LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

February 2008

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA February 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: Security ERRATA for kernel on SL4.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Fri, 1 Feb 2008 23:03:48 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (199 lines)
The GFS kernel modules and components are now available for this kernel 
as well.

   i386:
cman-1.0.17-0.el4_6.3.i686.rpm
cman-devel-1.0.17-0.el4_6.3.i686.rpm
cman-kernel-2.6.9-53.8.i686.rpm
cman-kernel-hugemem-2.6.9-53.8.i686.rpm
cman-kernel-smp-2.6.9-53.8.i686.rpm
cman-kernel-xenU-2.6.9-53.8.i686.rpm
cman-kernheaders-2.6.9-53.8.i686.rpm
cmirror-kernel-2.6.9-38.7.i686.rpm
cmirror-kernel-hugemem-2.6.9-38.7.i686.rpm
cmirror-kernel-smp-2.6.9-38.7.i686.rpm
cmirror-kernel-xenU-2.6.9-38.7.i686.rpm
dlm-kernel-2.6.9-52.4.i686.rpm
dlm-kernel-hugemem-2.6.9-52.4.i686.rpm
dlm-kernel-smp-2.6.9-52.4.i686.rpm
dlm-kernel-xenU-2.6.9-52.4.i686.rpm
dlm-kernheaders-2.6.9-52.4.i686.rpm
GFS-kernel-2.6.9-75.11.i686.rpm
GFS-kernel-hugemem-2.6.9-75.11.i686.rpm
GFS-kernel-smp-2.6.9-75.11.i686.rpm
GFS-kernel-xenU-2.6.9-75.11.i686.rpm
GFS-kernheaders-2.6.9-75.11.i686.rpm
gnbd-kernel-2.6.9-10.31.i686.rpm
gnbd-kernel-hugemem-2.6.9-10.31.i686.rpm
gnbd-kernel-smp-2.6.9-10.31.i686.rpm
gnbd-kernel-xenU-2.6.9-10.31.i686.rpm
gnbd-kernheaders-2.6.9-10.31.i686.rpm

   x86_64:
cman-1.0.17-0.el4.3.x86_64.rpm
cman-devel-1.0.17-0.el4.3.x86_64.rpm
cman-kernel-2.6.9-53.8.x86_64.rpm
cman-kernel-largesmp-2.6.9-53.8.x86_64.rpm
cman-kernel-smp-2.6.9-53.8.x86_64.rpm
cman-kernel-xenU-2.6.9-53.8.x86_64.rpm
cman-kernheaders-2.6.9-53.8.x86_64.rpm
cmirror-kernel-2.6.9-38.7.x86_64.rpm
cmirror-kernel-largesmp-2.6.9-38.7.x86_64.rpm
cmirror-kernel-smp-2.6.9-38.7.x86_64.rpm
cmirror-kernel-xenU-2.6.9-38.7.x86_64.rpm
dlm-kernel-2.6.9-52.4.x86_64.rpm
dlm-kernel-largesmp-2.6.9-52.4.x86_64.rpm
dlm-kernel-smp-2.6.9-52.4.x86_64.rpm
dlm-kernel-xenU-2.6.9-52.4.x86_64.rpm
dlm-kernheaders-2.6.9-52.4.x86_64.rpm
GFS-kernel-2.6.9-75.11.x86_64.rpm
GFS-kernel-largesmp-2.6.9-75.11.x86_64.rpm
GFS-kernel-smp-2.6.9-75.11.x86_64.rpm
GFS-kernel-xenU-2.6.9-75.11.x86_64.rpm
GFS-kernheaders-2.6.9-75.11.x86_64.rpm
gnbd-kernel-2.6.9-10.31.x86_64.rpm
gnbd-kernel-largesmp-2.6.9-10.31.x86_64.rpm
gnbd-kernel-smp-2.6.9-10.31.x86_64.rpm
gnbd-kernel-xenU-2.6.9-10.31.x86_64.rpm
gnbd-kernheaders-2.6.9-10.31.x86_64.rpm

Troy Dawson wrote:
> Synopsis:       Important: kernel security and bug fix update
> Issue date:     2008-01-31
> CVE Names:      CVE-2007-4130 CVE-2007-5500 CVE-2007-6063
>                    CVE-2007-6151 CVE-2007-6206 CVE-2007-6694
>                    CVE-2008-0001
> 
> These updated kernel packages fix the following security issues:
> 
> A flaw was found in the virtual filesystem (VFS). A local unprivileged
> user could truncate directories to which they had write permission; this
> could render the contents of the directory inaccessible. (CVE-2008-0001,
> Important)
> 
> A flaw was found in the implementation of ptrace. A local unprivileged
> user could trigger this flaw and possibly cause a denial of service
> (system hang). (CVE-2007-5500, Important)
> 
> A flaw was found in the way the Red Hat Enterprise Linux 4 kernel
> handled page faults when a CPU used the NUMA method for accessing memory
> on Itanium architectures. A local unprivileged user could trigger this
> flaw and cause a denial of service (system panic). (CVE-2007-4130,
> Important)
> 
> A possible NULL pointer dereference was found in the chrp_show_cpuinfo
> function when using the PowerPC architecture. This may have allowed a
> local unprivileged user to cause a denial of service (crash).
> (CVE-2007-6694, Moderate)
> 
> A flaw was found in the way core dump files were created. If a local
> user can get a root-owned process to dump a core file into a directory,
> which the user has write access to, they could gain read access to that
> core file. This could potentially grant unauthorized access to sensitive
> information. (CVE-2007-6206, Moderate)
> 
> Two buffer overflow flaws were found in the Linux kernel ISDN subsystem.
> A local unprivileged  user could use these flaws to cause a denial of
> service. (CVE-2007-6063, CVE-2007-6151, Moderate)
> 
> As well, these updated packages fix the following bug:
> 
> * when moving volumes that contain multiple segments, and a mirror
> segment is not the first in the mapping table, running the "pvmove
> /dev/[device] /dev/[device]" command caused a kernel panic. A "kernel:
> Unable to handle kernel paging request at virtual address [address]"
> error was logged by syslog.
> 
> SL 4.x
> 
>     SRPMS:
> 
>     i386:
> kernel-2.6.9-67.0.4.EL.i686.rpm
> kernel-devel-2.6.9-67.0.4.EL.i686.rpm
> kernel-doc-2.6.9-67.0.4.EL.noarch.rpm
> kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm
> kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm
> kernel-smp-2.6.9-67.0.4.EL.i686.rpm
> kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm
> kernel-xenU-2.6.9-67.0.4.EL.i686.rpm
> kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm
>    Dependancies:
> kernel-module-fuse-2.6.9-67.0.4.EL-2.5.3-1.el4_6.i686.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELhugemem-2.5.3-1.el4_6.i686.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELsmp-2.5.3-1.el4_6.i686.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELxenU-2.5.3-1.el4_6.i686.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.EL-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELhugemem-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELsmp-1.1.0-1.SL4.i686.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELxenU-1.1.0-1.SL4.i686.rpm
> kernel-module-madwifi-2.6.9-67.0.4.EL-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-2.6.9-67.0.4.ELhugemem-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-2.6.9-67.0.4.ELsmp-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.EL-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.ELhugemem-0.9.3.1-10.sl4.i686.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.ELsmp-0.9.3.1-10.sl4.i686.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.EL-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELhugemem-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELsmp-1.41-1.SL.i686.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELxenU-1.41-1.SL.i686.rpm
> kernel-module-openafs-2.6.9-67.0.4.EL-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELhugemem-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELsmp-1.4.4-46.SL4.i686.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELxenU-1.4.4-46.SL4.i686.rpm
> kernel-module-r1000-2.6.9-67.0.4.EL-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELhugemem-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELsmp-2.2-2.SL4x.i686.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELxenU-2.2-2.SL4x.i686.rpm
> 
>     x86_64:
> kernel-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-doc-2.6.9-67.0.4.EL.noarch.rpm
> kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm
> kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm
>    Dependancies:
> kernel-module-fuse-2.6.9-67.0.4.EL-2.5.3-1.el4.x86_64.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELlargesmp-2.5.3-1.el4.x86_64.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELsmp-2.5.3-1.el4.x86_64.rpm
> kernel-module-fuse-2.6.9-67.0.4.ELxenU-2.5.3-1.el4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.EL-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELsmp-1.1.0-1.SL4.x86_64.rpm
> kernel-module-ipw3945-2.6.9-67.0.4.ELxenU-1.1.0-1.SL4.x86_64.rpm
> kernel-module-madwifi-2.6.9-67.0.4.EL-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-2.6.9-67.0.4.ELlargesmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-2.6.9-67.0.4.ELsmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.EL-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.ELlargesmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-madwifi-hal-2.6.9-67.0.4.ELsmp-0.9.3.1-10.sl4.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.EL-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELlargesmp-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELsmp-1.41-1.SL.x86_64.rpm
> kernel-module-ndiswrapper-2.6.9-67.0.4.ELxenU-1.41-1.SL.x86_64.rpm
> kernel-module-openafs-2.6.9-67.0.4.EL-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELlargesmp-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELsmp-1.4.4-46.SL4.x86_64.rpm
> kernel-module-openafs-2.6.9-67.0.4.ELxenU-1.4.4-46.SL4.x86_64.rpm
> kernel-module-r1000-2.6.9-67.0.4.EL-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELlargesmp-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELsmp-2.2-2.SL4x.x86_64.rpm
> kernel-module-r1000-2.6.9-67.0.4.ELxenU-2.2-2.SL4x.x86_64.rpm
> 
> 
> -Connie Sieh
> -Troy Dawson
> 
> 


-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/CSS  CSI Group
__________________________________________________
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV