Synopsis:	Moderate: kernel security, bug fix, and enhancement update
Issue date:	2011-02-22
CVE Names:	CVE-2010-4165 CVE-2010-4169 CVE-2010-4243

This update fixes the following security issues:

* A divide-by-zero flaw was found in the tcp_select_initial_window()
function in the Linux kernel's TCP/IP protocol suite implementation. A
local, unprivileged user could use this flaw to trigger a denial of 
service by calling setsockopt() with certain options. (CVE-2010-4165, 
Moderate)

* A use-after-free flaw in the mprotect() system call in the Linux 
kernel could allow a local, unprivileged user to cause a local denial of 
service. (CVE-2010-4169, Moderate)

* A flaw was found in the Linux kernel execve() system call 
implementation. A local, unprivileged user could cause large amounts of 
memory to be allocated but not visible to the OOM (Out of Memory) 
killer, triggering a denial of service. (CVE-2010-4243, Moderate)

This update also fixes several bugs and adds two enhancements.

The system must be rebooted for this update to take effect.

SL 6.x

      SRPMS:
kernel-2.6.32-71.18.1.el6.src.rpm
      i386:
kernel-2.6.32-71.18.1.el6.i686.rpm
kernel-debug-2.6.32-71.18.1.el6.i686.rpm
kernel-debug-devel-2.6.32-71.18.1.el6.i686.rpm
kernel-devel-2.6.32-71.18.1.el6.i686.rpm
kernel-doc-2.6.32-71.18.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm
kernel-headers-2.6.32-71.18.1.el6.i686.rpm
perf-2.6.32-71.18.1.el6.noarch.rpm
      x86_64:
kernel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-debug-2.6.32-71.18.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-devel-2.6.32-71.18.1.el6.x86_64.rpm
kernel-doc-2.6.32-71.18.1.el6.noarch.rpm
kernel-firmware-2.6.32-71.18.1.el6.noarch.rpm
kernel-headers-2.6.32-71.18.1.el6.x86_64.rpm
perf-2.6.32-71.18.1.el6.noarch.rpm

-Connie Sieh
-Troy Dawson