Moderate: Red Hat Enterprise Linux 5.8 kernel update

Synopsis

Moderate: Red Hat Enterprise Linux 5.8 kernel update

Type/Severity

Security Advisory: Moderate

Topic

Updated kernel packages that fix one security issue, address several
hundred bugs, and add numerous enhancements are now available as part of
the ongoing support and maintenance of Red Hat Enterprise Linux version 5.
This is the eighth regular update.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

• A flaw was found in the way the Linux kernel's Event Poll (epoll)
  subsystem handled large, nested epoll structures. A local, unprivileged
  user could use this flaw to cause a denial of service. (CVE-2011-1083,
  Moderate)
  

Red Hat would like to thank Nelson Elhage for reporting this issue.

These updated kernel packages include a number of bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 5.8 Technical
Notes, linked to in the References, for information on the most significant
of these changes.

All Red Hat Enterprise Linux 5 users are advised to install these updated
packages, which correct these issues and add these enhancements. The system
must be rebooted for this update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 485173 - kernel/module-verify-sig.c with memory uncleaned bug
• BZ - 516170 - kernel multipath driver behaves badly on medium errors
• BZ - 526862 - [RHEL5 Xen]: Mask out CPU features by default
• BZ - 543064 - No NUMA node hash function found on a EX machine
• BZ - 571737 - Cannot use Quickcam Pro 9000 with Ekiga, fails with "uvcvideo: Failed to query ..."
• BZ - 585935 - Bug in RHEL-5.4/5.5 nfs_access_cache_shrinker
• BZ - 608156 - kernel panic if bonding initialization fails
• BZ - 618317 - RFE: RHEL5 Xen: support online dynamic resize of guest virtual disks
• BZ - 664653 - [5.4] OS cannot recognize DVD disk replace in rescue mode.
• BZ - 668027 - unexpected error message when sending a unsolicited NA from user code
• BZ - 668529 - Spare disk added to a raid1 array by mdadm command is dropped upon next boot.
• BZ - 674663 - vlapic: Fix possible guest tick losing after save/restore
• BZ - 681578 - CVE-2011-1083 kernel: excessive in kernel CPU consumption when creating large nested epoll structures
• BZ - 681902 - GFS2: Add readahead to sequential directory traversal
• BZ - 683372 - NFS4: Incorrect server behavior when using OPEN call with O_CREATE on a directory on which the process has no WRITE permissions.
• BZ - 688673 - PCI Virtual Function Passthrough - SR-IOV, Paravirt Guest fails to obtain IRQ after reboot
• BZ - 688791 - dropwatch>stop: Waiting for deactivation ack (forever)
• BZ - 691087 - Incorrect values in /proc/sys/vm/dirty_writeback_centises and dirty_expire_centisecs
• BZ - 694625 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time
• BZ - 697021 - Patch needed to allow MTU >1500 on vif prior to connecting to bridge
• BZ - 698842 - kvmclock: MP-BIOS bug: 8254 timer not connected to IO-APIC
• BZ - 698928 - VLAN interface with changed MAC address fails to communicate
• BZ - 700565 - RHEL6.1 32bit xen hvm guest crash randomly
• BZ - 700752 - 32-bit PV guest crash on restore on x64_86 host
• BZ - 700886 - RHEL5.6 TSC used as default clock source on multi-chassis system
• BZ - 703150 - multiple resource leaks on error paths in blkfront and netfront
• BZ - 703505 - 300 seconds time shift in vdso version of clock_gettime()
• BZ - 704921 - panic in cifsd code after unexpected lookup error -88.
• BZ - 706339 - open/closed files in cifs mount points
• BZ - 707966 - 2.6.18-238.1.1.el5 or newer won't boot under Xen HVM due to linux-2.6-virt-nmi-don-t-print-nmi-stuck-messages-on-guests.patch
• BZ - 709271 - net.ipv6.conf.default.dad_transmits has no effect on tentative IPv6 addresses
• BZ - 709515 - Kernel panic at nfs4_callback_compound+0x2dd
• BZ - 711070 - mask the SMEP bit for PV, do the same or backport SMEP emulation for HVM
• BZ - 712439 - Backport "x86: extend debug key 't' to collect useful clock skew info"
• BZ - 712440 - Backport "vmx: Print advanced features during boot"
• BZ - 712441 - Backport "x86/hvm: fix off-by-one errors in vcpuid range checks"
• BZ - 713702 - pull missing fixes from upstream x86_emulate()
• BZ - 714053 - couple nice-to-have xen hypervisor patches
• BZ - 714670 - TCP_CRR and concurrent TCP stream tests over IPv6 sometime fails on rhel5.7
• BZ - 715501 - ext4: Don't error out the fs if the user tries to make a file too big
• BZ - 716834 - 'dmesg' command is swamped with the message: pci_set_power_state(): 0000:05:05.0: state=3, current state=5
• BZ - 717434 - Unable to attach a cdrom device to guest domain
• BZ - 717850 - miss xmit_hash_policy=layer2+3 in modinfo bonding output
• BZ - 718232 - [xfs] mis-sized O_DIRECT I/O results in hung task timeouts
• BZ - 718641 - Can't change lacp_rate in bonding mode=802.3ad
• BZ - 718988 - [EL5.7] igb: failed to activate WOL on 2nd LAN port on i350
• BZ - 720347 - RHEL 6.1 Xen paravirt guest is getting network outage during live migration (host side)
• BZ - 720551 - xfs_error_report() oops when passed-in mp is NULL
• BZ - 720936 - Windows guests may hang/BSOD on some AMD processors.
• BZ - 720986 - vlapic: backport EOI fast path
• BZ - 723755 - win2003 i386 guest BSOD when created with e1000 nic
• BZ - 728508 - Huge performance regression in NFS client
• BZ - 729261 - ext3/ext4 mbcache causes high CPU load
• BZ - 732752 - exclude VMX_PROCBASED_CTL2 from the MSRs a VMX guest is allowed to access
• BZ - 733416 - netfront MTU drops to 1500 after domain migration
• BZ - 734708 - xen modules - unable to handle kernel NULL pointer dereference
• BZ - 734900 - Panic, NMI Watchdog detected LOCKUP on CPU 6
• BZ - 735477 - nfs4_getfacl decoding causes kernel oops
• BZ - 740203 - Host crash when pass-through fails
• BZ - 740299 - [RTC] - The ioctl RTC_IRPQ_READ doesn't return the correct value
• BZ - 742880 - [RFE] backport Xen watchdog (hypervisor side only)
• BZ - 752626 - BNX2I: Fixed the endian on TTT for NOP out transmission
• BZ - 753729 - system cannot suspend with "stopping tasks timed out - bnx2i_thread/0 remaining"
• BZ - 771592 - Install RHEV-H to virtual machine cause VM kernel panic when boot
• BZ - 772578 - [ALL LANG] [anaconda] The installation halted when clicking 'Skip' button (select 'Skip entering Installation Number')

CVEs

• CVE-2011-1083

References

• https://access.redhat.com/security/updates/classification/#moderate
• https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.8_Technical_Notes/kernel.html#RHSA-2012-0150