmuhO5WlE2pF+PNYACeLp5p

ZpKKOdpNV4hA3IdyoKUUwi4=

=Y0cQ

-----END PGP SIGNATURE-----

 

 

--

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×