Synopsis: Moderate: kernel security, bug fix, and enhancement update
Issue date: 2011-02-22
CVE Names: CVE-2010-4165 CVE-2010-4169 CVE-2010-4243
This update fixes the following security issues:
* A divide-by-zero flaw was found in the tcp_select_initial_window()
function in the Linux kernel's TCP/IP protocol suite implementation. A
local, unprivileged user could use this flaw to trigger a denial of
service by calling setsockopt() with certain options. (CVE-2010-4165,
Moderate)
* A use-after-free flaw in the mprotect() system call in the Linux
kernel could allow a local, unprivileged user to cause a local denial of
service. (CVE-2010-4169, Moderate)
* A flaw was found in the Linux kernel execve() system call
implementation. A local, unprivileged user could cause large amounts of
memory to be allocated but not visible to the OOM (Out of Memory)
killer, triggering a denial of service. (CVE-2010-4243, Moderate)
This update also fixes several bugs and adds two enhancements.
The system must be rebooted for this update to take effect.
SL 6.x
SRPMS:
kernel-2.6.32-71.18.1.el6.src.rpm
i386:
kernel-2.6.32-71.18.1.el6.i686.rpm
kernel-debug-2.6.32-71.18.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.18.1.el6.i686.rpm
kernel-devel-2.6.32-71.18.1.el6.i686.rpm
kernel-doc-2.6.32-71.18.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm
kernel-headers-2.6.32-71.18.1.el6.i686.rpm
perf-2.6.32-71.18.1.el6.noarch.rpm
x86_64:
kernel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-doc-2.6.32-71.18.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm
kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm
perf-2.6.32-71.18.1.el6.noarch.rpm
-Connie Sieh
-Troy Dawson
|