LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 6 Update: kernel-2.6.19-1.2911.6.4.fc6 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-291
2007-03-02
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : kernel
Version     : 2.6.19
Release     : 1.2911.6.4.fc6
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

---------------------------------------------------------------------
Update Information:

Updated to kernel 2.6.19.5 plus additional fixes:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.5

CVE-2007-0772:
Summary: The Linux kernel before 2.6.20.1 allows remote
attackers to cause a denial of service (oops) via a crafted
NFSACL 2 ACCESS request that triggers a free of an incorrect
pointer.

CVE-2006-5753:
Summary: Unspecified vulnerability in the listxattr system
call in Linux kernel, when a "bad inode" is present, allows
local users to cause a denial of service (data corruption)
and possibly gain privileges via unknown vectors. 


Fixed broken SCSI CDROM IOCTLs.
Added Xen, which was missing from 1.2911.6.3

---------------------------------------------------------------------
* Sat Feb 24 2007 Chuck Ebbert 
- 2.6.19.5
- re-enable Xen
* Thu Feb 22 2007 Chuck Ebbert 
- 2.6.19.4 (CVE-2007-0772)
- 2.6.19.5-rc1
- bad_inode_ops patch (CVE-2006-5753)
- disable MSI on forcedeth cards (bz #222556)
- Intel HDA si3054 codec (bz #228879)
- "no irq for vector" fix (bz #225399)
- usbnet oops fix (bz #228231)
- swiotlb synchronization fix
- scsi cdrom ioctls were broken

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

3b9c104fb1d67bc46e30f7aeea61dba378fa9746  SRPMS/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
3b9c104fb1d67bc46e30f7aeea61dba378fa9746  noarch/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
8d0ee970cca88644eeecdd92e2061b132f7e7d88  ppc/kernel-smp-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
4d8af9bdad003eea636765b81b2227ca105a5508  ppc/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.ppc.rpm
b69b995617f08c337850a27afbb04b6bd55d95fb  ppc/kernel-smp-2.6.19-1.2911.6.4.fc6.ppc.rpm
a2ae46ea39f017018d7f920e81fd3a908b7c2aca  ppc/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
e8f0423850df3badc3c4423b96ddd1a7383436e0  ppc/kernel-headers-2.6.19-1.2911.6.4.fc6.ppc.rpm
a954f0c8a26a90e325106ed781805ea80504e5d3  ppc/kernel-2.6.19-1.2911.6.4.fc6.ppc.rpm
fb14aacd01fcb3c812fccab31c34d8ab7c2889f1  ppc/kernel-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
d8ac1ac311f78d91a2cb6c2d62aa74cbd3a7ae6c  ppc/debug/kernel-smp-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
5bef6ccd05ac52463bf07136805a554b78abc293  ppc/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
c8186b782d6b72cdbe656df74ca0b68066e358f6  x86_64/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
635820d0672d3087b00f2aabd06cf227a5ac81d6  x86_64/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
90cc99803c13ae6c301b19936a347f18393dbf87  x86_64/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7e32e9700922d87c211cd7cf9972ec16f51862be  x86_64/kernel-headers-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1f5247118404dd081f872bad871d01a4df4c9f48  x86_64/kernel-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
e9b8f363fde7786dbc01aeff84982669ba1addfd  x86_64/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
c575eca9f89cd49194926f7adfaa5349733156be  x86_64/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7758dbccf92e386794981107d24e8b0afe3336ec  x86_64/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
9f9da8579c498b937718dab6cc6c36981edb25e0  x86_64/kernel-debug-2.6.19-1.2911.6.4.fc6.x86_64.rpm
af71cb466816585b1e1ef52b219d243331acf48c  x86_64/kernel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1d64d3df3530a51ccbe6c9a6011871d347a22bb3  x86_64/kernel-kdump-2.6.19-1.2911.6.4.fc6.x86_64.rpm
36319a5af26ac5c5ac54981f172e7ddcb747e108  x86_64/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
2349dbcbdc7a3fb36595b5ed230fbb0cb6b53870  x86_64/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
0c185d900d99544d035c976cd67d1474dbda245f  x86_64/kernel-xen-2.6.19-1.2911.6.4.fc6.x86_64.rpm
5bef6ccd05ac52463bf07136805a554b78abc293  x86_64/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
0ebe323bdfda431b7a130c795c23db74230b9c2e  i386/kernel-headers-2.6.19-1.2911.6.4.fc6.i386.rpm
b63fb516605aca199fc2b64836d19dc6ff8f4385  i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i586.rpm
c26a954b50047145d7e5047c521ac6f0a19f079b  i386/kernel-2.6.19-1.2911.6.4.fc6.i586.rpm
90a0861cbe6c29392a4c79e7999f32a564a5b27b  i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i586.rpm
f499a8c9672b1a9f48c0496470f1d32e7a410511  i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i586.rpm
a51887765a0486a3c45259b14f7764f9b6c47534  i386/kernel-xen-2.6.19-1.2911.6.4.fc6.i686.rpm
ad0b66fef22c4345c0c09f6708ef261edad6ee3e  i386/debug/kernel-PAE-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
8bb06b600a54b6c9a84b2eea5b527a8fd140f0ff  i386/kernel-PAE-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
6503131a6626c7d663e111dc4fcada5d5fbbfd86  i386/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
3c06d8d1fc9968a608d3c7b11997c2f5615fa0ea  i386/debug/kernel-PAE-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
928e207a8f6ba0078d2542ef00dce6ec6c88e57e  i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
c152a8bd1295ad530403b0b28872dbcd983bd95c  i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
57feaf429fb2a621b12dfe6f197b6e6b8085397e  i386/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
14092a07b3f413d8a2ef6638421f7b43fc84ee2e  i386/kernel-PAE-2.6.19-1.2911.6.4.fc6.i686.rpm
854a3f431853eba65a7ff0606c1e0d4bf5e42163  i386/kernel-kdump-2.6.19-1.2911.6.4.fc6.i686.rpm
a5041c5c75ea3ae219f3e441003ea3bdc6e6936d  i386/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
26d245bb933095da338b09210b13318cb4ce67b5  i386/kernel-2.6.19-1.2911.6.4.fc6.i686.rpm
c2a4b2ffd08a7506063c37aab9319d430f7d89f0  i386/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
ebde06cf5161547121917b373dd9c76afca391d2  i386/kernel-PAE-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
ec2513833b94472935f8b7b9971f3f3512476144  i386/kernel-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
b4a2da9eb3082806afaeee95e81e1ef9fdc88e48  i386/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5f7aa907b024d69f92b99c204c5aab9302fd4229  i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i686.rpm
d70d9ec257ed8867bf1deb11d86aca8aee834981  i386/kernel-PAE-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
ab22eb32f09b3210de7d4b4dd53111706448cf75  i386/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5bef6ccd05ac52463bf07136805a554b78abc293  i386/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hacker Halted 2014: Johnny Long Calls for Hackers for Charity Volunteers
RIPS – Static Source Code Analysis For PHP Vulnerabilities
Finding a Video Poker Bug Made These Guys Rich—Then Vegas Made Them Pay
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.