Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Important: kernel security and bug fix update

Related Vulnerabilities: CVE-2007-6716   CVE-2008-1514   CVE-2008-4210   CVE-2008-3272   CVE-2007-5093   CVE-2008-3528   CVE-2007-5093   CVE-2008-1514   CVE-2008-3272   CVE-2008-3528   CVE-2007-6716   CVE-2008-4210   CVE-2007-5093   CVE-2007-6716   CVE-2008-3272   CVE-2008-4210   CVE-2008-1514   CVE-2008-3528  

Source

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that resolve several security issues and fix
various bugs are now available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

  • a flaw was found in the Linux kernel's Direct-IO implementation. This
    could have allowed a local unprivileged user to cause a denial of service.
    (CVE-2007-6716, Important)
  • when running ptrace in 31-bit mode on an IBM S/390 or IBM System z
    kernel, a local unprivileged user could cause a denial of service by
    reading from or writing into a padding area in the user_regs_struct32
    structure. (CVE-2008-1514, Important)
  • the do_truncate() and generic_file_splice_write() functions did not clear
    the setuid and setgid bits. This could have allowed a local unprivileged
    user to obtain access to privileged information. (CVE-2008-4210, Important)
  • Tobias Klein reported a missing check in the Linux kernel's Open Sound
    System (OSS) implementation. This deficiency could have led to an
    information leak. (CVE-2008-3272, Moderate)
  • a potential denial of service attack was discovered in the Linux kernel's
    PWC USB video driver. A local unprivileged user could have used this flaw
    to bring the kernel USB subsystem into the busy-waiting state.
    (CVE-2007-5093, Low)
  • the ext2 and ext3 file systems code failed to properly handle corrupted
    data structures, leading to a possible local denial of service issue when
    read or write operations were performed. (CVE-2008-3528, Low)

In addition, these updated packages fix the following bugs:

  • when using the CIFS "forcedirectio" option, appending to an open file on
    a CIFS share resulted in that file being overwritten with the data to be
    appended.
  • a kernel panic occurred when a device with PCI ID 8086:10c8 was present
    on a system with a loaded ixgbe driver.
  • due to an aacraid driver regression, the kernel failed to boot when trying
    to load the aacraid driver and printed the following error message:
    "aac_srb: aac_fib_send failed with status: 8195".
  • due to an mpt driver regression, when RAID 1 was configured on Primergy
    systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked
    during boot.
  • the mpt driver produced a large number of extraneous debugging messages
    when performing a "Host reset" operation.
  • due to a regression in the sym driver, the kernel panicked when a SCSI
    hot swap was performed using MCP18 hardware.
  • all cores on a multi-core system now scale their frequencies in
    accordance with the policy set by the system's CPU frequency governor.
  • the netdump subsystem suffered from several stability issues. These are
    addressed in this updated kernel.
  • under certain conditions, the ext3 file system reported a negative count
    of used blocks.
  • reading /proc/self/mem incorrectly returned "Invalid argument" instead of
    "input/output error" due to a regression.
  • under certain conditions, the kernel panicked when a USB device was
    removed while the system was busy accessing the device.
  • a race condition in the kernel could have led to a kernel crash during
    the creation of a new process.

All Red Hat Enterprise Linux 4 Users should upgrade to these updated
packages, which contain backported patches to correct these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server - Extended Update Support 4.7 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support 4.7 ia64
  • Red Hat Enterprise Linux Server - Extended Update Support 4.7 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7 ppc

Fixes

  • BZ - 306591 - CVE-2007-5093 kernel PWC driver DoS
  • BZ - 438147 - CVE-2008-1514 kernel: ptrace: Padding area write - unprivileged kernel crash
  • BZ - 455770 - RHEL 4.6: scsi hot swap broken (sym / Nokia MCP18)
  • BZ - 457995 - CVE-2008-3272 kernel snd_seq_oss_synth_make_info leak
  • BZ - 459577 - CVE-2008-3528 Linux kernel ext[234] directory corruption denial of service
  • BZ - 461082 - CVE-2007-6716 kernel: dio: zero struct dio with kzalloc instead of manually
  • BZ - 463661 - CVE-2008-4210 kernel: open() call allows setgid bit when user is not in new file's group
  • BZ - 464494 - CIFS option forcedirectio fails to allow the appending of text to files.
  • BZ - 464496 - Negative used blocks reported with ext3 on RHEL4
  • BZ - 464747 - regression, rhel4.7+, on the try to read /proc/self/mem getting improper return value
  • BZ - 465232 - [4.7] When the USB device is removed while the system is accessing the USB device, the panic is done.
  • BZ - 465265 - mpt 3.12.19.00rh on RHEL4.7 causes panic if a RAID 1 is configured.
  • BZ - 465735 - RHEL 4.7 ixgbe driver has a recursive stack corruption problem.
  • BZ - 466113 - netdump fails when bnx2 has remote copper PHY - Badness in local_bh_enable at kernel/softirq.c:141
  • BZ - 466214 - kernel BUG at kernel/signal.c:369! (attempt to free tsk->signal twice)
  • BZ - 466217 - [REG][4.7]Outputting large amount of log message when issuing host reset to adapter.
  • BZ - 468151 - aac_fib_send failed with status 8195
  • BZ - 469647 - add multi-core support to cpufreq driver

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started