[RHSA-2009:0225-02] Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update

[news 28]

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

=====================================================================

Red Hat Security Advisory

 

Synopsis: Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update

Advisory ID: RHSA-2009:0225-02

Product: Red Hat Enterprise Linux

Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-0225.html

Issue date: 2009-01-20

Keywords: kernel update

CVE Names: CVE-2008-5029 CVE-2008-5079 CVE-2008-5182

=====================================================================

 

1. Summary:

 

Updated kernel packages that fix three security issues, address several

hundred bugs and add numerous enhancements are now available as part of the

ongoing support and maintenance of Red Hat Enterprise Linux version 5. This

is the third regular update.

 

This update has been rated as having important security impact by the Red

Hat Security Response Team.

 

2. Relevant releases/architectures:

 

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64

 

3. Description:

 

The Linux kernel (the core of the Linux operating system)

 

These updated packages contain 730 bug fixes and enhancements for the Linux

kernel. Space precludes a detailed description of each of these changes in

this advisory and users are therefore directed to the release notes for Red

Hat Enterprise Linux 5.3 for information on 97 of the most significant of

these changes.

 

Details of three security-related bug fixes are set out below, along with

notes on other broad categories of change not covered in the release notes.

For more detailed information on specific bug fixes or enhancements, please

consult the Bugzilla numbers listed in this advisory.

 

* when fput() was called to close a socket, the __scm_destroy() function

in the Linux kernel could make indirect recursive calls to itself. This

could, potentially, lead to a denial of service issue. (CVE-2008-5029,

Important)

 

* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A

local, unprivileged user could use the flaw to listen on the same socket

more than once, possibly causing a denial of service. (CVE-2008-5079,

Important)

 

* a race condition was found in the Linux kernel "inotify" watch removal

and umount implementation. This could allow a local, unprivileged user

to cause a privilege escalation or a denial of service. (CVE-2008-5182,

Important)

 

* Bug fixes and enhancements are provided for:

 

* support for specific NICs, including products from the following

manufacturers:

Broadcom

Chelsio

Cisco

Intel

Marvell

NetXen

Realtek

Sun

 

* Fiber Channel support, including support for Qlogic qla2xxx,

qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.

 

* support for various CPUs, including:

AMD Opteron processors with 45 nm SOI ("Shanghai")

AMD Turion Ultra processors

Cell processors

Intel Core i7 processors

 

* Xen support, including issues specific to the IA64 platform, systems

using AMD processors, and Dell Optiplex GX280 systems

 

* ext3, ext4, GFS2, NFS, and SPUFS

 

* Infiniband (including eHCA, eHEA, and IPoIB) support

 

* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support

 

* the kernel distributed lock manager (DLM)

 

* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues

specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial

connections, tape-drives, and USB

 

* ACPI, some of a general nature and some related to specific hardware

including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and

certain machines based on Intel Centrino processor technology.

 

* CIFS, including Kerberos support and a tech-preview of DFS support

 

* networking support, including IPv6, PPPoE, and IPSec

 

* support for Intel chipsets, including:

Intel Cantiga chipsets

Intel Eagle Lake chipsets

Intel i915 chipsets

Intel i965 chipsets

Intel Ibex Peak chipsets

Intel chipsets offering QuickPath Interconnects (QPI)

 

* device mapping issues, including some in device mapper itself

 

* various issues specific to IA64 and PPC

 

* CCISS, including support for Compaq SMART Array controllers P711m and

P712m and other new hardware

 

* various issues affecting specific HP systems, including:

DL785G5

XW4800

XW8600

XW8600

XW9400

 

* IOMMU support, including specific

issues with AMD and IBM Calgary hardware

 

* the audit subsystem

 

* DASD support

 

* iSCSI support, including issues specific to Chelsio T3 adapters

 

* LVM issues

 

* SCTP management information base (MIB) support

 

* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace

 

* platforms using Intel Enhanced Error Handling (EEH)

 

* EDAC issues for AMD K8 and Intel i5000

 

* ALSA, including support for new hardware

 

* futex support

 

* hugepage support

 

* Intelligent Platform Management Interface (IPMI) support

 

* issues affecting NEC/Stratus servers

 

* OFED support

 

* SELinux

 

* various Virtio issues

 

All users are advised to upgrade to these updated packages, which resolve

these issues and add these enhancements.

 

4. Solution:

 

Before applying this update, make sure that all previously-released

errata relevant to your system have been applied.

 

This update is available via Red Hat Network. Details on how to use

the Red Hat Network to apply this update are available at

http://kbase.redhat.com/faq/docs/DOC-11259

 

5. Bugs fixed (http://bugzilla.redhat.com/):

 

228836 - acpi processor module displays errors if hyperthreading disabled

231369 - GFS2 will panic if you misspell any mount options

236750 - When bonding is used and IPV6 is enabled the message of 'kernel: bond0: duplicate address detected!' is output

239604 - [RHEL5] console: kobject_add failed

243526 - IPv6 default route does not work

244135 - audit tty input

249726 - Misspellings in RPM description, suggested clarifications

250104 - RHEL5 Kernel patches for blktap statistics

254195 - use after free in nlm subsystem

350281 - IPSec Packet has no Non-ESP marker

370471 - [RFE] Add support for Wacom PTZ-431W to kernel

376831 - Read from /proc/ppc64/rtas/error_log does not honor O_NONBLOCK

382491 - duplicate packet from ipt_CLUSTERIP module

390601 - [RHEL5] EDAC k8 MC0: extended error code: GART error

406051 - Marvell NIC using skge driver loses promiscuous mode on rewiring

412691 - kernel-xen panic when X shuts down

420961 - Driver sky2 lost support for Marvell 88E8056 network controller

423521 - memory leak on size-8192 buckets with NFSV4

425341 - Please add vscnprintf and down_write_trylock to KABI Whitelist

425955 - resize2fs online resize fails with small journal

426096 - Xenoprof check_ctrs/start/stop fixes for intel family 6

426895 - fix default route doesn't work.

428275 - Need EOE (End of Event) audit message sent from kernel.

428277 - Audit subsystem SIGUSR2 support

428696 - nVidia MCP55 MCP55 Ethernet (rev a3) not functional on kernel 2.6.18-53.1.4

428720 - [RHEL5 U2] Connectathon RHEL5 client to RHEL4 server, Connectathon failure

429054 - soft lockup while unmounting a read-only filesystem with errors

429142 - RHEL5.2: ecryptfs oops after lower persistent file creation failure

429337 - Make dm interfaces available for external modules.

429941 - [RHEL5 U2] Audit fails to shutdown properly

429950 - [firewire] unable to use disk (giving up on config rom)

429951 - [firewire] unable to use disk (fw_sbp2: failed to login to ...)

430300 - [firewire] ohci iso receive support incomplete

431183 - utrace: PTRACE_POKEUSR_AREA corrupts ACR0

431365 - SCSI IO errors do not propagate properly with certain SCSI devices

431868 - mounting CIFS subshare doesn't autoconvert prepath delimiters

432057 - GFS2: d_doio stuck in readv() waiting for pagelock.

432867 - memory corruption due to portmap call succeeding after parent rpc_clnt has been freed

433661 - kernel panic with voip traffic (h323)

434538 - sr #1768018 : numlock led does not reflect the status of numlock

434800 - xenkbd can crash when probe fails

434998 - utrace: ERESTARTSYS from calling a function from a debugger

435110 - fix up remaining sctp MIB problems

435115 - kernel freezes when running script which features ecryptfs parts of kernel

435144 - whitelist: iounmap(ia64) - Failed ABI dependencies for IA64 mpt SCSI drivers

435291 - LTC41974-Pages of a memory mapped NFS file get corrupted.

436004 - 50-75 % drop in nfs-server rewrite performance compared to rhel 4.6+

436068 - [Areca 5.3 feat] Update arcmsr to version 1.20.00.15.RH1

436686 - tg3.c does not build on sparc with > 2.6.18-53.el5

436966 - e1000_clean_tx_irq: Detected Tx Unit Hang - 82546EB

437129 - Rpm install fails due to missing symbols required in myri10ge-kmod x86_64 rpm

437479 - remove extraneous error field from nfs_readdir_descriptor_t

437544 - fix bad merge in nfs3_write_done and nfs3_commit_done

437579 - batch kprobe unregister

437803 - gfs2 crash - BUG: unable to handle kernel NULL pointer dereference at virtual address

437882 - utrace: orig_rax 0x00000000ffffffff not recognized as -1

437958 - /proc/<pid>/environ not always accessible when receiving PTRACE_EVENT_EXIT

438153 - Poor LVM mirroring performance

438230 - ia64: suspecious compile warning in brew

438423 - backport patch to RHEL5 have it flip to synchronous writes when there is a write error

438761 - LTC:5.4:201049:DM-MP SCSI Hardware Handlers

439193 - Assertion failure in journal_next_log_block

439194 - Assertion failure in journal_start() at fs/jbd/transaction.c:274: 'handle->h_transaction->t_journal == journal'

439899 - [RFE] Add uvcvideo module to the kernel.

439917 - kernel: splice: fix bad unlock_page() in error case [rhel-5.3]

439918 - kernel: dio: zero struct dio with kzalloc instead of manually [rhel-5.3]

440261 - xen/ia64 asm missing srlz instruction

440413 - ecryptfs module incorrectly checks error codes in process_request_key_err

440506 - panic in aoe:aoecmd_ata_rsp during direct I/O to lvm [snap,mirror,stripe]

441615 - HP DC7700 ACPI problem

441640 - RHEL 5.1 will incorrectly mark SCSI devices as offline due to improper error handling

441716 - Fake ARP dropped after migration leading to loss of network connectivity

441832 - mptscsi race between hotremove and mptscsih_bus_reset

442426 - do not limit locked memory when RLIMIT_MEMLOCK is RLIM_INFINITY

442577 - Backport fix for possible data corruption in mark_buffer_dirty on SMP

442661 - [5.2][kdump][xen] crash failed to read vmcore from Dom0 Kernel

442723 - Xen Support more than 16 disk devices (kernel)

442736 - launching too many guests panics with "No available IRQ to bind to: increase NR_IRQS!"

442820 - IPV6DOD: ESP with 3des-cbc for encrypt and authentication set to "null"

442906 - libata: sata_nv - disable ADMA by default

442991 - Include xenpv-driver in bare metal kernel rpm.

443043 - fix setuid/setgid clearing by knfsd

443395 - cp -p does not copy mtime to CIFS share

443522 - ls shows two /proc/[pid]/limits files for every process

443618 - [REG][Xen][5.2beta] cannot open a vmcore of xen-kdump with crash

443627 - kernel dm snapshot: PPC64: kernel OOPS during activation of snapshot with small chunksize

443645 - ST Driver causing kernel panic condition

443853 - RHEL 5.3 NULL pointer dereferenced in powernowk8_init

443896 - RFE: [Ext4 enabler] backport vfs helpers to facilitate ext4 backport and testing

444582 - IPV6DOD: all MCAST_* socket options fail with 32-bit app, 64-bit kernel due to padding

444589 - xentop - incompatibility between HV and userspace toolset

444611 - kernel doesn't honor ADDR_NO_RANDOMIZE for stack

444759 - high I/O wait using 3w-9xxx

444776 - iBFT target info not parsed properly by the iscsi_ibft module

444865 - oops in cifs module while trying to stop a thread (kthread_stop) during filesystem mount

444961 - softlockup when repeatedly dropping caches

445095 - BusLogic module can't compile in the rhel 5.2 beta kernel

445211 - [RFE] DTR/DSR flow control

445422 - Feature: allow panic on softlockup warnings

445522 - clean up CIFS build warnings

445649 - [PATCH][RHEL5.1] Performance Improvement of fdatasync(2) in case of Overwrite

445674 - Direct I/O cache invalidation after sync writes

445787 - debugfs: file/directory creation error

446068 - [RHEL5] k8_edac: typo in 'EDAC k8 MC0: GART TLB errorr: '

446076 - [RHEL5 U2] iwl4965 -> compat module taints kernel

446142 - CIFS: slab error in kmem_cache_destroy(): cache `cifs_request': Can't free all objects

446188 - BUG: Don't reserve crashkernel memory > 4 GB on ia64

446250 - IPV6DOD: xfrm reverse icmp feature does not seem to work correctly.

446599 - jbd races lead to EIO for O_DIRECT

446707 - Add support for filetype option in audit subsystem

446962 - Access to firewire devices is still allowed after the device is removed from the bus.

447400 - CIFS VFS: Send error in FindClose = -9

447586 - DM failing path due to a communication failure on a single i/o

447742 - JBD: Fix typo that could result in filesystem corruption.

447748 - GFS2: lock_dlm is not always delivering callbacks in the right order

448328 - ssh connection hangs when running command producing large text output after running "service iptables restart"

448762 - FEAT: Update ieee80211 component and associated drivers

448763 - FEAT: Add rt2x00 drivers

448764 - FEAT: Add rtl818x drivers

449668 - RHEL5.3: update ecryptfs kernelspace to 2.6.26 codebase

449787 - FEAT: RHEL5.3 update acpi-cpufreq driver

449945 - Guest OS install causes host machine to crash

449948 - Add gate.lds to Documentation/dontdiff

450130 - dlm: fixes for mixed endian cluster

450132 - dlm: fixes for recovery of user lockspace

450133 - dlm: keep cached master rsbs during recovery

450135 - dlm: save master info after failed no-queue request

450136 - dlm: check for null in device_write [rhel-5.3]

450137 - dlm: fix basts for granted CW waiting PR/CW

450138 - dlm: move plock code from gfs2

450184 - Ensure that 'noac' and/or 'actimeo=0' turn off attribute caching

450219 - bonding driver can leave rtnl_lock unbalanced

450276 - GFS2: cannot use fifo nodes (named pipes)

450566 - FEAT: RHEL5.3 backport fallocate syscall

450786 - [stratus 5.3 bug] kernel NULL pointer dereference at usbdev_read

450855 - Unbalance reference count in ndisc_recv_ns

450921 - s2io intr_type documentation inaccurate

451007 - FEAT: RHEL 5.3 HDA ALSA driver update from mainstream

451008 - Rpmbuild generates incorrect packages due to typos in the kernel-2.6.spec file.

451157 - [stratus 5.3][2/2] ttyS1 lost interrupt and it stops transmitting

451196 - ip tunnel can't be bound to another device

451317 - deadlock when rpc_malloc tries to flush NFS pages

451586 - RHEL5.3: SB600/700 SATA controller PMP support

451591 - Handle invalid ACPI SLIT table

451593 - Multiple outstanding ptc.g instruction support

451745 - a check for a buggy HP SAL caused problems booting as a guest in a virtual machine

451945 - Update 3w-xxxx to version 1.26.03.000-2.6.18RH

451946 - Update 3w-9xxx to version 2.26.08.003-2.6.18RH

452004 - gfs2: BUG: unable to handle kernel paging request at ffff81002690e000

452175 - kernel BUG at arch/i386/mm/highmem-xen.c:43! with errata/RHBA-2008-0314 installed

452535 - CONFIG_AUDITSYSCALL requires SELinux

452577 - Actual & placeholder funcs have differing param counts

452761 - r8169 driver broken in 2.6.18-92+ kernels.

453038 - Missing functions in UP kernel

453094 - deadlock when lockd tries to take f_sema that it already has

453394 - [RHEL5.2]: Running strace with a bad syscall doesn't return -ENOSYS

453441 - [QLogic 5.3 bug] qla2xxx- provide additional statistics to user

453462 - update CIFS for RHEL5.3

453472 - [aacraid] aac_srb: aac_fib_send failed with status 8195

453563 - RTL8111/8168B network card does not work

453574 - virtual ethernet device stops working on reception of duplicate backend state change signals

453680 - Error in the uhci code causes usb not to work with iommu=calgary boot option

453685 - [QLogic 5.3 feat] [1/n] qla2xxx- Upstream updates: 8.01.07-k7

453711 - [5.2][nfs] ls -l shows outdated timestamp

453990 - [RHEL5.3] LTP test failure in inotify02 testcase

454711 - 'xm info' does not show correct info in 'node_to_cpu' field on ia64

454792 - document divider= option in kernel docs

455060 - PTRACE_KILL does not kill the child process, rather than the child starts running freely.

455230 - v4l2 ioctl debug messages cannot be turned off

455238 - IPsec memory leak

455308 - Altix Partitioned System

455424 - x86: show apicid for cpu in proc

455425 - x86: don't call MP_processor_info for disabled cpu

455427 - x86: don't call MP_processor_info for disabled cpu (64bit)

455434 - x86: fix PAE pmd_bad bootup warning

455447 - FEAT: RHEL 5.3: (1/2) Increase deep idle state residency on idle platforms using Nehalem class processors

455449 - FEAT: RHEL 5.3: (2/2) Increase deep idle state residency on idle platforms using Nehalem class processors

455452 - RFE: delalloc helpers for ext4

455460 - kernel NULL pointer dereference in kobject_get_path

455471 - [NEC/Stratus 5.3 bug] various crashes in md - rdev removed in the middle of ITERATE_RDEV

455478 - 2.6.26 backport of "check physical address range in ioremap" into RHEL5-U3

455491 - backport of fix endless page faults in mount_block_root for Linux 2.6 from 2.6.26 to RHEL5-U3

455504 - Backport of don't use large pages to map the first 2/4MB of memory form 2.6.26 to RHEL5-U3

455729 - close system call returns -ERESTARTSYS

455813 - Under heavy memory usage dma_alloc_coherent does not return aligned address

455900 - [QLogic 5.3 feat] qla2xxx - mgmt. API, CT pass thru

456052 - kernel: fix array out of bounds when mounting with selinux options [rhel-5.3]

456169 - Need to add 3 dlm symbols to the kernel whitelist

456215 - RHEL 5.3 HDA ALSA driver update from upstream 2008-07-22 (fixes and support for new hw)

456218 - kernel: serial open/close loop disables irq [rhel-5.3]

456300 - IPMI: Restrict keyboard io port reservation

456334 - GFS2: glock dumping misses out some glocks

456453 - GFS2: d_rwdirectempty fails with short read

456638 - [Kdump] not work on HP-XW8600

456900 - [QLogic 5.3 feat] [0/n] qla2xxx- Netlink, FCoE management API

457006 - ipv6: use timer pending to fix bridge reference count problem [rhel-5.3]

457013 - pppoe: Check packet length on all receive paths [rhel-5.3]

457018 - pppoe: Unshare skb before anything else [rhel-5.3]

457025 - ide-cd: fix oops when using growisofs [rhel-5.3]

457058 - ecryptfs page-sized memory allocations can corrupt memory

457137 - [iA64] Fix SMP-unsafe with XENMEM_add_to_physmap on HVM

457143 - RHEL5.3: misc ecryptfs fixes from 2.6.27

457300 - hang in ad_rx_machine due to second attempt to lock spin_lock

457569 - dlm get_comm() uses NULL pointer

457798 - GFS2 : gfs2meta is FUBAR

457892 - RTL8101E performance problem

457958 - Backport NetXen nic driver from upstream kernel to RHEL5.3

457961 - kprobes remove causing kernel panic on ia64 with 2.6.18-92.1.10.el5 kernel

458019 - kernel: random32: seeding improvement [rhel-5.3]

458270 - [TAHI] DAD test failure when ipv6_autoconf=yes

458289 - GFS2: rm on multiple nodes causes panic

458360 - enable userspace kernel header check

458368 - [5.0] kdump hangs up by Sysrq+C trigger

458441 - Make oprofile recognize Nehalem

458620 - Problem with aic79xx

458684 - GFS2: glock deadlock in page fault path

458718 - FEAT: RHEL 5.3 ext4 tech preview

458749 - autofs problem with symbolic links

458760 - kernel: dlm: dlm/user.c input validation fixes [rhel-5.3]

458774 - Kernel BUG at fs/nfs/namespace.c:103 (:nfs:nfs_follow_mountpoint)

458824 - Oprofile need to enable/disable all the counters for intel family 6

458936 - write barriers not supported, ext3 does not complain

458988 - Panic while using pci=use_crs for resource allocation

459062 - pppoe: Fix skb_unshare_check call position [rhel-5.3]

459092 - kernel dm mpath: fix several problems in dm-mapth target error paths

459095 - kernel dm crypt: use cond_resched

459107 - [RHEL5.3]: Hang when booting an i386 domU on an i386 HV

459221 - RHEL5.3: Patch to support new AMD HDMI Audio

459337 - dm-snap.c: Data read from snapshot may be corrupt if origin is being written to simultaneously

459436 - ext4 assembly bitops failures on s390

459460 - kernel: cpufreq: fix format string bug [rhel-5.3]

459463 - kernel: binfmt_misc.c: avoid potential kernel stack overflow [rhel-5.3]

459527 - Performance degradation due to excessive spinlocking in the block layer when using logical volume that spans too many physical volumes

459556 - [TAHI] no echo reply for loopback address

459585 - dlm_recoverd in D state when using IPv6 to comunicate between nodes

459722 - [QLogic 5.3 feat] [3/n] qla2xxx - Upstream updates: 8.02.00-k5 to 8.02.00-k6

459738 - GFS2: Multiple writer performance issue.

459786 - utrace signal handling bug interferes with systemtap uprobes

459812 - IPsec crash with MAC longer than 16 bytes

459876 - network hangs and BUG() message at boot with -105.el5debug kernel

460047 - Kernel obsoletes existing Driver Updates on install

460063 - CIFS option forcedirectio fails to allow the appending of text to files.

460103 - kernel: alsa: asoc: fix double free and memory leak in many codec drivers [rhel-5.3]

460135 - CIFS: enable DFS support as tech-preview in RHEL5.3

460195 - Need SCSI transport and LLD netlink support.

460593 - backport upstream kernel support for private futexes to RHEL 5.3 kernel

460845 - Nested LVM can cause deadlock due to kcopyd

460846 - Deadlock possibility with nested LVMs with snapshots

460857 - kernel: devmem: add range_is_allowed() check to mmap_mem() [rhel-5.3]

461184 - Significant regression in time() performance

461414 - [QLogic 5.3 bug] qla2xxx/qla84xx: Fix 128Kb limitation in netlink messages;

461532 - /proc/xen on bare-metal and FV guests causes multiple issues

461537 - crypto: hmac(md5) self-test panics system

461671 - [RHEL5] nmi: crash during kdump kernel boot

461866 - net: Enable TSO if supported by at least one device

462109 - [qlogic 5.3 bug] qla2xxx - Set rport dev loss timeout consistently

462117 - [QLogic 5.3 bug] qla2xxx - Additional residual-count corrections during UNDERRUN handling.

462354 - dlm: add old plock interface

462416 - [QLogic 5.3 bug] Update qla2xxx - PCI EE error handling support

462441 - Fix NUL handling in TTY input auditing

462500 - BUG: warning when pata_sil680 loaded

462622 - spufs in RHEL5.3: missing context switch notification log

462663 - Netboot image for ppc too large

462743 - libata: rmmod pata_sil680 never returns from ata_port_detach

463206 - Regression: Tape commands are possibly retried if there is a loss of connectivity while it is running

463277 - RHEL5.3: ext4 warning on x86 build

463416 - RHEL 5.3: fix scsi regression causing udev to hang loading sr_mod

463470 - Regression: multipath was setting the REQ_FAILFAST flags which caused a performance drop

463478 - RHEL5.3: ecryptfs memory corruption

463500 - [RHEL5.3] Kernel-xen Oops EIP is at range_straddles_page_boundary+0x2c/0xd9

463503 - EEPROM/NVM of the e1000e becomes corrupted

464445 - xm trigger <domain> init causes kernel panic.

464681 - [QLogic 5.3 bug] qla2xxx/qla84xxx: Advertise qla84xx firmware rev. fix netlink code

464868 - incorrect ATA7 handing in kernel causing ABRT errors

465023 - [QLogic 5.3 bug] Update qla2xxx version to meet open source standards.

465396 - [5.3] makedumpfile: Can't get necessary symbols for excluding free pages.

465825 - panic in kcopyd during snapshot I/O

465856 - GFS2: recovery stuck

466167 - RHEL5.3: posix-timers race condition causes timer to seize up

466240 - Question for LUKS device passhprase unreadable when using Xen

466246 - Interactive installation fails with ext4dev root partition

466307 - /dev/agpart missing for intel i965 HW/82G965 Graphics

466422 - RHEL5.3: Modify SATA IDE mode quirk

466774 - [RHEL5.3] kernel kernel BUG at kernel/exit.c:1129!

467153 - [QLogic 5.3 bug] latest qlogic driver takes several minutes to find LUNs on older qla2xx controller

467216 - avc: denied { sys_resource } when using ext4dev partitions

467244 - On RHEL 5.2 32 bit rmmod bonding results in a kernel panic when configured in balance-tlb mode

467689 - GFS2: Hang when shrink_slab calls gfs2_delete_inode (the GFP_NOFS bit)

467845 - RHEL 5.3: allow tcp socket buffers grow to larger than a page size

467927 - [RHEL5] patch enabling deep C states makes a RHTS machine hang on boot

468034 - RHEL 5.3: minor virtio_net_fixes

468083 - kernel-xen doesn't boot on Dell Optiplex GX280

468148 - getsockopt() returning incorrectly in PPC

468187 - [autofs4] Incorrect "active offset mount" messages in syslog

468192 - writing data to file can fail and cause panic sometimes when using xattr on ecryptfs

468538 - dlm: add dlm_posix_set_fsid to kABI

468547 - RHEL5.3: Regression in ext3/jbd

468555 - [QLogic 5.3 bug] qla2xxx - restore disable by default of MSI, MSI-X

468573 - [QLogic 5.3 bug] qla2xxx - Correct Atmel flash-part handling

468870 - initscripts upgrade from 8.45.17 to 8.45.19 breaks arp_ip_target

468873 - [QLogic 5.3 bug] qla2xxx - fails to report Option Rom version information

468915 - [stratus/NEC 5.3 bug] System can crash when removing input device

468922 - bnx2x + 57711 MCA on BL870c

468967 - iwlagn (Montevina & Santa Rosa) fails to get associated with AP by NetworkManager frequently

469414 - [QLogic 5.3 bug] qla3xxx, qla4xxx- Update version numbers and use new format.

469444 - [All Partners 5.3 bug] allow both ACPI code paths to use the same blacklist dmi_table correctly

469710 - Various firewire bugs fixed upstream

469711 - firewire module unload hangs

469715 - libata: avoid overflow in ata_tf_to_lba48() when tf->hba_lbal> 127

469754 - kernel panic seen in ptrace_induce_signal in run of rhts test /tools/gdb/gdb-any/

469774 - RHEL53 Beta1: network installation through cxgb3 interface failed if the adapter firmware doesn't match the cxgb3 device driver requst firmware level in rhel53.

470201 - CVE-2008-5029 kernel: Unix sockets kernel panic

470267 - cifs: data corruption due to interleaved partial writes timing out

470449 - system-config-soundcard is not working on RHEL5.3 GA-snapshot1

470610 - [Emulex 5.3 bug] Update lpfc to version 8.2.0.33.3p

470625 - Netdump not functioning w/ bnx2 >= v1.8h (Broadcom Netxtreme II Network Card)

471112 - gdb on ppc hangs, then panics with a kill -9

471269 - [QLogic 5.3 bug] qla2xxx - No NPIV for Loop connections.

471576 - libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127

471639 - max_phys_segments violation with dm-linear + md raid1 + cciss

471801 - statically linked uuid segfaults in uuid_generate() on Xen kernel

471871 - dlm: fix up memory allocation flags

471903 - [broadcom 5.3 bug] bnx2: add PCI-IDs for 5716s

471933 - [brocade/Dell 5.3 bug] hts failing memory test with EDAC i5000 Non-Fatal error

472095 - RHEL5.3 e1000e: enable ECC correction on 82571 silicon

472325 - CVE-2008-5182 kernel: fix inotify watch removal/umount races

472382 - [QLogic 5.3 bug] qla2xx/qla84xx - Failure to establish link.

472504 - Need to build xen-platform-pci as a module and not into the kernel

472844 - kernel panic when modprobe -r acpi_cpufreq on centrino platform with kernel newer than 2.6.18-118

473110 - RHEL 5.3: allow tun/tap support larger MTU sizes

473114 - RHEL 5.3: allow virtio_net support larger MTU sizes

473120 - RHEL 5.3: implement virtio_net mergeable receive buffer allocate scheme

473696 - CVE-2008-5079 Linux Kernel 'atm module' Local Denial of Service

474465 - RHEL5.3: Calgary DMA errors on IBM systems

474736 - [QLogic 5.3 bug] qla4xxx - Add checks for <TargetName, ISID, TargetPortGroupTag>

474935 - fcoe: fix terminate_rport_io related problems

475652 - kdump panic introduced by hpet fix on systems without HPET

475778 - [RHEL 5.3 Xen]: Guest hang on FV save/restore

476184 - RHEL5.3 pv guests crash randomly on reboot orders.

 

6. Package List:

 

Red Hat Enterprise Linux Desktop (v. 5 client):

 

Source:

ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-128.el5.src.rpm

 

i386:

kernel-2.6.18-128.el5.i686.rpm

kernel-PAE-2.6.18-128.el5.i686.rpm

kernel-PAE-debuginfo-2.6.18-128.el5.i686.rpm

kernel-PAE-devel-2.6.18-128.el5.i686.rpm

kernel-debug-2.6.18-128.el5.i686.rpm

kernel-debug-debuginfo-2.6.18-128.el5.i686.rpm

kernel-debug-devel-2.6.18-128.el5.i686.rpm

kernel-debuginfo-2.6.18-128.el5.i686.rpm

kernel-debuginfo-common-2.6.18-128.el5.i686.rpm

kernel-devel-2.6.18-128.el5.i686.rpm

kernel-headers-2.6.18-128.el5.i386.rpm

kernel-xen-2.6.18-128.el5.i686.rpm

kernel-xen-debuginfo-2.6.18-128.el5.i686.rpm

kernel-xen-devel-2.6.18-128.el5.i686.rpm

 

noarch:

kernel-doc-2.6.18-128.el5.noarch.rpm

 

x86_64:

kernel-2.6.18-128.el5.x86_64.rpm

kernel-debug-2.6.18-128.el5.x86_64.rpm

kernel-debug-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-debug-devel-2.6.18-128.el5.x86_64.rpm

kernel-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-debuginfo-common-2.6.18-128.el5.x86_64.rpm

kernel-devel-2.6.18-128.el5.x86_64.rpm

kernel-headers-2.6.18-128.el5.x86_64.rpm

kernel-xen-2.6.18-128.el5.x86_64.rpm

kernel-xen-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-xen-devel-2.6.18-128.el5.x86_64.rpm

 

Red Hat Enterprise Linux (v. 5 server):

 

Source:

ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-128.el5.src.rpm

 

i386:

kernel-2.6.18-128.el5.i686.rpm

kernel-PAE-2.6.18-128.el5.i686.rpm

kernel-PAE-debuginfo-2.6.18-128.el5.i686.rpm

kernel-PAE-devel-2.6.18-128.el5.i686.rpm

kernel-debug-2.6.18-128.el5.i686.rpm

kernel-debug-debuginfo-2.6.18-128.el5.i686.rpm

kernel-debug-devel-2.6.18-128.el5.i686.rpm

kernel-debuginfo-2.6.18-128.el5.i686.rpm

kernel-debuginfo-common-2.6.18-128.el5.i686.rpm

kernel-devel-2.6.18-128.el5.i686.rpm

kernel-headers-2.6.18-128.el5.i386.rpm

kernel-xen-2.6.18-128.el5.i686.rpm

kernel-xen-debuginfo-2.6.18-128.el5.i686.rpm

kernel-xen-devel-2.6.18-128.el5.i686.rpm

 

ia64:

kernel-2.6.18-128.el5.ia64.rpm

kernel-debug-2.6.18-128.el5.ia64.rpm

kernel-debug-debuginfo-2.6.18-128.el5.ia64.rpm

kernel-debug-devel-2.6.18-128.el5.ia64.rpm

kernel-debuginfo-2.6.18-128.el5.ia64.rpm

kernel-debuginfo-common-2.6.18-128.el5.ia64.rpm

kernel-devel-2.6.18-128.el5.ia64.rpm

kernel-headers-2.6.18-128.el5.ia64.rpm

kernel-xen-2.6.18-128.el5.ia64.rpm

kernel-xen-debuginfo-2.6.18-128.el5.ia64.rpm

kernel-xen-devel-2.6.18-128.el5.ia64.rpm

 

noarch:

kernel-doc-2.6.18-128.el5.noarch.rpm

 

ppc:

kernel-2.6.18-128.el5.ppc64.rpm

kernel-debug-2.6.18-128.el5.ppc64.rpm

kernel-debug-debuginfo-2.6.18-128.el5.ppc64.rpm

kernel-debug-devel-2.6.18-128.el5.ppc64.rpm

kernel-debuginfo-2.6.18-128.el5.ppc64.rpm

kernel-debuginfo-common-2.6.18-128.el5.ppc64.rpm

kernel-devel-2.6.18-128.el5.ppc64.rpm

kernel-headers-2.6.18-128.el5.ppc.rpm

kernel-headers-2.6.18-128.el5.ppc64.rpm

kernel-kdump-2.6.18-128.el5.ppc64.rpm

kernel-kdump-debuginfo-2.6.18-128.el5.ppc64.rpm

kernel-kdump-devel-2.6.18-128.el5.ppc64.rpm

 

s390x:

kernel-2.6.18-128.el5.s390x.rpm

kernel-debug-2.6.18-128.el5.s390x.rpm

kernel-debug-debuginfo-2.6.18-128.el5.s390x.rpm

kernel-debug-devel-2.6.18-128.el5.s390x.rpm

kernel-debuginfo-2.6.18-128.el5.s390x.rpm

kernel-debuginfo-common-2.6.18-128.el5.s390x.rpm

kernel-devel-2.6.18-128.el5.s390x.rpm

kernel-headers-2.6.18-128.el5.s390x.rpm

kernel-kdump-2.6.18-128.el5.s390x.rpm

kernel-kdump-debuginfo-2.6.18-128.el5.s390x.rpm

kernel-kdump-devel-2.6.18-128.el5.s390x.rpm

 

x86_64:

kernel-2.6.18-128.el5.x86_64.rpm

kernel-debug-2.6.18-128.el5.x86_64.rpm

kernel-debug-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-debug-devel-2.6.18-128.el5.x86_64.rpm

kernel-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-debuginfo-common-2.6.18-128.el5.x86_64.rpm

kernel-devel-2.6.18-128.el5.x86_64.rpm

kernel-headers-2.6.18-128.el5.x86_64.rpm

kernel-xen-2.6.18-128.el5.x86_64.rpm

kernel-xen-debuginfo-2.6.18-128.el5.x86_64.rpm

kernel-xen-devel-2.6.18-128.el5.x86_64.rpm

 

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://www.redhat.com/security/team/key/#package

 

7. References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5079

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5182

http://www.redhat.com/security/updates/classification/#important

 

8. Contact:

 

The Red Hat security contact is . More contact

details at https://www.redhat.com/security/team/contact/

 

Copyright 2009 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.4 (GNU/Linux)

 

iD8DBQFJdidIXlSAg2UNWIIRAvOeAJ4thof68NeyZeV/g1VIJ+7Dcxo4zQCfXLZJ

4Qvvy7k7wDkU3g0nuPVW/Mo=

=mJJC

-----END PGP SIGNATURE-----

 

 

--