Synopsis: Important: kernel security and bug fix update
Issue date: 2008-05-07
CVE Names: CVE-2006-4814 CVE-2007-5001 CVE-2007-6151
CVE-2007-6206 CVE-2008-0007 CVE-2008-1367
CVE-2008-1375 CVE-2008-1669
These updated packages fix the following security issues:
* the absence of a protection mechanism when attempting to access a
critical section of code has been found in the Linux kernel open file
descriptors control mechanism, fcntl. This could allow a local
unprivileged user to simultaneously execute code, which would otherwise
be protected against parallel execution. As well, a race condition when
handling locks in the Linux kernel fcntl functionality, may have allowed
a process belonging to a local unprivileged user to gain re-ordered
access to the descriptor table.
(CVE-2008-1669, Important)
* the absence of a protection mechanism when attempting to access a
critical section of code, as well as a race condition, have been found
in the Linux kernel file system event notifier, dnotify. This could
allow a local unprivileged user to get inconsistent data, or to send
arbitrary signals to arbitrary system processes.
(CVE-2008-1375, Important)
* when accessing kernel memory locations, certain Linux kernel drivers
registering a fault handler did not perform required range checks. A
local unprivileged user could use this flaw to gain read or write access
to arbitrary kernel memory, or possibly cause a kernel crash.
(CVE-2008-0007, Important)
* a flaw was found when performing asynchronous input or output
operations on a FIFO special file. A local unprivileged user could use
this flaw to cause a kernel panic.
(CVE-2007-5001, Important)
* a flaw was found in the way core dump files were created. If a local
user could get a root-owned process to dump a core file into a
directory, which the user has write access to, they could gain read
access to that core file. This could potentially grant unauthorized
access to sensitive information.
(CVE-2007-6206, Moderate)
* a buffer overflow was found in the Linux kernel ISDN subsystem. A
local unprivileged user could use this flaw to cause a denial of service.
(CVE-2007-6151, Moderate)
* a race condition found in the mincore system core could allow a local
user to cause a denial of service (system hang).
(CVE-2006-4814, Moderate)
* it was discovered that the Linux kernel handled string operations in
the opposite way to the GNU Compiler Collection (GCC). This could allow
a local unprivileged user to cause memory corruption.
(CVE-2008-1367, Low)
As well, these updated packages fix the following bugs:
* a bug, which caused long delays when unmounting mounts containing a
large number of unused dentries, has been resolved.
* in the previous kernel packages, the kernel was unable to handle
certain floating point instructions on Itanium(R) architectures.
* on certain Intel CPUs, the Translation Lookaside Buffer (TLB) was not
flushed correctly, which caused machine check errors.
SL 3.0.x
SRPMS:
kernel-2.4.21-57.EL.src.rpm
i386:
kernel-2.4.21-57.EL.i686.rpm
kernel-BOOT-2.4.21-57.EL.i386.rpm
kernel-doc-2.4.21-57.EL.i386.rpm
kernel-hugemem-2.4.21-57.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-57.EL.i686.rpm
kernel-smp-2.4.21-57.EL.i686.rpm
kernel-smp-unsupported-2.4.21-57.EL.i686.rpm
kernel-source-2.4.21-57.EL.i386.rpm
kernel-unsupported-2.4.21-57.EL.i686.rpm
Dependancies:
kernel-module-openafs-2.4.21-57.EL-1.2.13-15.17.SL.athlon.rpm
kernel-module-openafs-2.4.21-57.EL-1.2.13-15.17.SL.i686.rpm
kernel-module-openafs-2.4.21-57.ELsmp-1.2.13-15.17.SL.athlon.rpm
kernel-module-openafs-2.4.21-57.ELsmp-1.2.13-15.17.SL.i686.rpm
x86_64:
kernel-2.4.21-57.EL.ia32e.rpm
kernel-2.4.21-57.EL.x86_64.rpm
kernel-doc-2.4.21-57.EL.x86_64.rpm
kernel-smp-2.4.21-57.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-57.EL.x86_64.rpm
kernel-source-2.4.21-57.EL.x86_64.rpm
kernel-unsupported-2.4.21-57.EL.ia32e.rpm
kernel-unsupported-2.4.21-57.EL.x86_64.rpm
Dependancies:
kernel-module-openafs-2.4.21-57.EL-1.2.13-15.17.SL.ia32e.rpm
kernel-module-openafs-2.4.21-57.EL-1.2.13-15.17.SL.x86_64.rpm
kernel-module-openafs-2.4.21-57.ELsmp-1.2.13-15.17.SL.x86_64.rpm
-Connie Sieh
-Troy Dawson
