Synopsis: Important: kernel security, bug fix, and enhancement update
Issue date: 2010-05-05
CVE Names: CVE-2010-0729 CVE-2010-1083 CVE-2010-1085
CVE-2010-1086 CVE-2010-1188
Security fixes:
* Kernel update 2.6.9-89.EL introduced a flaw in the ptrace
implementation on Itanium systems. ptrace_check_attach() was not called
during certain ptrace() requests. Under certain circumstances, a local,
unprivileged user could use this flaw to call ptrace() on a process they
do not own, giving them control over that process. (CVE-2010-0729,
Important)
* a flaw was found in the kernel's Unidirectional Lightweight
Encapsulation (ULE) implementation. A remote attacker could send a
specially-crafted ISO MPEG-2 Transport Stream (TS) frame to a target
system, resulting in a denial of service. (CVE-2010-1086, Important)
* a use-after-free flaw was found in tcp_rcv_state_process() in the
kernel's TCP/IP protocol suite implementation. If a system using IPv6
had the IPV6_RECVPKTINFO option set on a listening socket, a remote
attacker could send an IPv6 packet to that system, causing a kernel
panic. (CVE-2010-1188, Important)
* a divide-by-zero flaw was found in azx_position_ok() in the Intel High
Definition Audio driver, snd-hda-intel. A local, unprivileged user could
trigger this flaw to cause a denial of service. (CVE-2010-1085, Moderate)
* an information leak flaw was found in the kernel's USB implementation.
Certain USB errors could result in an uninitialized kernel buffer being
sent to user-space. An attacker with physical access to a target system
could use this flaw to cause an information leak. (CVE-2010-1083, Low)
Bug fixes:
* a regression prevented the Broadcom BCM5761 network device from
working when in the first (top) PCI-E slot of Hewlett-Packard (HP) Z600
systems. Note: The card worked in the 2nd or 3rd PCI-E slot. (BZ#567205)
* the Xen hypervisor supports 168 GB of RAM for 32-bit guests. The
physical address range was set incorrectly, however, causing 32-bit,
para-virtualized Scientific Linux 4.8 guests to crash when launched on
AMD64 or Intel 64 hosts that have more than 64 GB of RAM. (BZ#574392)
* Kernel update 2.6.9-89.EL introduced a regression, causing diskdump to
fail on systems with certain adapters using the qla2xxx driver. (BZ#577234)
* a race condition caused TX to stop in a guest using the virtio_net
driver. (BZ#580089)
* on some systems, using the "arp_validate=3" bonding option caused both
links to show as "down" even though the arp_target was responding to ARP
requests sent by the bonding driver. (BZ#580842)
* in some circumstances, when a Scientific Linux client connected
to a re-booted Windows-based NFS server, server-side filehandle-to-inode
mapping changes caused a kernel panic. "bad_inode_ops" handling was
changed to prevent this. Note: filehandle-to-inode mapping changes may
still cause errors, but not panics. (BZ#582908)
* when installing a Scientific Linux 4 guest via PXE, hard-coded
fixed-size scatterlists could conflict with host requests, causing the
guest's kernel to panic. With this update, dynamically allocated
scatterlists are used, resolving this issue. (BZ#582911)
Enhancements:
* kernel support for connlimit. Note: iptables errata update
RHBA-2010:0395 is also required for connlimit to work correctly. (BZ#563223)
* support for the Intel architectural performance monitoring subsystem
(arch_perfmon). On supported CPUs, arch_perfmon offers means to mark
performance events and options for configuring and counting these events.
(BZ#582913)
* kernel support for OProfile sampling of Intel microarchitecture
(Nehalem) CPUs. This update alone does not address OProfile support for
such CPUs. A future oprofile package update will allow OProfile to work
on Intel Nehalem CPUs. (BZ#582241)
The system must be rebooted for this update to take effect.
SL 4.x
SRPMS:
kernel-2.6.9-89.0.25.EL.src.rpm
i386:
kernel-2.6.9-89.0.25.EL.i686.rpm
kernel-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.25.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-2.6.9-89.0.25.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-2.6.9-89.0.25.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.i686.rpm
Dependancies:
kernel-module-fuse-2.6.9-89.0.25.EL-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.25.ELhugemem-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.25.ELsmp-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.25.ELxenU-2.7.3-1.SL.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.25.EL-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELhugemem-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELsmp-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELxenU-1.1.0-1.SL4.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.EL-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELhugemem-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELsmp-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELxenU-1.41-1.SL.i686.rpm
kernel-module-openafs-2.6.9-89.0.25.EL-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.25.ELhugemem-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.25.ELsmp-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.25.ELxenU-1.4.7-68.2.SL4.i686.rpm
kernel-module-r1000-2.6.9-89.0.25.EL-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.25.ELhugemem-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.25.ELsmp-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.25.ELxenU-2.2-2.SL4x.i686.rpm
kernel-module-squashfs-2.6.9-89.0.25.EL-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELhugemem-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELsmp-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELxenU-3.1.2-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.25.EL-1.1.5-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.25.ELsmp-1.1.5-3.i686.rpm
x86_64:
kernel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.25.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.25.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.25.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.25.EL.x86_64.rpm
Dependancies:
kernel-module-fuse-2.6.9-89.0.25.EL-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.25.ELlargesmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.25.ELsmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.25.ELxenU-2.7.3-1.SL.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.25.EL-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELsmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.25.ELxenU-1.1.0-1.SL4.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.EL-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELlargesmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELsmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.25.ELxenU-1.41-1.SL.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.25.EL-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.25.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.25.ELsmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.25.ELxenU-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.25.EL-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.25.ELlargesmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.25.ELsmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.25.ELxenU-2.2-2.SL4x.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.25.EL-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELlargesmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELsmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.25.ELxenU-3.1.2-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.25.EL-1.1.5-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.25.ELsmp-1.1.5-3.x86_64.rpm
-Connie Sieh
-Troy Dawson
|