LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 11 Update: kernel-2.6.29.6-217.2.8.fc11 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Fix oops in clock_nanosleep syscall which allows an ordinary user to cause a null ptr dereference in the kernel. CVE-2009-2767. Fixes BUG_ON() in the intel gem page fault code breaking GNOME Shell.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-8684
2009-08-17 20:42:52
--------------------------------------------------------------------------------

Name        : kernel
Product     : Fedora 11
Version     : 2.6.29.6
Release     : 217.2.8.fc11
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

--------------------------------------------------------------------------------
Update Information:

Fix oops in clock_nanosleep syscall which allows an ordinary user to cause a
null ptr dereference in the kernel. CVE-2009-2767. Fixes BUG_ON() in the intel
gem page fault code breaking GNOME Shell.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Aug 15 2009 Kyle McMartin  2.6.29.6-217.2.8
- CVE-2009-2767: Fix clock_nanosleep NULL ptr deref.
* Fri Aug 14 2009 Kyle McMartin  2.6.29.6-217.2.7
- CVE-2009-2692: Fix sock sendpage NULL ptr deref.
* Thu Aug 13 2009 Kristian Høgsberg  - 2.6.29.6-217.2.6
- Backport 0e7ddf7e to fix bad BUG_ON() in i915 gem fence management
  code.  Adds drm-i915-gem-bad-bug-on.patch, fixes #514091.
* Wed Aug 12 2009 John W. Linville  2.6.29.6-217.2.5
- iwlwifi: fix TX queue race
* Mon Aug 10 2009 Jarod Wilson  2.6.29.6-217.2.4
- Add tunable pad threshold support to lirc_imon
- Blacklist all iMON devices in usbhid driver so lirc_imon can bind
- Add new device ID to lirc_mceusb (#512483)
- Enable IR transceiver on the HD PVR
* Wed Jul 29 2009 Chuck Ebbert  2.6.29.6-217.2.3
- Don't optimize away NULL pointer tests where pointer is used before the test.
  (CVE-2009-1897)
* Wed Jul 29 2009 Chuck Ebbert  2.6.29.6-217.2.2
- Fix mmap_min_addr security bugs (CVE-2009-1895)
* Wed Jul 29 2009 Chuck Ebbert  2.6.29.6-217.2.1
- Fix eCryptfs overflow issues (CVE-2009-2406, CVE-2009-2407)
* Thu Jul 23 2009 Kyle McMartin  2.6.29.6-217
- Apply three patches requested by sgruszka@redhat.com:
 - iwl3945-release-resources-before-shutting-down.patch
 - iwl3945-add-debugging-for-wrong-command-queue.patch
 - iwl3945-fix-rfkill-sw-and-hw-mishmash.patch
* Thu Jul 23 2009 Jarod Wilson 
- virtio_blk: don't bounce highmem requests, works around a frequent
  oops in kvm guests using virtio block devices (#510304)
* Wed Jul 22 2009 Tom "spot" Callaway 
- We have to override the new %install behavior because, well... the kernel is
special.
* Wed Jul 22 2009 Ben Skeggs 
- drm-nouveau.patch: Fix DPMS off for DAC outputs, NV4x PFIFO typo
* Tue Jul  7 2009 Chuck Ebbert  2.6.29.6-213
- Drop the correct patch to fix bug #498858
* Mon Jul  6 2009 Chuck Ebbert  2.6.29.6-212
- Additional fixes for bug #498854
* Thu Jul  2 2009 Chuck Ebbert  2.6.29.6-211
- Fix NFSD null credentials bug (#494067)
- Remove null credentials debugging patch.
* Thu Jul  2 2009 Chuck Ebbert  2.6.29.6-210
- Linux 2.6.29.6
* Wed Jul  1 2009 Chuck Ebbert  2.6.29.6-209.rc1
- Linux 2.6.29.6-rc1
- Enable CONFIG_DEBUG_CREDENTIALS in debug kernels only.
- Dropped patches merged upstream:
    linux-2.6-netdev-r8169-fix-lg-pkt-crash.patch
    linux-2.6-input-atkbd-forced-release.patch
* Wed Jul  1 2009 Dave Airlie  2.6.29.5-208
- drm-intel-a17-fix.patch, drm-pnp-add-resource-range-checker.patch,
  drm-i915-enable-mchbar.patch:
    backport upstream fixes for 915/945 tiling slowness.
* Tue Jun 30 2009 Chuck Ebbert  2.6.29.5-207
- Fix stalled NFS writes (#508174)
- Fix broken TSC-based delay.
* Tue Jun 30 2009 Jarod Wilson  2.6.29.5-206
- Fix busticated lirc_serial (#504402)
* Tue Jun 30 2009 Ben Skeggs  2.6.29.5-205
- nouveau: Forcibly DPMS on DAC/SORs during modeset
* Mon Jun 29 2009 Chuck Ebbert  2.6.29.5-204
- Fix "port=" option in CIFS mount calls. (#506574)
* Mon Jun 29 2009 Chuck Ebbert  2.6.29.5-203
- Add support for Apple mini keyboard (#507517)
* Mon Jun 29 2009 Chuck Ebbert  2.6.29.5-202
- New debug patch for null selinux credentials (for bug #494067)
* Fri Jun 26 2009 Ben Skeggs  2.6.29.5-201
- nouveau: bump timeout up a bit, some people hitting false hangs
* Fri Jun 26 2009 Ben Skeggs  2.6.29.5-200
- nouveau: backport nv50 output script fixes from upstream
* Fri Jun 26 2009 Ben Skeggs 
- nouveau: fix GT200 context control, will allow use of 3D engine now
* Wed Jun 24 2009 Jarod Wilson  2.6.29.5-198
- Fix lirc_i2c functionality (#507047)
- Add ability to disable lirc_imon mouse mode
* Wed Jun 24 2009 Kyle McMartin 
- config changes:
 - generic:
  - CONFIG_SCSI_DEBUG=m (was off, requested by davidz.)
* Mon Jun 22 2009 Chuck Ebbert  2.6.29.5-196
- Fix oopses in a bunch of USB serial devices (#500954)
* Sat Jun 20 2009 Chuck Ebbert  2.6.29.5-195
- Add linux-2.6-drivers-char-low-latency-removal.patch
  to fix oops in nozomi driver (#507005)
* Thu Jun 18 2009 Ben Skeggs  2.6.29.5-194
- drm-nouveau.patch: un-break DPMS after DRM changes
* Thu Jun 18 2009 Dave Airlie  2.6.29.5-193
- drm-radeon-cs-oops-fix.patch: fix oops if CS path called from non-kms
* Wed Jun 17 2009 Jarod Wilson 
- New lirc_imon hotness:
  * support dual-interface devices with a single lirc device
  * directional pad functions as an input device mouse
  * touchscreen devices finally properly supported
  * support for using MCE/RC-6 protocol remotes
  * fix oops in RF remote association code (F10 bug #475496)
  * fix re-enabling case/panel buttons and/or knobs
- Add some misc additional lirc_mceusb2 transceiver IDs
- Add missing unregister_chrdev_region() call to lirc_dev exit
- Add it8720 support to lirc_it87
* Tue Jun 16 2009 Chuck Ebbert  2.6.29.5-191
- Copy latest version of the -mm streaming IO and executable pages patches from F-10
- Copy the saner-vm-settings patch from F-10:
    change writeback interval from 5,30 seconds to 3,10 seconds
- Comment out the null credentials debugging patch (bug #494067)
* Tue Jun 16 2009 Chuck Ebbert  2.6.29.5-190
- Two r8169 driver updates from 2.6.30
- Update via-sdmmc driver
* Tue Jun 16 2009 Chuck Ebbert  2.6.29.5-189
- New debug patch for bug #494067, now enabled for non-debug kernels too.
* Tue Jun 16 2009 Chuck Ebbert  2.6.29.5-188
- Avoid lockup on OOM with /dev/zero
* Tue Jun 16 2009 Chuck Ebbert  2.6.29.5-187
- Drop the disable of mwait on VIA Nano processor. The lockup bug is
  fixed by BIOS updates.
* Tue Jun 16 2009 Ben Skeggs  2.6.29.5-186
- nouveau: Use VBIOS image from PRAMIN in preference to PROM (#492658)
* Tue Jun 16 2009 Dave Airlie  2.6.29.5-185
- drm-connector-dpms-fix.patch - allow hw to dpms off
- drm-dont-frob-i2c.patch - don't play with i2c bits just do EDID
- drm-intel-tv-fix.patch - fixed intel tv after connector dpms
- drm-modesetting-radeon-fixes.patch - fix AGP issues (go faster) (otaylor)
- drm-radeon-fix-ring-commit.patch - fix stability on some radeons
- drm-radeon-new-pciids.patch - add rv770/790 support
- drm-intel-vmalloc.patch - fix vmalloc patch
* Mon Jun 15 2009 Chuck Ebbert  - 2.6.29.5-184
- Get rid of the annoying parport sysctl registration warning (#503773)
  (linux-2.6-parport-quickfix-the-proc-registration-bug.patch)
* Mon Jun 15 2009 Chuck Ebbert  - 2.6.29.5-183
- Linux 2.6.29.5
* Mon Jun 15 2009 Chuck Ebbert  - 2.6.29.5-182.rc1
- Add support for touchpad on MacBook 5 (Unibody) (#504197)
* Mon Jun 15 2009 Chuck Ebbert  - 2.6.29.5-181.rc1
- Fix reporting of short writes to the NFS client (#493500)
* Mon Jun 15 2009 John W. Linville 
- neigh: fix state transition INCOMPLETE->FAILED via Netlink request
* Fri Jun 12 2009 Chuck Ebbert  - 2.6.29.5-179.rc1
- VIA Nano / VX800 fixes
    Padlock 64-bit fixes
    Disable mwait on the Nano
    Add via-sdmmc driver
    Enable the VIA random number generator on 64-bit
- Enable the userspace ARP daemon (#502844)
* Wed Jun 10 2009 Ben Skeggs 
- drm-nouveau.patch: fill in modes derived from VBIOS tables better
* Tue Jun  9 2009 Chuck Ebbert  - 2.6.29.5-177.rc1
- 2.6.29.5-rc1
- Reverted from stable, patch already in drm-next:
    drm-r128-fix-r128-ioremaps-to-use-ioremap_wc.patch
- Dropped patches, merged in -stable:
    hpet-fixes.patch
    keys-Handle-there-being-no-fallback-destination-key.patch
    kvm-Fix-PDPTR-reloading-on-CR4-writes.patch
    kvm-Make-paravirt-tlb-flush-also-reload-the-PAE-PDP.patch
    linux-2.6-ptrace-fix-possible-zombie-leak.patch
    linux-2.6-usb-cdc-acm-remove-low-latency-flag.patch
    linux-2.6-xen-xenbus_state_transition_when_not_connected.patch
    linux-2.6.29.5-ext4-stable-fixes.patch
* Tue Jun  9 2009 John W. Linville 
- Clean-up some wireless bits in config-generic
* Tue Jun  9 2009 Chuck Ebbert  - 2.6.29.4-175
- Add ext4 stable patch queue, 18 patches submitted for 2.6.29.5
  (adds 10 patches that weren't already in F-11.)
* Tue Jun  9 2009 Chuck Ebbert  - 2.6.29.4-174
- Add support for ACPI P-states on VIA processors.
- Disable the e_powersaver driver.
* Mon Jun  8 2009 Chuck Ebbert  - 2.6.29.4-173
- Add linux-2.6-ptrace-fix-possible-zombie-leak.patch
  Fixes bug #481753, ptraced processes fail to deliver exit notification to parent
* Mon Jun  8 2009 Chuck Ebbert  - 2.6.29.4-172
- Add linux-2.6-netdev-ehea-fix-circular-locking.patch (#498854)
* Mon Jun  8 2009 Chuck Ebbert  - 2.6.29.4-171
- Add AT keyboard forced key release quirks for four more notebooks.
  (Fixes Samsung NC20/Q45, Fujitsu PA1510/Xi3650)
* Mon Jun  8 2009 Chuck Ebbert  - 2.6.29.4-170
- Drop ALSA jiffies-based PCM boundary checking (#498858)
* Mon Jun  8 2009 Chuck Ebbert  - 2.6.29.4-169
- Add debug patch for finding null security credentials. (494067)
* Tue Jun  2 2009 Roland McGrath  - 2.6.29.4-168
- utrace update (fixes stap PR10185)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #515867 - CVE-2009-2767 kernel: clock_nanosleep() with CLOCK_MONOTONIC_RAW NULL pointer dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=515867
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How to weed out the next Heartbleed bug: ENISA details crypto worries
Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign
Finally, a New Clue to Solve the CIA’s Mysterious Kryptos Sculpture
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.