LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Important: kernel security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. A flaw in the connection tracking support for SCTP that allowed a remote user to cause a denial of service by dereferencing a NULL pointer. This security advisory has been rated as having important security impact by the Red Hat Security Response Team.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: kernel security update
Advisory ID:       RHSA-2007:0488-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0488.html
Issue date:        2007-06-25
Updated on:        2007-06-25
Product:           Red Hat Enterprise Linux
Keywords:          nahant kernel update
CVE Names:         CVE-2006-5158 CVE-2006-7203 CVE-2007-0773 
                   CVE-2007-0958 CVE-2007-1353 CVE-2007-2172 
                   CVE-2007-2525 CVE-2007-2876 CVE-2007-3104 
- ---------------------------------------------------------------------

1. Summary:

Updated kernel packages that fix several security issues and bugs in the
Red Hat Enterprise Linux 4 kernel are now available.

This security advisory has been rated as having important security impact
by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

* a flaw in the connection tracking support for SCTP that allowed a remote
user to cause a denial of service by dereferencing a NULL pointer.
(CVE-2007-2876, Important)

* a flaw in the mount handling routine for 64-bit systems that allowed a
local user to cause denial of service (crash). (CVE-2006-7203, Important)

* a flaw in the IPv4 forwarding base that allowed a local user to cause an
out-of-bounds access. (CVE-2007-2172, Important)

* a flaw in the PPP over Ethernet implementation that allowed a local user
to cause a denial of service (memory consumption) by creating a socket
using connect and then releasing it before the PPPIOCGCHAN ioctl has been
called. (CVE-2007-2525, Important)

* a flaw in the fput ioctl handling of 32-bit applications running on
64-bit platforms that allowed a local user to cause a denial of service
(panic). (CVE-2007-0773, Important)

* a flaw in the NFS locking daemon that allowed a local user to cause
denial of service (deadlock). (CVE-2006-5158, Moderate)

* a flaw in the sysfs_readdir function that allowed a local user to cause a
denial of service by dereferencing a NULL pointer. (CVE-2007-3104, Moderate)

* a flaw in the core-dump handling that allowed a local user to create core
dumps from unreadable binaries via PT_INTERP. (CVE-2007-0958, Low) 

* a flaw in the Bluetooth subsystem that allowed a local user to trigger an
information leak. (CVE-2007-1353, Low)

In addition, the following bugs were addressed:

* the NFS could recurse on the same spinlock. Also, NFS, under certain
conditions, did not completely clean up Posix locks on a file close,
leading to mount failures.

* the 32bit compatibility didn't return to userspace correct values for the
rt_sigtimedwait system call.

* the count for unused inodes could be incorrect at times, resulting in
dirty data not being written to disk in a timely manner.

* the cciss driver had an incorrect disk size calculation (off-by-one
error) which prevented disk dumps.

Red Hat would like to thank Ilja van Sprundel and the OpenVZ Linux kernel
team for reporting issues fixed in this erratum.

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

240855 - kernel spinlock panic in inode.c
241784 - dirty data is not flushed on a timely manner
242558 - CVE-2007-3104 Null pointer to an inode in a dentry can cause an oops in sysfs_readdir
243251 - CVE-2006-5158 NFS lockd deadlock
243252 - CVE-2007-0773 lost fput in a 32-bit ioctl on 64-bit x86 systems
243256 - CVE-2007-0958 core-dumping unreadable binaries via PT_INTERP
243259 - CVE-2007-1353 Bluetooth setsockopt() information leaks
243261 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
243262 - CVE-2007-2525 PPPoE socket PPPIOCGCHAN denial of service
243263 - CVE-2006-7203 oops in compat_sys_mount() when data pointer is NULL
243746 - CVE-2007-2876 {ip, nf}_conntrack_sctp: remotely triggerable NULL ptr dereference
243902 - diskdump to cciss  fails due to off-by-one size calculation

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm
99e36cd288068ee8eb5382302909d103  kernel-2.6.9-55.0.2.EL.src.rpm

i386:
7821a3e31be7aa7d16cca26ba3691ef0  kernel-2.6.9-55.0.2.EL.i686.rpm
fe75d3fedb4a869125bd3e0c4327cc80  kernel-debuginfo-2.6.9-55.0.2.EL.i686.rpm
dea713e9b6b7f9497d677aa50d873d89  kernel-devel-2.6.9-55.0.2.EL.i686.rpm
a20b25971292f11f3d43a046403e42a2  kernel-hugemem-2.6.9-55.0.2.EL.i686.rpm
59dfdedcecb4e008c672005e1d8ccf17  kernel-hugemem-devel-2.6.9-55.0.2.EL.i686.rpm
eee3f4fe239170496024e48d1ce2313f  kernel-smp-2.6.9-55.0.2.EL.i686.rpm
b507f1a0fd4d9807fb49f2a9f0cc2c8c  kernel-smp-devel-2.6.9-55.0.2.EL.i686.rpm
98f637d317257901254bc54239d394fc  kernel-xenU-2.6.9-55.0.2.EL.i686.rpm
ec18be5a978d728ffe02efe5c998ed07  kernel-xenU-devel-2.6.9-55.0.2.EL.i686.rpm

ia64:
c905be71187c3609d4173aafd8216d8d  kernel-2.6.9-55.0.2.EL.ia64.rpm
7cfee66805e9ed58cfc574e7bcbc5b1e  kernel-debuginfo-2.6.9-55.0.2.EL.ia64.rpm
6ebbde3eb96857b7b21316018878a89b  kernel-devel-2.6.9-55.0.2.EL.ia64.rpm
24185d3d81b622debf4749163951b860  kernel-largesmp-2.6.9-55.0.2.EL.ia64.rpm
6d225459226713128623323d8b46f9fb  kernel-largesmp-devel-2.6.9-55.0.2.EL.ia64.rpm

noarch:
271ee0352607674b31cf6a73f36e363b  kernel-doc-2.6.9-55.0.2.EL.noarch.rpm

ppc:
d41d5baa1e29b246f612c1492a0d5086  kernel-2.6.9-55.0.2.EL.ppc64.rpm
a2a047d9ae3d85c55a51f8dbe029c193  kernel-2.6.9-55.0.2.EL.ppc64iseries.rpm
a06093113f7d4d2379179d59ee001377  kernel-debuginfo-2.6.9-55.0.2.EL.ppc64.rpm
fae5c3b1a858ffab5c5cd83ab19d2212  kernel-debuginfo-2.6.9-55.0.2.EL.ppc64iseries.rpm
fcf60609ac3b4893fcc6834b1f2fe6ca  kernel-devel-2.6.9-55.0.2.EL.ppc64.rpm
154ac36b8c4ad1081a7a512e412a2bd2  kernel-devel-2.6.9-55.0.2.EL.ppc64iseries.rpm
9286ed2b16bf97d1986051787429e1c9  kernel-largesmp-2.6.9-55.0.2.EL.ppc64.rpm
165d186de7e13c87dc43712e4e789a3e  kernel-largesmp-devel-2.6.9-55.0.2.EL.ppc64.rpm

s390:
fe466acf4194827b25458b9a1dc94e26  kernel-2.6.9-55.0.2.EL.s390.rpm
816a6a10ce4cb6a147ecfedf5f0ba4c3  kernel-debuginfo-2.6.9-55.0.2.EL.s390.rpm
bd82f6634a93798eaa1b28aa37b5f482  kernel-devel-2.6.9-55.0.2.EL.s390.rpm

s390x:
8b6383a35b1ee7f2c84150b569f2bbe3  kernel-2.6.9-55.0.2.EL.s390x.rpm
9ca5472fc06fffd848b231d22618168a  kernel-debuginfo-2.6.9-55.0.2.EL.s390x.rpm
3a4b3363f578859a84e6d83af753ea6c  kernel-devel-2.6.9-55.0.2.EL.s390x.rpm

x86_64:
4b6c56a9e0ba5944c9d53588c8091bf5  kernel-2.6.9-55.0.2.EL.x86_64.rpm
2e1a4598f4a316735a46973ae57ebaf7  kernel-debuginfo-2.6.9-55.0.2.EL.x86_64.rpm
5213a93b0d19069e503f87c4804b4fec  kernel-devel-2.6.9-55.0.2.EL.x86_64.rpm
a7786619743e275208358df03f45bd9c  kernel-largesmp-2.6.9-55.0.2.EL.x86_64.rpm
7627d84ef02124db2297008fdf08eaaf  kernel-largesmp-devel-2.6.9-55.0.2.EL.x86_64.rpm
3e507edb063001e6ef0f7d374f44de17  kernel-smp-2.6.9-55.0.2.EL.x86_64.rpm
34c063e6ff7b0388f8ce6ea61c819b28  kernel-smp-devel-2.6.9-55.0.2.EL.x86_64.rpm
a9233bbe6790be33bdfdde003148ab89  kernel-xenU-2.6.9-55.0.2.EL.x86_64.rpm
418886b79b33d3c017728af5c96ffc07  kernel-xenU-devel-2.6.9-55.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm
99e36cd288068ee8eb5382302909d103  kernel-2.6.9-55.0.2.EL.src.rpm

i386:
7821a3e31be7aa7d16cca26ba3691ef0  kernel-2.6.9-55.0.2.EL.i686.rpm
fe75d3fedb4a869125bd3e0c4327cc80  kernel-debuginfo-2.6.9-55.0.2.EL.i686.rpm
dea713e9b6b7f9497d677aa50d873d89  kernel-devel-2.6.9-55.0.2.EL.i686.rpm
a20b25971292f11f3d43a046403e42a2  kernel-hugemem-2.6.9-55.0.2.EL.i686.rpm
59dfdedcecb4e008c672005e1d8ccf17  kernel-hugemem-devel-2.6.9-55.0.2.EL.i686.rpm
eee3f4fe239170496024e48d1ce2313f  kernel-smp-2.6.9-55.0.2.EL.i686.rpm
b507f1a0fd4d9807fb49f2a9f0cc2c8c  kernel-smp-devel-2.6.9-55.0.2.EL.i686.rpm
98f637d317257901254bc54239d394fc  kernel-xenU-2.6.9-55.0.2.EL.i686.rpm
ec18be5a978d728ffe02efe5c998ed07  kernel-xenU-devel-2.6.9-55.0.2.EL.i686.rpm

noarch:
271ee0352607674b31cf6a73f36e363b  kernel-doc-2.6.9-55.0.2.EL.noarch.rpm

x86_64:
4b6c56a9e0ba5944c9d53588c8091bf5  kernel-2.6.9-55.0.2.EL.x86_64.rpm
2e1a4598f4a316735a46973ae57ebaf7  kernel-debuginfo-2.6.9-55.0.2.EL.x86_64.rpm
5213a93b0d19069e503f87c4804b4fec  kernel-devel-2.6.9-55.0.2.EL.x86_64.rpm
a7786619743e275208358df03f45bd9c  kernel-largesmp-2.6.9-55.0.2.EL.x86_64.rpm
7627d84ef02124db2297008fdf08eaaf  kernel-largesmp-devel-2.6.9-55.0.2.EL.x86_64.rpm
3e507edb063001e6ef0f7d374f44de17  kernel-smp-2.6.9-55.0.2.EL.x86_64.rpm
34c063e6ff7b0388f8ce6ea61c819b28  kernel-smp-devel-2.6.9-55.0.2.EL.x86_64.rpm
a9233bbe6790be33bdfdde003148ab89  kernel-xenU-2.6.9-55.0.2.EL.x86_64.rpm
418886b79b33d3c017728af5c96ffc07  kernel-xenU-devel-2.6.9-55.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm
99e36cd288068ee8eb5382302909d103  kernel-2.6.9-55.0.2.EL.src.rpm

i386:
7821a3e31be7aa7d16cca26ba3691ef0  kernel-2.6.9-55.0.2.EL.i686.rpm
fe75d3fedb4a869125bd3e0c4327cc80  kernel-debuginfo-2.6.9-55.0.2.EL.i686.rpm
dea713e9b6b7f9497d677aa50d873d89  kernel-devel-2.6.9-55.0.2.EL.i686.rpm
a20b25971292f11f3d43a046403e42a2  kernel-hugemem-2.6.9-55.0.2.EL.i686.rpm
59dfdedcecb4e008c672005e1d8ccf17  kernel-hugemem-devel-2.6.9-55.0.2.EL.i686.rpm
eee3f4fe239170496024e48d1ce2313f  kernel-smp-2.6.9-55.0.2.EL.i686.rpm
b507f1a0fd4d9807fb49f2a9f0cc2c8c  kernel-smp-devel-2.6.9-55.0.2.EL.i686.rpm
98f637d317257901254bc54239d394fc  kernel-xenU-2.6.9-55.0.2.EL.i686.rpm
ec18be5a978d728ffe02efe5c998ed07  kernel-xenU-devel-2.6.9-55.0.2.EL.i686.rpm

ia64:
c905be71187c3609d4173aafd8216d8d  kernel-2.6.9-55.0.2.EL.ia64.rpm
7cfee66805e9ed58cfc574e7bcbc5b1e  kernel-debuginfo-2.6.9-55.0.2.EL.ia64.rpm
6ebbde3eb96857b7b21316018878a89b  kernel-devel-2.6.9-55.0.2.EL.ia64.rpm
24185d3d81b622debf4749163951b860  kernel-largesmp-2.6.9-55.0.2.EL.ia64.rpm
6d225459226713128623323d8b46f9fb  kernel-largesmp-devel-2.6.9-55.0.2.EL.ia64.rpm

noarch:
271ee0352607674b31cf6a73f36e363b  kernel-doc-2.6.9-55.0.2.EL.noarch.rpm

x86_64:
4b6c56a9e0ba5944c9d53588c8091bf5  kernel-2.6.9-55.0.2.EL.x86_64.rpm
2e1a4598f4a316735a46973ae57ebaf7  kernel-debuginfo-2.6.9-55.0.2.EL.x86_64.rpm
5213a93b0d19069e503f87c4804b4fec  kernel-devel-2.6.9-55.0.2.EL.x86_64.rpm
a7786619743e275208358df03f45bd9c  kernel-largesmp-2.6.9-55.0.2.EL.x86_64.rpm
7627d84ef02124db2297008fdf08eaaf  kernel-largesmp-devel-2.6.9-55.0.2.EL.x86_64.rpm
3e507edb063001e6ef0f7d374f44de17  kernel-smp-2.6.9-55.0.2.EL.x86_64.rpm
34c063e6ff7b0388f8ce6ea61c819b28  kernel-smp-devel-2.6.9-55.0.2.EL.x86_64.rpm
a9233bbe6790be33bdfdde003148ab89  kernel-xenU-2.6.9-55.0.2.EL.x86_64.rpm
418886b79b33d3c017728af5c96ffc07  kernel-xenU-devel-2.6.9-55.0.2.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-55.0.2.EL.src.rpm
99e36cd288068ee8eb5382302909d103  kernel-2.6.9-55.0.2.EL.src.rpm

i386:
7821a3e31be7aa7d16cca26ba3691ef0  kernel-2.6.9-55.0.2.EL.i686.rpm
fe75d3fedb4a869125bd3e0c4327cc80  kernel-debuginfo-2.6.9-55.0.2.EL.i686.rpm
dea713e9b6b7f9497d677aa50d873d89  kernel-devel-2.6.9-55.0.2.EL.i686.rpm
a20b25971292f11f3d43a046403e42a2  kernel-hugemem-2.6.9-55.0.2.EL.i686.rpm
59dfdedcecb4e008c672005e1d8ccf17  kernel-hugemem-devel-2.6.9-55.0.2.EL.i686.rpm
eee3f4fe239170496024e48d1ce2313f  kernel-smp-2.6.9-55.0.2.EL.i686.rpm
b507f1a0fd4d9807fb49f2a9f0cc2c8c  kernel-smp-devel-2.6.9-55.0.2.EL.i686.rpm
98f637d317257901254bc54239d394fc  kernel-xenU-2.6.9-55.0.2.EL.i686.rpm
ec18be5a978d728ffe02efe5c998ed07  kernel-xenU-devel-2.6.9-55.0.2.EL.i686.rpm

ia64:
c905be71187c3609d4173aafd8216d8d  kernel-2.6.9-55.0.2.EL.ia64.rpm
7cfee66805e9ed58cfc574e7bcbc5b1e  kernel-debuginfo-2.6.9-55.0.2.EL.ia64.rpm
6ebbde3eb96857b7b21316018878a89b  kernel-devel-2.6.9-55.0.2.EL.ia64.rpm
24185d3d81b622debf4749163951b860  kernel-largesmp-2.6.9-55.0.2.EL.ia64.rpm
6d225459226713128623323d8b46f9fb  kernel-largesmp-devel-2.6.9-55.0.2.EL.ia64.rpm

noarch:
271ee0352607674b31cf6a73f36e363b  kernel-doc-2.6.9-55.0.2.EL.noarch.rpm

x86_64:
4b6c56a9e0ba5944c9d53588c8091bf5  kernel-2.6.9-55.0.2.EL.x86_64.rpm
2e1a4598f4a316735a46973ae57ebaf7  kernel-debuginfo-2.6.9-55.0.2.EL.x86_64.rpm
5213a93b0d19069e503f87c4804b4fec  kernel-devel-2.6.9-55.0.2.EL.x86_64.rpm
a7786619743e275208358df03f45bd9c  kernel-largesmp-2.6.9-55.0.2.EL.x86_64.rpm
7627d84ef02124db2297008fdf08eaaf  kernel-largesmp-devel-2.6.9-55.0.2.EL.x86_64.rpm
3e507edb063001e6ef0f7d374f44de17  kernel-smp-2.6.9-55.0.2.EL.x86_64.rpm
34c063e6ff7b0388f8ce6ea61c819b28  kernel-smp-devel-2.6.9-55.0.2.EL.x86_64.rpm
a9233bbe6790be33bdfdde003148ab89  kernel-xenU-2.6.9-55.0.2.EL.x86_64.rpm
418886b79b33d3c017728af5c96ffc07  kernel-xenU-devel-2.6.9-55.0.2.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3104
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.