LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

October 2009

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS October 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: TESTING - kernel for SL5
From:	Stephan Wiesand <[log in to unmask]>
Reply To:	Stephan Wiesand <[log in to unmask]>
Date:	Fri, 2 Oct 2009 14:23:57 +0200
Content-Type:	multipart/signed
Parts/Attachments:	text/plain (10 kB) , smime.p7s (5 kB)
Hi Klaus,

On Fri, 2009-10-02 at 14:04 +0200, Klaus Steinberger wrote:
> Hi Troy,
> 
> did you notice, that there is probably also a errata kernel for 5.3

yes, I think that's the one we really want. Alas, I couldn't find the
SRPM in a public place yet.

Cheers,
	Stephan


> Sincerly,
> Klaus
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Liebe Kolleginnen und Kollegen,
> 
> soeben erreichte uns nachfolgendes RedHat Security Advisory. Wir geben
> diese Informationen unveraendert an Sie weiter.
> 
> CVE-2009-2847 - Linux Kernelfunktion do_sigaltstack() saeubert Padding
> Daten nicht
> 
>    Auf 64-Bit Architekturen enthaelt die Datenstruktur des Signal Stacks
>    einige Padding Bytes. Diese werden von der Linux Kernelfunktion
>    do_sigaltstack() nicht geloescht, wenn die Datenstruktur nach dem
>    Aufruf an den Benutzer zurueckgegeben wird. Lokale Angreifer koennen
>    dadurch einen Teil des Kernel Speicherbereichs auslesen und so an
>    evtl. vertrauliche Informationen gelangen.
> 
> CVE-2009-2848 - Fehler im Linux execve() System Call
> 
>    Unter bestimmten Umstaenden wird im Linux execve() System Call der
>    "current->clear_child_tid" Pointer nicht geloescht, was beim Anlegen
>    und Loeschen von Threads dazu fuehrt, das Datenstrukturen im Kernel
>    ueberschrieben werden, falls die Threads mit den Flags
>    CLONE_CHILD_SETTID oder CLONE_CHILD_CLEARTID angelegt werden. Ein
>    lokaler Angreifer kann dies zu einem Denial of Service Angriff
>    ausnutzen.
> 
> Betroffen sind die folgenden Software Pakete und Plattformen:
> 
>    Paket kernel
> 
>    Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, noarch, ppc,
>    s390x, x86_64
> 
> 
> Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.
> 
> Hersteller Advisory:
>    https://rhn.redhat.com/errata/RHSA-2009-1466.html
> 
> 
> (c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
> Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
> DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
> gestattet.
> 
> Mit freundlichen Gruessen,
>          Detlev O. Matthies
> 
> - --
> 
> Detlev O. Matthies, M.Sc. (Incident Response Team)
> 
> DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone  +49 40 808077-555
> Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.:  DE 232129737
> Sachsenstrasse 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski
> 
> Automatische Warnmeldungen               https://www.cert.dfn.de/autowarn
> 
> - -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> =====================================================================
>                     Red Hat Security Advisory
> 
> Synopsis:          Important: kernel security and bug fix update
> Advisory ID:       RHSA-2009:1466-01
> Product:           Red Hat Enterprise Linux
> Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-1466.html
> Issue date:        2009-09-29
> CVE Names:         CVE-2009-2847 CVE-2009-2848
> =====================================================================
> 
> 1. Summary:
> 
> Updated kernel packages that fix two security issues and several bugs are
> now available for Red Hat Enterprise Linux 5.3 Extended Update Support.
> 
> This update has been rated as having important security impact by the Red
> Hat Security Response Team.
> 
> 2. Relevant releases/architectures:
> 
> Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, noarch, ppc, s390x, x86_64
> 
> 3. Description:
> 
> The kernel packages contain the Linux kernel, the core of any Linux
> operating system.
> 
> This update includes backported fixes for two security issues. These issues
> only affected users of Red Hat Enterprise Linux 5.3 Extended Update Support
> as they have already been addressed for users of Red Hat Enterprise Linux 5
> in the 5.4 update, RHSA-2009:1243.
> 
> In accordance with the support policy, future security updates to Red Hat
> Enterprise Linux 5.3 Extended Update Support will only include issues of
> critical security impact.
> 
> This update fixes the following security issues:
> 
> * it was discovered that, when executing a new process, the clear_child_tid
> pointer in the Linux kernel is not cleared. If this pointer points to a
> writable portion of the memory of the new program, the kernel could corrupt
> four bytes of memory, possibly leading to a local denial of service or
> privilege escalation. (CVE-2009-2848, Important)
> 
> * a flaw was found in the way the do_sigaltstack() function in the Linux
> kernel copies the stack_t structure to user-space. On 64-bit machines, this
> flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate)
> 
> This update also fixes the following bugs:
> 
> * a regression was found in the SCSI retry logic: SCSI mode select was not
> retried when retryable errors were encountered. In Device-Mapper Multipath
> environments, this could cause paths to fail, or possibly prevent
> successful failover. (BZ#506905)
> 
> * the gcc flag "-fno-delete-null-pointer-checks" was added to the kernel
> build options. This prevents gcc from optimizing out NULL pointer checks
> after the first use of a pointer. NULL pointer bugs are often exploited by
> attackers, and keeping these checks is considered a safety measure.
> (BZ#515468)
> 
> * due to incorrect APIC timer calibration, a system hang could have
> occurred while booting certain systems. This incorrect timer calibration
> could have also caused the system time to become faster or slower. With
> this update, it is still possible for APIC timer calibration issues to
> occur; however, a clear warning is now provided if they do. (BZ#521237)
> 
> * gettimeofday() experienced poor performance (which caused performance
> problems for applications using gettimeofday()) when running on hypervisors
> that use hardware assisted virtualization. With this update, MFENCE/LFENCE
> is used instead of CPUID for gettimeofday() serialization, which resolves
> this issue. (BZ#523280)
> 
> Users should upgrade to these updated packages, which contain backported
> patches to correct these issues. The system must be rebooted for this
> update to take effect.
> 
> 4. Solution:
> 
> Before applying this update, make sure that all previously-released
> errata relevant to your system have been applied.
> 
> This update is available via Red Hat Network.  Details on how to use
> the Red Hat Network to apply this update are available at
> http://kbase.redhat.com/faq/docs/DOC-11259
> 
> 5. Bugs fixed (http://bugzilla.redhat.com/):
> 
> 506905 - LTC 49790: Sync up SCSI DH code with mainline changes [rhel-5.3.z]
> 515392 - CVE-2009-2847 kernel: information leak in sigaltstack
> 515423 - CVE-2009-2848 kernel: execve: must clear current->clear_child_tid
> 515468 - kernel: build with -fno-delete-null-pointer-checks [rhel-5.3.z]
> 521237 - [RHEL 5] Hang on boot due to wrong APIC timer calibration [rhel-5.3.z]
> 523280 - RFE: improve gettimeofday performance on hypervisors [rhel-5.3.z]
> 
> 6. Package List:
> 
> Red Hat Enterprise Linux (v. 5.3.z server):
> 
> i386:
> kernel-2.6.18-128.8.1.el5.i686.rpm
> kernel-PAE-2.6.18-128.8.1.el5.i686.rpm
> kernel-PAE-debuginfo-2.6.18-128.8.1.el5.i686.rpm
> kernel-PAE-devel-2.6.18-128.8.1.el5.i686.rpm
> kernel-debug-2.6.18-128.8.1.el5.i686.rpm
> kernel-debug-debuginfo-2.6.18-128.8.1.el5.i686.rpm
> kernel-debug-devel-2.6.18-128.8.1.el5.i686.rpm
> kernel-debuginfo-2.6.18-128.8.1.el5.i686.rpm
> kernel-debuginfo-common-2.6.18-128.8.1.el5.i686.rpm
> kernel-devel-2.6.18-128.8.1.el5.i686.rpm
> kernel-headers-2.6.18-128.8.1.el5.i386.rpm
> kernel-xen-2.6.18-128.8.1.el5.i686.rpm
> kernel-xen-debuginfo-2.6.18-128.8.1.el5.i686.rpm
> kernel-xen-devel-2.6.18-128.8.1.el5.i686.rpm
> 
> ia64:
> kernel-2.6.18-128.8.1.el5.ia64.rpm
> kernel-debug-2.6.18-128.8.1.el5.ia64.rpm
> kernel-debug-debuginfo-2.6.18-128.8.1.el5.ia64.rpm
> kernel-debug-devel-2.6.18-128.8.1.el5.ia64.rpm
> kernel-debuginfo-2.6.18-128.8.1.el5.ia64.rpm
> kernel-debuginfo-common-2.6.18-128.8.1.el5.ia64.rpm
> kernel-devel-2.6.18-128.8.1.el5.ia64.rpm
> kernel-headers-2.6.18-128.8.1.el5.ia64.rpm
> kernel-xen-2.6.18-128.8.1.el5.ia64.rpm
> kernel-xen-debuginfo-2.6.18-128.8.1.el5.ia64.rpm
> kernel-xen-devel-2.6.18-128.8.1.el5.ia64.rpm
> 
> noarch:
> kernel-doc-2.6.18-128.8.1.el5.noarch.rpm
> 
> ppc:
> kernel-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-debug-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-debug-debuginfo-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-debug-devel-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-debuginfo-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-debuginfo-common-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-devel-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-headers-2.6.18-128.8.1.el5.ppc.rpm
> kernel-headers-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-kdump-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-kdump-debuginfo-2.6.18-128.8.1.el5.ppc64.rpm
> kernel-kdump-devel-2.6.18-128.8.1.el5.ppc64.rpm
> 
> s390x:
> kernel-2.6.18-128.8.1.el5.s390x.rpm
> kernel-debug-2.6.18-128.8.1.el5.s390x.rpm
> kernel-debug-debuginfo-2.6.18-128.8.1.el5.s390x.rpm
> kernel-debug-devel-2.6.18-128.8.1.el5.s390x.rpm
> kernel-debuginfo-2.6.18-128.8.1.el5.s390x.rpm
> kernel-debuginfo-common-2.6.18-128.8.1.el5.s390x.rpm
> kernel-devel-2.6.18-128.8.1.el5.s390x.rpm
> kernel-headers-2.6.18-128.8.1.el5.s390x.rpm
> kernel-kdump-2.6.18-128.8.1.el5.s390x.rpm
> kernel-kdump-debuginfo-2.6.18-128.8.1.el5.s390x.rpm
> kernel-kdump-devel-2.6.18-128.8.1.el5.s390x.rpm
> 
> x86_64:
> kernel-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-debug-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-debug-debuginfo-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-debug-devel-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-debuginfo-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-debuginfo-common-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-devel-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-headers-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-xen-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-xen-debuginfo-2.6.18-128.8.1.el5.x86_64.rpm
> kernel-xen-devel-2.6.18-128.8.1.el5.x86_64.rpm
> 
> These packages are GPG signed by Red Hat for security.  Our key and
> details on how to verify the signature are available from
> https://www.redhat.com/security/team/key/#package
> 
> 7. References:
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2847
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848
> http://www.redhat.com/security/updates/classification/#important
> 
> 8. Contact:
> 
> The Red Hat security contact is <[log in to unmask]>.  More contact
> details at https://www.redhat.com/security/team/contact/
> 
> Copyright 2009 Red Hat, Inc.
> - -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.4 (GNU/Linux)
> 
> iD8DBQFKwjMlXlSAg2UNWIIRAkYKAJ4tHjqVF8SG2mPzo/Sw/SYXzkLW7QCdHZkM
> rZ/np7FbkVx8zWpyzTlQ8wQ=
> =9r2o
> - -----END PGP SIGNATURE-----
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
> 
> iD8DBQFKw1iak0kIxZMiiQ8RAqWLAJwPmR8rQEpbNkXdILHRI/n5fJhfuwCfY5lX
> yXPNbnfPFToLIyPHC8NaINc=
> =J3wA
> -----END PGP SIGNATURE-----
> ____________________________________________
-- 
Stephan Wiesand
  DESY - DV -
  Platanenallee 6
  15738 Zeuthen, Germany
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV