LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

November 2008

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA November 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Security ERRATA for kernel on SL4.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Thu, 20 Nov 2008 13:46:54 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (192 lines)
Synopsis:	Important: kernel security and bug fix update
Issue date:	2008-11-19
CVE Names:	CVE-2008-3272 CVE-2007-6716 CVE-2007-5093
                   CVE-2008-1514 CVE-2008-3528 CVE-2008-4210

* a flaw was found in the Linux kernel's Direct-IO implementation. This
could have allowed a local unprivileged user to cause a denial of service.
(CVE-2007-6716, Important)

* when running ptrace in 31-bit mode on an IBM S/390 or IBM System z
kernel, a local unprivileged user could cause a denial of service by
reading from or writing into a padding area in the user_regs_struct32
structure. (CVE-2008-1514, Important)

* the do_truncate() and generic_file_splice_write() functions did not clear
the setuid and setgid bits. This could have allowed a local unprivileged
user to obtain access to privileged information. (CVE-2008-4210, Important)

* Tobias Klein reported a missing check in the Linux kernel's Open Sound
System (OSS) implementation. This deficiency could have led to an
information leak. (CVE-2008-3272, Moderate)

* a potential denial of service attack was discovered in the Linux kernel's
PWC USB video driver. A local unprivileged user could have used this flaw
to bring the kernel USB subsystem into the busy-waiting state.
(CVE-2007-5093, Low)

* the ext2 and ext3 file systems code failed to properly handle corrupted
data structures, leading to a possible local denial of service issue when
read or write operations were performed. (CVE-2008-3528, Low)

In addition, these updated packages fix the following bugs:

* when using the CIFS "forcedirectio" option, appending to an open file on
a CIFS share resulted in that file being overwritten with the data to be
appended.

* a kernel panic occurred when a device with PCI ID 8086:10c8 was present
on a system with a loaded ixgbe driver.

* due to an aacraid driver regression, the kernel failed to boot when trying
to load the aacraid driver and printed the following error message:
"aac_srb: aac_fib_send failed with status: 8195".

* due to an mpt driver regression, when RAID 1 was configured on Primergy
systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked
during boot.

* the mpt driver produced a large number of extraneous debugging messages
when performing a "Host reset" operation.

* due to a regression in the sym driver, the kernel panicked when a SCSI
hot swap was performed using MCP18 hardware.

* all cores on a multi-core system now scale their frequencies in
accordance with the policy set by the system's CPU frequency governor.

* the netdump subsystem suffered from several stability issues. These are
addressed in this updated kernel.

* under certain conditions, the ext3 file system reported a negative count
of used blocks.

* reading /proc/self/mem incorrectly returned "Invalid argument" instead of
"input/output error" due to a regression.

* under certain conditions, the kernel panicked when a USB device was
removed while the system was busy accessing the device.

* a race condition in the kernel could have led to a kernel crash during
the creation of a new process.

SL 4.x

    SRPMS:
kernel-2.6.9-78.0.8.EL.src.rpm
    i386:
kernel-2.6.9-78.0.8.EL.i686.rpm
kernel-devel-2.6.9-78.0.8.EL.i686.rpm
kernel-doc-2.6.9-78.0.8.EL.noarch.rpm
kernel-hugemem-2.6.9-78.0.8.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.8.EL.i686.rpm
kernel-smp-2.6.9-78.0.8.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.8.EL.i686.rpm
kernel-xenU-2.6.9-78.0.8.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.8.EL.i686.rpm
   Dependancies:
kernel-module-fuse-2.6.9-78.0.8.EL-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-78.0.8.ELhugemem-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-78.0.8.ELsmp-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-78.0.8.ELxenU-2.7.3-1.SL.i686.rpm
kernel-module-ipw3945-2.6.9-78.0.8.EL-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELhugemem-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELsmp-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELxenU-1.1.0-1.SL4.i686.rpm
kernel-module-madwifi-2.6.9-78.0.8.EL-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-2.6.9-78.0.8.ELhugemem-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-2.6.9-78.0.8.ELsmp-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.EL-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.ELhugemem-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.ELsmp-0.9.4-10.sl4.i686.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.EL-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELhugemem-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELsmp-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELxenU-1.41-1.SL.i686.rpm
kernel-module-openafs-2.6.9-78.0.8.EL-1.4.7-68.SL4.i686.rpm
kernel-module-openafs-2.6.9-78.0.8.ELhugemem-1.4.7-68.SL4.i686.rpm
kernel-module-openafs-2.6.9-78.0.8.ELsmp-1.4.7-68.SL4.i686.rpm
kernel-module-openafs-2.6.9-78.0.8.ELxenU-1.4.7-68.SL4.i686.rpm
kernel-module-r1000-2.6.9-78.0.8.EL-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-78.0.8.ELhugemem-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-78.0.8.ELsmp-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-78.0.8.ELxenU-2.2-2.SL4x.i686.rpm
   Other Dependancies:
fuse-2.7.3-1.SL.i386.rpm
fuse-devel-2.7.3-1.SL.i386.rpm
fuse-libs-2.7.3-1.SL.i386.rpm
fuse-smb-0.8.7-1.i386.rpm
fuse-sshfs-2.1-1.SL.i386.rpm
madwifi-0.9.4-10.sl4.i686.rpm
openafs-1.4.7-68.SL4.i386.rpm
openafs-authlibs-1.4.7-68.SL4.i386.rpm
openafs-authlibs-devel-1.4.7-68.SL4.i386.rpm
openafs-client-1.4.7-68.SL4.i386.rpm
openafs-compat-1.4.7-68.SL4.i386.rpm
openafs-debug-1.4.7-68.SL4.i386.rpm
openafs-devel-1.4.7-68.SL4.i386.rpm
openafs-kernel-source-1.4.7-68.SL4.i386.rpm
openafs-kpasswd-1.4.7-68.SL4.i386.rpm
openafs-krb5-1.4.7-68.SL4.i386.rpm
openafs-server-1.4.7-68.SL4.i386.rpm

    x86_64:
kernel-2.6.9-78.0.8.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.8.EL.x86_64.rpm
kernel-doc-2.6.9-78.0.8.EL.noarch.rpm
kernel-largesmp-2.6.9-78.0.8.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.8.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.8.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.8.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.8.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.8.EL.x86_64.rpm
   Dependancies:
kernel-module-fuse-2.6.9-78.0.8.EL-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-78.0.8.ELlargesmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-78.0.8.ELsmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-78.0.8.ELxenU-2.7.3-1.SL.x86_64.rpm
kernel-module-ipw3945-2.6.9-78.0.8.EL-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELsmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-78.0.8.ELxenU-1.1.0-1.SL4.x86_64.rpm
kernel-module-madwifi-2.6.9-78.0.8.EL-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-2.6.9-78.0.8.ELlargesmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-2.6.9-78.0.8.ELsmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.EL-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.ELlargesmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-78.0.8.ELsmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.EL-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELlargesmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELsmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-78.0.8.ELxenU-1.41-1.SL.x86_64.rpm
kernel-module-openafs-2.6.9-78.0.8.EL-1.4.7-68.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-78.0.8.ELlargesmp-1.4.7-68.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-78.0.8.ELsmp-1.4.7-68.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-78.0.8.ELxenU-1.4.7-68.SL4.x86_64.rpm
kernel-module-r1000-2.6.9-78.0.8.EL-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-78.0.8.ELlargesmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-78.0.8.ELsmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-78.0.8.ELxenU-2.2-2.SL4x.x86_64.rpm
   Other Dependancies:
fuse-2.7.3-1.SL.x86_64.rpm
fuse-devel-2.7.3-1.SL.x86_64.rpm
fuse-libs-2.7.3-1.SL.x86_64.rpm
fuse-smb-0.8.7-1.x86_64.rpm
fuse-sshfs-2.1-1.SL.x86_64.rpm
madwifi-0.9.4-10.sl4.x86_64.rpm
openafs-1.4.7-68.SL4.x86_64.rpm
openafs-authlibs-1.4.7-68.SL4.x86_64.rpm
openafs-authlibs-devel-1.4.7-68.SL4.x86_64.rpm
openafs-client-1.4.7-68.SL4.x86_64.rpm
openafs-compat-1.4.7-68.SL4.x86_64.rpm
openafs-debug-1.4.7-68.SL4.x86_64.rpm
openafs-devel-1.4.7-68.SL4.x86_64.rpm
openafs-kernel-source-1.4.7-68.SL4.x86_64.rpm
openafs-kpasswd-1.4.7-68.SL4.x86_64.rpm
openafs-krb5-1.4.7-68.SL4.x86_64.rpm
openafs-server-1.4.7-68.SL4.x86_64.rpm


-Connie Sieh
-Troy Dawson
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV