 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 31 Mar 2010 17:00:22 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: GFS security and bug fix update
Issue date: 2010-03-30
CVE Names: CVE-2010-0727
A flaw was found in the gfs_lock() implementation. The GFS locking code
could skip the lock operation for files that have the S_ISGID bit
(set-group-ID on execution) in their mode set. A local, unprivileged
user on a system that has a GFS file system mounted could use this flaw
to cause a kernel panic. (CVE-2010-0727)
As well, these updated GFS packages are in sync with the latest kernel
(2.4.21-63.EL). The modules in earlier GFS packages fail to load because
they do not match the running kernel. It is possible to force-load the
modules; however, with this update, force-loading the modules is not
required. (BZ#525198)
Users are advised to upgrade to these latest GFS packages, which resolve
this issue and are updated for use with the 2.4.21-63.EL kernel.
SL 3.0.x
SRPMS:
GFS-6.0.2.36-13.src.rpm
i386:
GFS-6.0.2.36-13.i686.rpm
GFS-devel-6.0.2.36-13.i686.rpm
GFS-modules-6.0.2.36-13.i686.rpm
GFS-modules-hugemem-6.0.2.36-13.i686.rpm
GFS-modules-smp-6.0.2.36-13.i686.rpm
x86_64:
GFS-6.0.2.36-13.x86_64.rpm
GFS-devel-6.0.2.36-13.x86_64.rpm
GFS-modules-6.0.2.36-13.x86_64.rpm
GFS-modules-smp-6.0.2.36-13.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
