LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

February 2009

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA February 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Security ERRATA Important: kernel on SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Tue, 17 Feb 2009 15:07:37 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (268 lines)
Synopsis:	Important: kernel security update
Issue date:	2009-02-10
CVE Names:	CVE-2008-4933 CVE-2008-4934 CVE-2008-5025
                 CVE-2008-5713 CVE-2009-0031 CVE-2009-0065
                 CVE-2008-5029 CVE-2008-5079 CVE-2008-5182

This update addresses the following security issues:

* a memory leak in keyctl handling. A local user could use this flaw to
deplete kernel memory, eventually leading to a denial of service.
(CVE-2009-0031, Important)

* a buffer overflow in the Linux kernel Partial Reliable Stream Control
Transmission Protocol (PR-SCTP) implementation. This could, potentially,
lead to a denial of service if a Forward-TSN chunk is received with a 
large stream ID. (CVE-2009-0065, Important)

* a flaw when handling heavy network traffic on an SMP system with many
cores. An attacker who could send a large amount of network traffic 
could create a denial of service. (CVE-2008-5713, Important)

* the code for the HFS and HFS Plus (HFS+) file systems failed to 
properly handle corrupted data structures. This could, potentially, lead 
to a local denial of service. (CVE-2008-4933, CVE-2008-5025, Low)

* a flaw was found in the HFS Plus (HFS+) file system implementation. 
This could, potentially, lead to a local denial of service when write 
operations are performed. (CVE-2008-4934, Low)

* when fput() was called to close a socket, the __scm_destroy() function
in the Linux kernel could make indirect recursive calls to itself. This
could, potentially, lead to a denial of service issue. (CVE-2008-5029,
Important)

* a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A
local, unprivileged user could use the flaw to listen on the same socket
more than once, possibly causing a denial of service. (CVE-2008-5079,
Important)

* a race condition was found in the Linux kernel "inotify" watch removal
and umount implementation. This could allow a local, unprivileged user
to cause a privilege escalation or a denial of service. (CVE-2008-5182,
Important)

** Bug fixes and enhancements are provided for:

* support for specific NICs, including products from the following
manufacturers:
Broadcom
Chelsio
Cisco
Intel
Marvell
NetXen
Realtek
Sun

* Fiber Channel support, including support for Qlogic qla2xxx,
qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.

* support for various CPUs, including:
AMD Opteron processors with 45 nm SOI ("Shanghai")
AMD Turion Ultra processors
Cell processors
Intel Core i7 processors

* Xen support, including issues specific to the IA64 platform, systems
using AMD processors, and Dell Optiplex GX280 systems

* ext3, ext4, GFS2, NFS, and SPUFS

* Infiniband (including eHCA, eHEA, and IPoIB) support

* common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support

* the kernel distributed lock manager (DLM)

* hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including 
issues specific to Adaptec controllers), SATA (including NCQ), PCI, 
audio, serial connections, tape-drives, and USB

* ACPI, some of a general nature and some related to specific hardware
including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and
certain machines based on Intel Centrino processor technology.

* CIFS, including Kerberos support and a tech-preview of DFS support

* networking support, including IPv6, PPPoE, and IPSec

* support for Intel chipsets, including:
Intel Cantiga chipsets
Intel Eagle Lake chipsets
Intel i915 chipsets
Intel i965 chipsets
Intel Ibex Peak chipsets
Intel chipsets offering QuickPath Interconnects (QPI)

* device mapping issues, including some in device mapper itself

* various issues specific to IA64 and PPC

* CCISS, including support for Compaq SMART Array controllers P711m and
P712m and other new hardware

* various issues affecting specific HP systems, including:
DL785G5
XW4800
XW8600
XW8600
XW9400

* IOMMU support, including specific
issues with AMD and IBM Calgary hardware

* the audit subsystem

* DASD support

* iSCSI support, including issues specific to Chelsio T3 adapters

* LVM issues

* SCTP management information base (MIB) support

* issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace

* platforms using Intel Enhanced Error Handling (EEH)

* EDAC issues for AMD K8 and Intel i5000

* ALSA, including support for new hardware

* futex support

* hugepage support

* Intelligent Platform Management Interface (IPMI) support

* issues affecting NEC/Stratus servers

* OFED support

* SELinux

* various Virtio issues

* when using the nfsd daemon in a clustered setup, kernel panics 
appeared seemingly at random. These panics were caused by a race 
condition in the device-mapper mirror target.

* the clock_gettime(CLOCK_THREAD_CPUTIME_ID, ) syscall returned a 
smaller timespec value than the result of previous clock_gettime() 
function execution, which resulted in a negative, and nonsensical, 
elapsed time value.

* nfs_create_rpc_client was called with a "flavor" parameter which was
usually ignored and ended up unconditionally creating the RPC client 
with an AUTH_UNIX flavor. This caused problems on AUTH_GSS mounts when 
the credentials needed to be refreshed. The credops did not match the
authorization type, which resulted in the credops dereferencing an
incorrect part of the AUTH_UNIX rpc_auth struct.

* when copy_user_c terminated prematurely due to reading beyond the end 
of the user buffer and the kernel jumped to the exception table entry, 
the rsi register was not cleared. This resulted in exiting back to user 
code with garbage in the rsi register.

* the hexdump data in s390dbf traces was incomplete. The length of the 
data traced was incorrect and the SAN payload was read from a different 
place then it was written to.

* when using connected mode (CM) in IPoIB on ehca2 hardware, it was not
possible to transmit any data.

* when an application called fork() and pthread_create() many times and, 
at some point, a thread forked a child and then attempted to call the
setpgid() function, then this function failed and returned and ESRCH 
error value.

SL 5.x

     SRPMS:
kernel-2.6.18-128.1.1.el5.src.rpm
     i386:
kernel-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-2.6.18-128.1.1.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-doc-2.6.18-128.1.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.1.el5.i386.rpm
kernel-PAE-2.6.18-128.1.1.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-2.6.18-128.1.1.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.i686.rpm
   Dependancies:
aufs-0.20090202.cvs-6.sl5.i686.rpm
e4fsprogs-1.41.1-2.el5.i386.rpm
ecryptfs-utils-56-8.el5.i386.rpm
ecryptfs-utils-devel-56-8.el5.i386.rpm
iwlwifi-3945-ucode-15.28.2.8-1.el5.noarch.rpm
iwlwifi-4965-ucode-228.57.2.23-7.el5.noarch.rpm
iwlwifi-5000-ucode-5.4.A.11-1.el5.noarch.rpm
kernel-module-aufs-2.6.18-128.1.1.el5-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-128.1.1.el5PAE-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-128.1.1.el5xen-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.1.el5-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.1.el5PAE-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.1.el5xen-2.6.3-1.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.1.el5-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.1.el5PAE-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.1.el5xen-1.2.0-2.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.1.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.1.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.1.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.1.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.1.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.1.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.1.el5-1.53-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.1.el5PAE-1.53-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.1.el5xen-1.53-1.SL.i686.rpm
kernel-module-openafs-2.6.18-128.1.1.el5-1.4.7-68.SL5.i686.rpm
kernel-module-openafs-2.6.18-128.1.1.el5PAE-1.4.7-68.SL5.i686.rpm
kernel-module-openafs-2.6.18-128.1.1.el5xen-1.4.7-68.SL5.i686.rpm
kernel-module-xfs-2.6.18-128.1.1.el5-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-128.1.1.el5PAE-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-128.1.1.el5xen-0.4-2.sl5.i686.rpm
xfs-filesystem-0.4-2.sl5.i686.rpm

     x86_64:
kernel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.1.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.1.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.1.el5.noarch.rpm
kernel-headers-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.1.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.1.el5.x86_64.rpm
   Dependancies:
aufs-0.20090202.cvs-6.sl5.x86_64.rpm
e4fsprogs-1.41.1-2.el5.x86_64.rpm
ecryptfs-utils-56-8.el5.i386.rpm
ecryptfs-utils-56-8.el5.x86_64.rpm
ecryptfs-utils-devel-56-8.el5.i386.rpm
ecryptfs-utils-devel-56-8.el5.x86_64.rpm
iwlwifi-3945-ucode-15.28.2.8-1.el5.noarch.rpm
iwlwifi-4965-ucode-228.57.2.23-7.el5.noarch.rpm
iwlwifi-5000-ucode-5.4.A.11-1.el5.noarch.rpm
kernel-module-aufs-2.6.18-128.1.1.el5-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-aufs-2.6.18-128.1.1.el5xen-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-fuse-2.6.18-128.1.1.el5-2.6.3-1.sl5.x86_64.rpm
kernel-module-fuse-2.6.18-128.1.1.el5xen-2.6.3-1.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-128.1.1.el5-1.2.0-2.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-128.1.1.el5xen-1.2.0-2.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-128.1.1.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-128.1.1.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-128.1.1.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-128.1.1.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-128.1.1.el5-1.53-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-128.1.1.el5xen-1.53-1.SL.x86_64.rpm
kernel-module-openafs-2.6.18-128.1.1.el5-1.4.7-68.SL5.x86_64.rpm
kernel-module-openafs-2.6.18-128.1.1.el5xen-1.4.7-68.SL5.x86_64.rpm
kernel-module-xfs-2.6.18-128.1.1.el5-0.4-2.sl5.x86_64.rpm
kernel-module-xfs-2.6.18-128.1.1.el5xen-0.4-2.sl5.x86_64.rpm
xfs-filesystem-0.4-2.sl5.x86_64.rpm

-Connie Sieh
-Troy Dawson
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV