LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Important: kernel security and bug fix update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.
=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update
Advisory ID:       RHSA-2009:0014-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-0014.html
Issue date:        2009-01-14
CVE Names:         CVE-2008-3275 CVE-2008-4933 CVE-2008-4934 
                   CVE-2008-5025 CVE-2008-5029 CVE-2008-5300 
                   CVE-2008-5702 
=====================================================================

1. Summary:

Updated kernel packages that resolve several security issues and fix
various bugs are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update addresses the following security issues:

* the sendmsg() function in the Linux kernel did not block during UNIX
socket garbage collection. This could, potentially, lead to a local denial
of service. (CVE-2008-5300, Important)

* when fput() was called to close a socket, the __scm_destroy() function in
the Linux kernel could make indirect recursive calls to itself. This could,
potentially, lead to a local denial of service. (CVE-2008-5029, Important)

* a deficiency was found in the Linux kernel virtual file system (VFS)
implementation. This could allow a local, unprivileged user to make a
series of file creations within deleted directories, possibly causing a
denial of service. (CVE-2008-3275, Moderate)

* a buffer underflow flaw was found in the Linux kernel IB700 SBC watchdog
timer driver. This deficiency could lead to a possible information leak. By
default, the "/dev/watchdog" device is accessible only to the root user.
(CVE-2008-5702, Low)

* the hfs and hfsplus file systems code failed to properly handle corrupted
data structures. This could, potentially, lead to a local denial of
service. (CVE-2008-4933, CVE-2008-5025, Low)

* a flaw was found in the hfsplus file system implementation. This could,
potentially, lead to a local denial of service when write operations were
performed. (CVE-2008-4934, Low)

This update also fixes the following bugs:

* when running Red Hat Enterprise Linux 4.6 and 4.7 on some systems running
IntelĀ® CPUs, the cpuspeed daemon did not run, preventing the CPU speed from
being changed, such as not being reduced to an idle state when not in use.

* mmap() could be used to gain access to beyond the first megabyte of RAM,
due to insufficient checks in the Linux kernel code. Checks have been added
to prevent this.

* attempting to turn keyboard LEDs on and off rapidly on keyboards with
slow keyboard controllers, may have caused key presses to fail.

* after migrating a hypervisor guest, the MAC address table was not
updated, causing packet loss and preventing network connections to the
guest. Now, a gratuitous ARP request is sent after migration. This
refreshes the ARP caches, minimizing network downtime.

* writing crash dumps with diskdump may have caused a kernel panic on
Non-Uniform Memory Access (NUMA) systems with certain memory
configurations.

* on big-endian systems, such as PowerPC, the getsockopt() function
incorrectly returned 0 depending on the parameters passed to it when the
time to live (TTL) value equaled 255, possibly causing memory corruption
and application crashes.

* a problem in the kernel packages provided by the RHSA-2008:0508 advisory
caused the Linux kernel's built-in memory copy procedure to return the
wrong error code after recovering from a page fault on AMD64 and Intel 64
systems. This may have caused other Linux kernel functions to return wrong
error codes.

* a divide-by-zero bug in the Linux kernel process scheduler, which may
have caused kernel panics on certain systems, has been resolved.

* the netconsole kernel module caused the Linux kernel to hang when slave
interfaces of bonded network interfaces were started, resulting in a system
hang or kernel panic when restarting the network.

* the "/proc/xen/" directory existed even if systems were not running Red
Hat Virtualization. This may have caused problems for third-party software
that checks virtualization-ability based on the existence of "/proc/xen/".
Note: this update will remove the "/proc/xen/" directory on systems not
running Red Hat Virtualization.

All Red Hat Enterprise Linux 4 users should upgrade to these updated
packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network.  Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

248710 - Local keyboard DoS through LED switching
457858 - CVE-2008-3275 Linux kernel local filesystem DoS
460862 - kernel: devmem: add range_is_allowed() check to mmap_mem() [rhel-4.7.z]
469631 - CVE-2008-4933 kernel: hfsplus: fix Buffer overflow with a corrupted image
469640 - CVE-2008-4934 kernel: hfsplus: check read_mapping_page() return value
469891 - lost packets when live migrating (RHEL4 XEN)
470034 - HP-Japan: RHEL4.6 diskdump fails when NUMA is on
470196 - getsockopt() returning incorrectly in PPC
470201 - CVE-2008-5029 kernel: Unix sockets kernel panic
470769 - CVE-2008-5025 kernel: hfs: fix namelength memory corruption
471015 - RHSA-2008:0508 linux-2.6.9-x86_64-copy_user-zero-tail.patch broken
471222 - erroneous load balancing for isolated CPUs leads to divide-by-zero panic in find_busiest_group()
471391 - netconsole hang the system on ifenslave operation
473259 - CVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector
475733 - CVE-2008-5702 kernel: watchdog: ib700wdt.c - buffer_underflow bug
476534 - Xen balloon driver on RHEL4 x86_64 with 2.6.9-78.0.1.ELsmp

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-78.0.13.EL.src.rpm

i386:
kernel-2.6.9-78.0.13.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.i686.rpm
kernel-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.13.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.ia64.rpm
kernel-devel-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.13.EL.noarch.rpm

ppc:
kernel-2.6.9-78.0.13.EL.ppc64.rpm
kernel-2.6.9-78.0.13.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.ppc64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.ppc64iseries.rpm
kernel-devel-2.6.9-78.0.13.EL.ppc64.rpm
kernel-devel-2.6.9-78.0.13.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-78.0.13.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.ppc64.rpm

s390:
kernel-2.6.9-78.0.13.EL.s390.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.s390.rpm
kernel-devel-2.6.9-78.0.13.EL.s390.rpm

s390x:
kernel-2.6.9-78.0.13.EL.s390x.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.s390x.rpm
kernel-devel-2.6.9-78.0.13.EL.s390x.rpm

x86_64:
kernel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-78.0.13.EL.src.rpm

i386:
kernel-2.6.9-78.0.13.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.i686.rpm
kernel-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm

noarch:
kernel-doc-2.6.9-78.0.13.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-78.0.13.EL.src.rpm

i386:
kernel-2.6.9-78.0.13.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.i686.rpm
kernel-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.13.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.ia64.rpm
kernel-devel-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.13.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-78.0.13.EL.src.rpm

i386:
kernel-2.6.9-78.0.13.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.i686.rpm
kernel-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.13.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-2.6.9-78.0.13.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-2.6.9-78.0.13.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.13.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.ia64.rpm
kernel-devel-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.13.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.13.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.13.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.13.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.13.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5702
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
DARPA-derived secure microkernel goes open source tomorrow
Hacker Gary McKinnon turns into a search expert
Hackers seed Amazon cloud with potent denial-of-service bots
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.