LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 6 Update: kernel-2.6.22.1-32.fc6 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-655
2007-08-09
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : kernel
Version     : 2.6.22.1
Release     : 32.fc6
Summary     : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

---------------------------------------------------------------------
Update Information:

Rebase kernel to 2.6.22.1:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.1

Includes the CFS scheduler from upstream kernel 2.6.23.

Fixes since initial 2.6.22 test kernel was released:
Fix timer problems and failure to boot.
Fix failure to boot on PS3.
Fix failure to initialize Hpt37x ATA controllers.
Hopefully fix atl1 ethernet controller DMA.
Add RAID autostart (dropped during initial rebase.)
Fix oops in xfrm4, reported on Fedora 7.

CVE-2007-3642:
The decode_choice function in
net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel
before 2.6.22 allows remote attackers to cause a denial of
service (crash) via an encoded, out-of-range index value for
a choice field, which triggers a NULL pointer dereference.

---------------------------------------------------------------------
* Wed Aug  1 2007 Chuck Ebbert 
- fix crash in xfrm4
- restore md driver START_ARRAY ioctl
* Mon Jul 30 2007 Chuck Ebbert 
- sync the CFS scheduler timekeeping changes with upstream
- fix DMI strings in HP notebook quirk for ALI controller
- revert upstream "genirq: do not mask interrupts by default"
* Wed Jul 25 2007 Chuck Ebbert 
- kernel requires newer version of cpuspeed
- pata_hpt37x: Fix 2.6.22 clock PLL regression (#249254)
- atl1: possibly fix DMA bugs (#249511)
* Mon Jul 23 2007 Chuck Ebbert 
- set CONFIG_DEBUG_SHIRQ only in -debug kernels
* Mon Jul 23 2007 Chuck Ebbert 
- set CONFIG_USB_DEVICE_CLASS (should fix #249211)
* Mon Jul 23 2007 Jarod Wilson 
- Re-enable aes-i586 and twofish-i586 for i686 kernels (#249158)
* Fri Jul 20 2007 Chuck Ebbert 
- SDHCI: clear the error interrupt bit
- ftdi_sio: fix oops
* Fri Jul 20 2007 Chuck Ebbert 
- utrace update
- CFS scheduler update
* Thu Jul 19 2007 Chuck Ebbert 
- restore the libata COMBINED_MODE hacks
- set CONFIG_NF_CONNTRACK_PROC_COMPAT
- restore the old firewire stack
- new utrace backport
* Tue Jul 17 2007 Chuck Ebbert 
- disable the nohz and highres kernel options
  by default -- enable with 'nohz=yes highres=yes'
* Tue Jul 17 2007 Chuck Ebbert 
- gfs2: update to the latest
- sched: fix show_task()/show_tasks() output
- sched: fix newly idle load balance in case of SMT
- sched: fix the all pinned logic in load_balance_newidle()
- fix leaks of struct seq_operations
- fix leaks of ref to user struct
- pata_atiixp: add SB700 PCI ID
- ata_piix: fix pio/mwdma programming
- sdhci: add ene controller id
- sdhci: Fix "Unexpected interrupt" handling
* Mon Jul 16 2007 Chuck Ebbert 
- bluetooth: hangup tty before releasing rfcomm
- driver core: get driver properly during release
- net scheduler: fix deadlock
- input: rfkill driver screws up the CPU flags
- acpi-cpufreq: make register write work properly again
* Mon Jul 16 2007 Chuck Ebbert 
- add proper caching of last_ctl to the 'unbreak SMART' fix
* Mon Jul 16 2007 Dave Jones 
- Unbreak SMART on libata.
* Mon Jul 16 2007 Dave Jones 
- Disable warnings that trigger due to disabled USB suspend.
* Thu Jul 12 2007 Dave Jones 
- Some systems have a HPET which is not incrementing, which leads
  to a complete hang.  Detect it during HPET setup.
* Thu Jul 12 2007 Dave Jones 
- Replace the pcspkr private PIT lock by the global PIT lock to
  serialize the PIT access all over the place.
* Thu Jul 12 2007 Chuck Ebbert 
- ata: update noncq list
- idr: multiple bugfixes
- tcp: sack fix leak msgs
- vbe: always save ddc data
* Thu Jul 12 2007 Jarod Wilson 
- Fix up some uname -r issues in certain kernel version
  cases (due to new versioning scheme)
* Wed Jul 11 2007 Chuck Ebbert 
- jbd: fix transaction dropping (kernel oops)
* Wed Jul 11 2007 Dave Jones 
- NFS: Add the mount option "nosharecache"
* Wed Jul 11 2007 Chuck Ebbert 
- 2.6.22.1
* Wed Jul 11 2007 Dave Jones 
- Revert mkinitrd requires: bump to what's in FC6.
* Wed Jul 11 2007 Dave Jones 
- Remove the x86-64 tickless patches, they aren't ready.
* Tue Jul 10 2007 Dave Jones 
- Fix issue with PIE randomization (#246623).
* Tue Jul 10 2007 Chuck Ebbert 
- sky2: re-enable lost interrupt workarounds
- aacraid: ioctl handler needs permission check
* Mon Jul  9 2007 Dave Jones 
- Disable forced HPET on ESB2 too
* Mon Jul  9 2007 Chuck Ebbert 
- changed default TCP/IPV4 congestion control to CUBIC
* Mon Jul  9 2007 Dave Jones 
- Rebase to 2.6.22

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

abdaee6fc94d926eb1b8e1d79de297f151c99294  SRPMS/kernel-2.6.22.1-32.fc6.src.rpm
abdaee6fc94d926eb1b8e1d79de297f151c99294  noarch/kernel-2.6.22.1-32.fc6.src.rpm
9e73013c5d6226dc9d8c5f71f00f5ae9432aaed4  ppc/kernel-2.6.22.1-32.fc6.ppc.rpm
1d26491528ce1532d970a9945c5a32d8700b7b1d  ppc/debug/kernel-debuginfo-common-2.6.22.1-32.fc6.ppc.rpm
5d51c602cdf3751a8dc9e78ba2d3550a58e9e505  ppc/kernel-smp-devel-2.6.22.1-32.fc6.ppc.rpm
0101bf571372bb303dcc657b7eaad417dcd5ffc9  ppc/kernel-headers-2.6.22.1-32.fc6.ppc.rpm
a7fc186cbcf01a2b6a2f24723f9d1dbbb52286d0  ppc/kernel-devel-2.6.22.1-32.fc6.ppc.rpm
2945602daf04459345f9434c995317cb35d2abc4  ppc/debug/kernel-debuginfo-2.6.22.1-32.fc6.ppc.rpm
64cf4a36af732ebeafc077bc82d3d8f0338246cd  ppc/kernel-smp-2.6.22.1-32.fc6.ppc.rpm
e3a67a4a79fbedfc3a9b97594461317cdf277076  ppc/debug/kernel-smp-debuginfo-2.6.22.1-32.fc6.ppc.rpm
71e842b7eac25943241f1de286f65e768de37926  ppc/kernel-doc-2.6.22.1-32.fc6.noarch.rpm
937ac9b5280eaa4208636fb8e00886183d20a953  x86_64/kernel-debug-2.6.22.1-32.fc6.x86_64.rpm
309538cf2e8a9833c1a23387d053e36c81b0f870  x86_64/debug/kernel-debuginfo-common-2.6.22.1-32.fc6.x86_64.rpm
878faa618cf216c1ed97f88f5c442a6f2d53424d  x86_64/debug/kernel-debuginfo-2.6.22.1-32.fc6.x86_64.rpm
38a4c516e8411dfb5039ffc96a07973595ad21b5  x86_64/kernel-devel-2.6.22.1-32.fc6.x86_64.rpm
dd91f8a97f2dc243c1f8662e6567521282b3425b  x86_64/debug/kernel-debug-debuginfo-2.6.22.1-32.fc6.x86_64.rpm
0bfbeedd83722b7b76675eed11677125122c9d88  x86_64/kernel-2.6.22.1-32.fc6.x86_64.rpm
0edf72dc60daf152af86e702495c4dd20a58fcca  x86_64/kernel-debug-devel-2.6.22.1-32.fc6.x86_64.rpm
e26de97f425a486652adbe1958753036a5c2284a  x86_64/kernel-headers-2.6.22.1-32.fc6.x86_64.rpm
71e842b7eac25943241f1de286f65e768de37926  x86_64/kernel-doc-2.6.22.1-32.fc6.noarch.rpm
446d602bb160b02169528f15fdcc7596d720476b  i386/kernel-headers-2.6.22.1-32.fc6.i386.rpm
8aeddbb9befc46adc5ecbacc8bee2e8667b0f7fd  i386/kernel-devel-2.6.22.1-32.fc6.i586.rpm
deb74e2fea482ba1761ccaf914d51dc0f72f9098  i386/kernel-2.6.22.1-32.fc6.i586.rpm
a74007d55e15d92b3d7a95c3ae29789a544a8016  i386/debug/kernel-debuginfo-common-2.6.22.1-32.fc6.i586.rpm
f7adaf33d45382d514a43240b210e0c83f33d2d9  i386/debug/kernel-debuginfo-2.6.22.1-32.fc6.i586.rpm
edb58e2a5a4e7ecb530b72c13042d74a7c8cc515  i386/debug/kernel-debug-debuginfo-2.6.22.1-32.fc6.i686.rpm
cc0fa329d0c7939aa299c64f629b6f7ce7031662  i386/kernel-debug-devel-2.6.22.1-32.fc6.i686.rpm
fb57449a45fc620fa12ab2b95a153857d9e27687  i386/debug/kernel-PAE-debuginfo-2.6.22.1-32.fc6.i686.rpm
897bb61d2655c5594e7889b03680646931355458  i386/kernel-PAE-debug-2.6.22.1-32.fc6.i686.rpm
fde6b5a51c2db8f7fb4385bd7de4b02f69c8e0d3  i386/debug/kernel-PAE-debug-debuginfo-2.6.22.1-32.fc6.i686.rpm
c999617cc4980ebe847efd92b61832c819f7cfb8  i386/kernel-devel-2.6.22.1-32.fc6.i686.rpm
e1800177cc6f87c6e319aa8dda6cca2d3bab358d  i386/kernel-PAE-2.6.22.1-32.fc6.i686.rpm
043562ae0b6c336c9af210de07bae822b475ea83  i386/kernel-debug-2.6.22.1-32.fc6.i686.rpm
ff10ba69ffe03ae4b559f207aa5851463db60ecf  i386/debug/kernel-debuginfo-2.6.22.1-32.fc6.i686.rpm
cfccfdb9b918a4eafc90e5133a3a204d48b49b57  i386/kernel-PAE-debug-devel-2.6.22.1-32.fc6.i686.rpm
9fe14732ff2604338f524655c34e3b14bbc5555b  i386/debug/kernel-debuginfo-common-2.6.22.1-32.fc6.i686.rpm
54a4bb489ce1093cca62f6b7a94bbb8c1ecd1287  i386/kernel-2.6.22.1-32.fc6.i686.rpm
a53d888480d5b133b15859394c97ea0b88306d2c  i386/kernel-PAE-devel-2.6.22.1-32.fc6.i686.rpm
71e842b7eac25943241f1de286f65e768de37926  i386/kernel-doc-2.6.22.1-32.fc6.noarch.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Encryption goof fixed in TorrentLocker file-locking malware
Qubes: The Open Source OS Built for Security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.