Synopsis: Moderate: kernel security and bug fixes Issue Date: 2012-05-15 CVE Numbers: CVE-2011-4086 CVE-2012-1601 This update fixes the following security issues: * A flaw was found in the way the Linux kernel's journal_unmap_buffer() function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-4086, Moderate) * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU (VCPU) already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A local, unprivileged user on a KVM host could use this flaw to crash the host. (CVE-2012-1601, Moderate) The system must be rebooted for this update to take effect. SL6: i386 kernel-2.6.32-220.17.1.el6.i686.rpm kernel-debug-2.6.32-220.17.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-220.17.1.el6.i686.rpm kernel-debug-devel-2.6.32-220.17.1.el6.i686.rpm kernel-debuginfo-2.6.32-220.17.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-220.17.1.el6.i686.rpm kernel-devel-2.6.32-220.17.1.el6.i686.rpm kernel-headers-2.6.32-220.17.1.el6.i686.rpm perf-2.6.32-220.17.1.el6.i686.rpm perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm python-perf-2.6.32-220.17.1.el6.i686.rpm python-perf-debuginfo-2.6.32-220.17.1.el6.i686.rpm noarch kernel-doc-2.6.32-220.17.1.el6.noarch.rpm kernel-firmware-2.6.32-220.17.1.el6.noarch.rpm x86_64 kernel-2.6.32-220.17.1.el6.x86_64.rpm kernel-debug-2.6.32-220.17.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.17.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6.x86_64.rpm kernel-devel-2.6.32-220.17.1.el6.x86_64.rpm kernel-headers-2.6.32-220.17.1.el6.x86_64.rpm perf-2.6.32-220.17.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm python-perf-2.6.32-220.17.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.17.1.el6.x86_64.rpm - Scientific Linux Development Team