LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

December 2010

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA December 2010

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Security ERRATA Important: kernel on SL4.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Fri, 3 Dec 2010 13:21:50 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (177 lines)
Synopsis:	Important: kernel security and bug fix update

Issue date:	2010-12-01

CVE Names:	CVE-2010-3432 CVE-2010-3442



Security fixes:



* A flaw in sctp_packet_config() in the Linux kernel's Stream Control

Transmission Protocol (SCTP) implementation could allow a remote 

attacker to cause a denial of service. (CVE-2010-3432, Important)



* A missing integer overflow check in snd_ctl_new() in the Linux 

kernel's sound subsystem could allow a local, unprivileged user on a 

32-bit system to cause a denial of service or escalate their privileges. 

(CVE-2010-3442, Important)



Bug fixes:



* Forward time drift was observed on virtual machines using PM

timer-based kernel tick accounting and running on KVM or the Microsoft

Hyper-V Server hypervisor. Virtual machines that were booted with the

divider=x kernel parameter set to a value greater than 1 and that showed

the following in the kernel boot messages were subject to this issue:



time.c: Using PM based timekeeping



Fine grained accounting for the PM timer is introduced which eliminates

this issue. However, this fix uncovered a bug in the Xen hypervisor,

possibly causing backward time drift. If this erratum is installed in 

Xen HVM guests that meet the aforementioned conditions, it is 

recommended that the host use kernel-xen-2.6.18-194.26.1.el5 or newer, 

which includes a fix (BZ#641915) for the backward time drift. (BZ#629237)



* With multipath enabled, systems would occasionally halt when the

do_cciss_request function was used. This was caused by wrongly-generated

requests. Additional checks have been added to avoid the aforementioned

issue. (BZ#640193)



* A Sun X4200 system equipped with a QLogic HBA spontaneously rebooted 

and logged a Hyper-Transport Sync Flood Error to the system event log. A

Maximum Memory Read Byte Count restriction was added to fix this bug.

(BZ#640919)



* For an active/backup bonding network interface with VLANs on top of 

it, when a link failed over, it took a minute for the multicast domain 

to be rejoined. This was caused by the driver not sending any IGMP join 

packets. The driver now sends IGMP join packets and the multicast domain 

is rejoined immediately. (BZ#641002)



* Replacing a disk and trying to rebuild it afterwards caused the system 

to panic. When a domain validation request for a hot plugged drive was 

sent, the mptscsi driver did not validate its existence. This could 

result in the driver accessing random memory and causing the crash. A 

check has been added that describes the newly-added device and reloads 

the iocPg3 data from the firmware if needed. (BZ#641137)



* An attempt to create a VLAN interface on a bond of two bnx2 adapters 

in two switch configurations resulted in a soft lockup after a few 

seconds. This was caused by an incorrect use of a bonding pointer. With 

this update, soft lockups no longer occur and creating a VLAN interface 

works as expected. (BZ#641254)



* Erroneous pointer checks could have caused a kernel panic. This was 

due to a critical value not being copied when a network buffer was 

duplicated and consumed by multiple portions of the kernel's network 

stack. Fixing the copy operation resolved this bug. (BZ#642746)



* A typo in a variable name caused it to be dereferenced in either 

mkdir() or create() which could cause a kernel panic. (BZ#643342)



* SCSI high level drivers can submit SCSI commands which would never be

completed when the device was offline. This was caused by a missing

callback for the request to complete the given command. SCSI requests 

are now terminated by calling their callback when a device is offline.

(BZ#644816)



* A kernel panic could have occurred on systems due to a recursive lock 

in the 3c59x driver. Recursion is now avoided and this kernel panic no 

longer occurs. (BZ#648407)



The system must be rebooted for this update to take effect.



SL 4.x



     SRPMS:

kernel-2.6.9-89.33.1.EL.src.rpm

     i386:

kernel-2.6.9-89.33.1.EL.i686.rpm

kernel-devel-2.6.9-89.33.1.EL.i686.rpm

kernel-doc-2.6.9-89.33.1.EL.noarch.rpm

kernel-hugemem-2.6.9-89.33.1.EL.i686.rpm

kernel-hugemem-devel-2.6.9-89.33.1.EL.i686.rpm

kernel-smp-2.6.9-89.33.1.EL.i686.rpm

kernel-smp-devel-2.6.9-89.33.1.EL.i686.rpm

kernel-xenU-2.6.9-89.33.1.EL.i686.rpm

kernel-xenU-devel-2.6.9-89.33.1.EL.i686.rpm

   Dependancies:

kernel-module-fuse-2.6.9-89.33.1.EL-2.7.3-1.SL.i686.rpm

kernel-module-fuse-2.6.9-89.33.1.ELhugemem-2.7.3-1.SL.i686.rpm

kernel-module-fuse-2.6.9-89.33.1.ELsmp-2.7.3-1.SL.i686.rpm

kernel-module-fuse-2.6.9-89.33.1.ELxenU-2.7.3-1.SL.i686.rpm

kernel-module-ipw3945-2.6.9-89.33.1.EL-1.1.0-1.SL4.i686.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELhugemem-1.1.0-1.SL4.i686.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELsmp-1.1.0-1.SL4.i686.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELxenU-1.1.0-1.SL4.i686.rpm

kernel-module-madwifi-2.6.9-89.33.1.EL-0.9.4-10.sl4.i686.rpm

kernel-module-madwifi-2.6.9-89.33.1.ELhugemem-0.9.4-10.sl4.i686.rpm

kernel-module-madwifi-2.6.9-89.33.1.ELsmp-0.9.4-10.sl4.i686.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.EL-0.9.4-10.sl4.i686.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.ELhugemem-0.9.4-10.sl4.i686.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.ELsmp-0.9.4-10.sl4.i686.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.EL-1.41-1.SL.i686.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELhugemem-1.41-1.SL.i686.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELsmp-1.41-1.SL.i686.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELxenU-1.41-1.SL.i686.rpm

kernel-module-openafs-2.6.9-89.33.1.EL-1.4.7-68.2.SL4.i686.rpm

kernel-module-openafs-2.6.9-89.33.1.ELhugemem-1.4.7-68.2.SL4.i686.rpm

kernel-module-openafs-2.6.9-89.33.1.ELsmp-1.4.7-68.2.SL4.i686.rpm

kernel-module-openafs-2.6.9-89.33.1.ELxenU-1.4.7-68.2.SL4.i686.rpm

kernel-module-r1000-2.6.9-89.33.1.EL-2.2-2.SL4x.i686.rpm

kernel-module-r1000-2.6.9-89.33.1.ELhugemem-2.2-2.SL4x.i686.rpm

kernel-module-r1000-2.6.9-89.33.1.ELsmp-2.2-2.SL4x.i686.rpm

kernel-module-r1000-2.6.9-89.33.1.ELxenU-2.2-2.SL4x.i686.rpm

kernel-module-squashfs-2.6.9-89.33.1.EL-3.1.2-3.i686.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELhugemem-3.1.2-3.i686.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELsmp-3.1.2-3.i686.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELxenU-3.1.2-3.i686.rpm

kernel-module-unionfs-2.6.9-89.33.1.EL-1.1.5-3.i686.rpm

kernel-module-unionfs-2.6.9-89.33.1.ELsmp-1.1.5-3.i686.rpm



     x86_64:

kernel-2.6.9-89.33.1.EL.x86_64.rpm

kernel-devel-2.6.9-89.33.1.EL.x86_64.rpm

kernel-doc-2.6.9-89.33.1.EL.noarch.rpm

kernel-largesmp-2.6.9-89.33.1.EL.x86_64.rpm

kernel-largesmp-devel-2.6.9-89.33.1.EL.x86_64.rpm

kernel-smp-2.6.9-89.33.1.EL.x86_64.rpm

kernel-smp-devel-2.6.9-89.33.1.EL.x86_64.rpm

kernel-xenU-2.6.9-89.33.1.EL.x86_64.rpm

kernel-xenU-devel-2.6.9-89.33.1.EL.x86_64.rpm

   Dependancies:

kernel-module-fuse-2.6.9-89.33.1.EL-2.7.3-1.SL.x86_64.rpm

kernel-module-fuse-2.6.9-89.33.1.ELlargesmp-2.7.3-1.SL.x86_64.rpm

kernel-module-fuse-2.6.9-89.33.1.ELsmp-2.7.3-1.SL.x86_64.rpm

kernel-module-fuse-2.6.9-89.33.1.ELxenU-2.7.3-1.SL.x86_64.rpm

kernel-module-ipw3945-2.6.9-89.33.1.EL-1.1.0-1.SL4.x86_64.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELlargesmp-1.1.0-1.SL4.x86_64.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELsmp-1.1.0-1.SL4.x86_64.rpm

kernel-module-ipw3945-2.6.9-89.33.1.ELxenU-1.1.0-1.SL4.x86_64.rpm

kernel-module-madwifi-2.6.9-89.33.1.EL-0.9.4-10.sl4.x86_64.rpm

kernel-module-madwifi-2.6.9-89.33.1.ELlargesmp-0.9.4-10.sl4.x86_64.rpm

kernel-module-madwifi-2.6.9-89.33.1.ELsmp-0.9.4-10.sl4.x86_64.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.EL-0.9.4-10.sl4.x86_64.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.ELlargesmp-0.9.4-10.sl4.x86_64.rpm

kernel-module-madwifi-hal-2.6.9-89.33.1.ELsmp-0.9.4-10.sl4.x86_64.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.EL-1.41-1.SL.x86_64.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELlargesmp-1.41-1.SL.x86_64.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELsmp-1.41-1.SL.x86_64.rpm

kernel-module-ndiswrapper-2.6.9-89.33.1.ELxenU-1.41-1.SL.x86_64.rpm

kernel-module-openafs-2.6.9-89.33.1.EL-1.4.7-68.2.SL4.x86_64.rpm

kernel-module-openafs-2.6.9-89.33.1.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpm

kernel-module-openafs-2.6.9-89.33.1.ELsmp-1.4.7-68.2.SL4.x86_64.rpm

kernel-module-openafs-2.6.9-89.33.1.ELxenU-1.4.7-68.2.SL4.x86_64.rpm

kernel-module-r1000-2.6.9-89.33.1.EL-2.2-2.SL4x.x86_64.rpm

kernel-module-r1000-2.6.9-89.33.1.ELlargesmp-2.2-2.SL4x.x86_64.rpm

kernel-module-r1000-2.6.9-89.33.1.ELsmp-2.2-2.SL4x.x86_64.rpm

kernel-module-r1000-2.6.9-89.33.1.ELxenU-2.2-2.SL4x.x86_64.rpm

kernel-module-squashfs-2.6.9-89.33.1.EL-3.1.2-3.x86_64.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELlargesmp-3.1.2-3.x86_64.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELsmp-3.1.2-3.x86_64.rpm

kernel-module-squashfs-2.6.9-89.33.1.ELxenU-3.1.2-3.x86_64.rpm

kernel-module-unionfs-2.6.9-89.33.1.EL-1.1.5-3.x86_64.rpm

kernel-module-unionfs-2.6.9-89.33.1.ELsmp-1.1.5-3.x86_64.rpm





-Connie Sieh

-Troy Dawson
ATOM RSS1 RSS2
LISTSERV.FNAL.GOV