LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

February 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA February 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: kernel on SL5.x i386/x86_64
From:	Pat Riehecky <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 11 Feb 2015 15:46:19 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (68 lines)

Synopsis:          Moderate: kernel security and bug fix update
Advisory ID:       SLSA-2015:0164-1
Issue Date:        2015-02-10
CVE Numbers:       CVE-2014-7822
--

* A flaw was found in the way the Linux kernel's splice() system call
validated its parameters. On certain file systems, a local, unprivileged
user could use this flaw to write past the maximum file size, and thus
crash the system. (CVE-2014-7822, Moderate)

This update also fixes the following bugs:

* Previously, hot-unplugging of a virtio-blk device could in some cases
lead to a kernel panic, for example during in-flight I/O requests. This
update fixes race condition in the hot-unplug code in the virtio_blk.ko
module. As a result, hot unplugging of the virtio-blk device no longer
causes the guest kernel oops when there are in-flight I/O requests.

* Before this update, due to a bug in the error-handling path, a corrupted
metadata block could be used as a valid block. With this update, the error
handling path has been fixed and more checks have been added to verify the
metadata block. Now, when a corrupted metadata block is encountered, it is
properly marked as corrupted and handled accordingly.

* Previously, an incorrectly initialized variable resulted in a random
value being stored in the variable that holds the number of default ACLs,
and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl
command could, under certain circumstances, fail with an "Invalid
argument" error. With this update, the variable is correctly initialized
to zero, thus fixing the bug.

The system must be rebooted for this update to take effect.
--

SL5
  x86_64
    kernel-2.6.18-402.el5.x86_64.rpm
    kernel-debug-2.6.18-402.el5.x86_64.rpm
    kernel-debug-debuginfo-2.6.18-402.el5.x86_64.rpm
    kernel-debug-devel-2.6.18-402.el5.x86_64.rpm
    kernel-debuginfo-2.6.18-402.el5.x86_64.rpm
    kernel-debuginfo-common-2.6.18-402.el5.x86_64.rpm
    kernel-devel-2.6.18-402.el5.x86_64.rpm
    kernel-headers-2.6.18-402.el5.x86_64.rpm
    kernel-xen-2.6.18-402.el5.x86_64.rpm
    kernel-xen-debuginfo-2.6.18-402.el5.x86_64.rpm
    kernel-xen-devel-2.6.18-402.el5.x86_64.rpm
  i386
    kernel-2.6.18-402.el5.i686.rpm
    kernel-PAE-2.6.18-402.el5.i686.rpm
    kernel-PAE-debuginfo-2.6.18-402.el5.i686.rpm
    kernel-PAE-devel-2.6.18-402.el5.i686.rpm
    kernel-debug-2.6.18-402.el5.i686.rpm
    kernel-debug-debuginfo-2.6.18-402.el5.i686.rpm
    kernel-debug-devel-2.6.18-402.el5.i686.rpm
    kernel-debuginfo-2.6.18-402.el5.i686.rpm
    kernel-debuginfo-common-2.6.18-402.el5.i686.rpm
    kernel-devel-2.6.18-402.el5.i686.rpm
    kernel-headers-2.6.18-402.el5.i386.rpm
    kernel-xen-2.6.18-402.el5.i686.rpm
    kernel-xen-debuginfo-2.6.18-402.el5.i686.rpm
    kernel-xen-devel-2.6.18-402.el5.i686.rpm
  noarch
    kernel-doc-2.6.18-402.el5.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV