LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

June 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA June 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Important: kernel on SL6.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Wed, 8 Jun 2011 15:15:58 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (67 lines)

Synopsis:    Important: kernel security and bug fix update
Issue Date:  2011-06-01
CVE Numbers: CVE-2010-3858
              CVE-2011-1598
              CVE-2011-1770
              CVE-2011-1771


The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* An integer underflow flaw, leading to a buffer overflow, was found in 
the Linux kernel's Datagram Congestion Control Protocol (DCCP) 
implementation. This could allow a remote attacker to cause a denial of 
service. (CVE-2011-1770, Important)

* Missing sanity checks were found in setup_arg_pages() in the Linux
kernel. When making the size of the argument and environment area on the
stack very large, it could trigger a BUG_ON(), resulting in a local 
denial of service. (CVE-2010-3858, Moderate)

* A missing validation check was found in the bcm_release() and
raw_release() functions in the Linux kernel's Controller Area Network 
(CAN) implementation. This could allow a local, unprivileged user to 
cause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)

* The fix for a previous bug, introduced a regression in the 
cifs_close() function in the Linux kernel's Common Internet File System 
(CIFS) implementation. A local, unprivileged user with write access to a 
CIFS file system could use this flaw to cause a denial of service. 
(CVE-2011-1771, Moderate)

This update also fixes various bugs.

The system must be rebooted for this update to take effect.

SL6:
   i386
      kernel-2.6.32-131.2.1.el6.i686.rpm
      perf-debuginfo-2.6.32-131.2.1.el6.i686.rpm
      perf-2.6.32-131.2.1.el6.i686.rpm
      kernel-headers-2.6.32-131.2.1.el6.i686.rpm
      kernel-devel-2.6.32-131.2.1.el6.i686.rpm
      kernel-debuginfo-common-i686-2.6.32-131.2.1.el6.i686.rpm
      kernel-debuginfo-2.6.32-131.2.1.el6.i686.rpm
      kernel-debug-devel-2.6.32-131.2.1.el6.i686.rpm
      kernel-debug-debuginfo-2.6.32-131.2.1.el6.i686.rpm
      kernel-debug-2.6.32-131.2.1.el6.i686.rpm
   noarch
      kernel-firmware-2.6.32-131.2.1.el6.noarch.rpm
      kernel-doc-2.6.32-131.2.1.el6.noarch.rpm
   x86_64
      perf-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-headers-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-devel-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-debuginfo-common-x86_64-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-debuginfo-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-debug-devel-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-debug-debuginfo-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-debug-2.6.32-131.2.1.el6.x86_64.rpm
      kernel-2.6.32-131.2.1.el6.x86_64.rpm
      perf-debuginfo-2.6.32-131.2.1.el6.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV