Fedora 11: kernel Security Update

    Date07 Dec 2009
    CategoryFedora
    87
    Posted ByLinuxSecurity Advisories
    CVE-2009-1298 null ptr deref in ipv4 ip_frag_reasm.
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2009-12786
    2009-12-07 06:16:34
    --------------------------------------------------------------------------------
    
    Name        : kernel
    Product     : Fedora 11
    Version     : 2.6.30.9
    Release     : 102.fc11
    URL         : http://www.kernel.org/
    Summary     : The Linux kernel
    Description :
    The kernel package contains the Linux kernel (vmlinuz), the core of any
    Linux operating system.  The kernel handles the basic functions
    of the operating system: memory allocation, process allocation, device
    input and output, etc.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    CVE-2009-1298 null ptr deref in ipv4 ip_frag_reasm.
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Thu Dec  3 2009 Kyle McMartin  2.6.30.9-102
    - ipv4-fix-null-ptr-deref-in-ip_fragment.patch: null ptr deref
      bug fix.
    * Thu Nov 19 2009 Kyle McMartin 
    - fuse-prevent-fuse_put_request-in-invalid-ptr.patch: fix oops in fuse
      when low on memory. rhbz#538734.
    * Thu Nov 19 2009 David Woodhouse  2.6.30.9-100
    - Re-enable CONFIG_DMAR_GFX_WA on x86_64.
    * Tue Nov 17 2009 Chuck Ebbert  2.6.30.9-99
    - Silence pointless DRM warning message (#537196)
    * Tue Nov 17 2009 Chuck Ebbert  2.6.30.9-98
    - More sata_nv fixes (#524756).
    * Mon Nov 16 2009 Eric Sandeen  2.6.30.9-97
    - Fix ext4 preallocation-related corruption (#513221)
    * Tue Nov  3 2009 Kyle McMartin  2.6.30.9-96
    - fs/pipe.c: fix null pointer dereference (CVE-2009-3547)
    * Sun Oct 25 2009 Chuck Ebbert   2.6.30.9-95
    - Disable the stack protector on functions that don't have onstack arrays.
    * Thu Oct 22 2009 Chuck Ebbert   2.6.30.9-94
    - Fix overflow in KVM cpuid code. (CVE-2009-3638)
    * Thu Oct 22 2009 Chuck Ebbert   2.6.30.9-93
    - Fix exploitable oops in keyring code (CVE-2009-3624)
    * Wed Oct 21 2009 Kyle McMartin 
    - shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331... or paper bag
      over it for now until the lock warnings can be killed.
    * Mon Oct 19 2009 Kyle McMartin 
    - af_unix-fix-deadlock-connecting-to-shutdown-socket.patch: fix for
      rhbz#529626 local DoS. (CVE-2009-3621)
    * Sat Oct 17 2009 Chuck Ebbert   2.6.30.9-90
    - Fix null deref in r128 (F10#487546) (CVE-2009-3620)
    * Sat Oct 17 2009 Chuck Ebbert  2.6.30.9-89
    - Keyboard and mouse fixes from 2.6.32 (#522126)
    * Sat Oct 17 2009 Chuck Ebbert  2.6.30.9-88
    - Scheduler wakeup patch, fixes high latency on wakeup
      (sched-update-the-clock-of-runqueue-select-task-rq-selected.patch)
    * Fri Oct 16 2009 Chuck Ebbert  2.6.30.9-87
    - Fix uninitialized data leak in netlink (CVE-2009-3612)
    * Thu Oct 15 2009 Chuck Ebbert  2.6.30.9-86
    - AX.25 security fix (CVE-2009-2909)
    * Thu Oct 15 2009 Chuck Ebbert  2.6.30.9-85
    - Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure
      to boot from USB disks using Cypress bridges (#524998)
    * Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-84
    - Copy libata drive detection fix from 2.6.31.4 (#524756)
    * Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-83
    - Networking fixes taken from 2.6.31-stable
    * Tue Oct 13 2009 Chuck Ebbert  2.6.30.9-82
    - Fix boot hang with ACPI on some systems.
    * Mon Oct 12 2009 Chuck Ebbert   2.6.30.9-81
    - Critical ftrace fixes:
      ftrace-use-module-notifier-for-function-tracer.patch
      ftrace-check-for-failure-for-all-conversions.patch
      tracing-correct-module-boundaries-for-ftrace_release.patch
    * Thu Oct  8 2009 Ben Skeggs      2.6.30.9-80
    - ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308)
    * Wed Oct  7 2009 Dave Jones        2.6.30.9-78
    - Disable IRQSOFF tracer. (Adds unnecessary overhead when unused)
    * Wed Oct  7 2009 Chuck Ebbert   2.6.30.9-77
    - eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908)
    * Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-76
    - fix race in forcedeth network driver (#526546)
    * Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-75
    - x86: Don't leak 64-bit reg contents to 32-bit tasks.
    * Tue Oct  6 2009 Chuck Ebbert   2.6.30.9-74
    - ACPI EC bug fixes taken from kernel 2.6.32 (#492699, #525681)
    * Mon Oct  5 2009 Chuck Ebbert   2.6.30.9-73
    - Linux 2.6.30.9
    * Sun Oct  4 2009 Chuck Ebbert   2.6.30.9-72.rc3
    - Copy stack randomization fix from 2.6.31.2 (F10#526882)
    * Sun Oct  4 2009 Chuck Ebbert   2.6.30.9-71.rc3
    - Linux 2.6.30.9-rc3
    - Drop merged upstream patches:
      linux-2.6-cifs-reenable-lanman-security.patch
      kvm-guest-fix-bogus-wallclock-physical-address-calculation.patch
      kvm-mmu-make-__kvm_mmu_free_some_pages-handle-empty-list.patch
      kvm-vmx-check-cpl-before-emulating-debug-register-access.patch
      kvm-vmx-fix-cr8-exiting-control-clobbering-by-ept.patch
      kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch
      linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch
    * Fri Oct  2 2009 Justin M. Forbes   2.6.30.8-70
    - Add linux-2.6-virtio-net-refill-on-out-of-memory.patch, from 2.6.31
      to prevent page allocation failures in guests. (#520119)
    * Mon Sep 28 2009 Chuck Ebbert   2.6.30.8-69
    - Add linux-2.6-kvm-revert-x86-check-for-cr3-validity.patch, from
      2.6.32-rc, fixes bug #525743
    * Mon Sep 28 2009 Chuck Ebbert   2.6.30.8-68
    - Drop sched-disable-NEW-FAIR-SLEEPERS-for-now.patch, reported to
      cause problems on 2.6.30.
    * Sat Sep 26 2009 Chuck Ebbert   2.6.30.8-67
    - Scheduler fixes cherry-picked from 2.6.32
    * Sat Sep 26 2009 Chuck Ebbert   2.6.30.8-66
    - Backport "appletalk: Fix skb leak when ipddp interface is not loaded"
      (fixes CVE-2009-2903)
    * Sat Sep 26 2009 Chuck Ebbert  2.6.30.8-65
    - KVM fixes from 2.6.31.1, including fix for CVE-2009-3290
    * Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-64
    - Fix serious CFQ performance regression.
    * Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-63
    - Disable the GEM graphics manager on i686 PAE kernels
      (fixes modesetting on Intel graphics.)
    * Fri Sep 25 2009 Chuck Ebbert  2.6.30.8-62
    - Fix breakage in hostap driver (#522269)
    * Thu Sep 24 2009 Chuck Ebbert  2.6.30.8-61
    - Backport the cpuidle-faster-io fix from Fedora 12 to fix I/O
      performance problems when reading/writing multiple disks.
    * Thu Sep 24 2009 Chuck Ebbert  2.6.30.8-60
    - Linux 2.6.30.8
    * Thu Sep 24 2009 Chuck Ebbert  2.6.30.7-59
    - Disable sound powersave by default; it still pops when playing sounds. (#523836)
    * Wed Sep 16 2009 Justin M. Forbes  2.6.30.7-58
    - Revert virtio_blk to rotational mode. (#509383)
    * Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-57
    - Linux 2.6.30.7
    * Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-56.rc1
    - Fix CIFS security flags mask broken in 2.6.30 (#523173)
    * Tue Sep 15 2009 Chuck Ebbert  2.6.30.7-55.rc1
    - Fix cpufreq lockdep warnings (#522685)
    * Sat Sep 12 2009 Chuck Ebbert  2.6.30.7-54.rc1
    - 2.6.30.7-rc1
    - Drop patches merged in -stable:
       linux-2.6-slub-fix-destroy-by-rcu.patch
    * Thu Sep 10 2009 Dennis Gilmore  2.6.30.6-53
    - kgdb only works on sparc64 smp kernels so disable on the up one and enable on the smp one
    - update to 256 cpus supported on sparc64 smp
    * Wed Sep  9 2009 Chuck Ebbert   2.6.30.6-52
    - Add linux-2.6-slub-fix-destroy-by-rcu.patch (fixes bug in 2.6.30.4)
    * Wed Sep  9 2009 Chuck Ebbert  2.6.30.6-51
    - 2.6.30.6
    - Drop patches merged in -stable:
      do_sigaltstack-avoid-copying-stack_t-as-a-structure-to-userspace.patch
      linux-2.6-x86-dont-send-ipi-to-empty-set-cpus.patch
      linux-2.6-bitmap-make-ops-return-result.patch
      linux-2.6-x86-dont-call-send-ipi-mask-with-empty-mask.patch
      linux-2.6-clone-fix-race-between-copy-process-and-de-thread.patch
      linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch
      linux-2.6-xen-x86-dont-probe-if-apics-are-disabled.patch
    * Tue Sep  8 2009 Chuck Ebbert  2.6.30.5-50
    - Disable Amiga One support to fix powerpc coherency bug (#521703)
    * Fri Sep  4 2009 Chuck Ebbert  2.6.30.5-49
    - Fix build system getting confused during firmware install.
    * Fri Sep  4 2009 Chuck Ebbert  2.6.30.5-48
    - Added additional fixes needed for #514787:
      linux-2.6-ppc64-vs-broadcom-lmb-no-init-*.patch
    - Fix up lirc patch context so it applies.
    * Wed Sep  2 2009 Jarod Wilson 
    - Make it possible to rmmod lirc_zilog w/o it hanging indefinitely
    - Add transmit support (via port 2 only) on 1st-gen mceusb transceiver
    * Tue Sep  1 2009 Chuck Ebbert  2.6.30.5-46
    - Fix yet another Xen boot crash (#520517)
    * Tue Sep  1 2009 Jarod Wilson  2.6.30.5-45
    - Refresh lirc patches, add new lirc_ene0100 driver
    - Fix up hdpvr driver for use with modular i2c so that
      lirc_zilog can actually bind to it
    - Make lirc_zilog IR transmit and receive work on the hdpvr
    - Fix audio on PVR-500 when used in same system as HVR-1800 (#480728)
    * Fri Aug 28 2009 David Woodhouse 
    - Enable Solos DSL driver
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-43
    - Don't load the floppy driver automatically:
      linux-2.6-defaults-die-floppy-die.patch
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-42
    - Fix stackprotector problems with Xen on x86_64.
    - Disable stackprotector on i386 until 32-bit Xen gets fixed.
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-41
    - linux-2.6-kthreads-fix-kthread-create-vs-kthread-stop.patch:
      fix race in kthreads.
    * Thu Aug 27 2009 Justin M. Forbes  2.6.30.5-40
    - xen: Fix guest crash when trying to debug. (#458385)
    * Thu Aug 27 2009 John W. Linville  2.6.30.5-39
    - zd1211rw: adding 083a:e503 as a ZD1211B device (#518538)
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-38
    - Fix string overflows found by stackprotector:
      hda-check-strcpy-length.patch
      linux-2.6-v4l-dvb-af9015-fix-stack-corruption.patch
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-37
    - Fix race in clone() syscall.
    * Thu Aug 27 2009 Chuck Ebbert  2.6.30.5-36
    - Fix hangs on older x86 systems with 440*X chipsets.
    * Fri Aug 21 2009 David Woodhouse 
    - Fix b43 on iMac G5 (#514787)
    * Tue Aug 18 2009 Kyle McMartin 
    - Backport several upstream commits 52dec22e739eec8f3a0154f768a599f5489048bd
      to improve mmap_min_addr.
    - CVE-2009-2847: do_sigaltstack: avoid copying 'stack_t' as a
      structure to user space
    * Mon Aug 17 2009 Chuck Ebbert  2.6.30.5-32
    - Change config options:
      CONFIG_SCSI_DEBUG=m
      CONFIG_PCI_MSI_DEFAULT_ON=y
    * Mon Aug 17 2009 Jarod Wilson  2.6.30.5-31
    - Fix flub in prior lirc patch update that resulted in no lirc
      drivers getting built
    * Sun Aug 16 2009 Chuck Ebbert  2.6.30.5-29
    - Linux 2.6.30.5
    * Fri Aug 14 2009 Chuck Ebbert  2.6.30.5-28.rc2
    - Linux 2.6.30.5-rc2
    - Dropped drm-intel-tv-fix.patch, merged in -stable now.
    * Wed Aug 12 2009 Kyle McMartin 
    - drm-no-gem-on-i8xx.patch: fix misspelled IS_8XX & IS_I845G, sigh.
    * Wed Aug 12 2009 Kyle McMartin 
    - DRM patch sync-up with F-11-2.6.29.y, ABI probably isn't right yet though...
     - drm-modesetting-radeon.patch
     - drm-nouveau.patch
     - drm-no-gem-on-i8xx.patch
     - drm-i915-resume-force-mode.patch
     - drm-intel-big-hammer.patch
     - drm-intel-gen3-fb-hack.patch
     - drm-intel-hdmi-edid-fix.patch
     - drm-modesetting-radeon-fixes.patch
     - drm-radeon-new-pciids.patch
     - drm-dont-frob-i2c.patch
     - drm-intel-tv-fix.patch
     - drm-radeon-cs-oops-fix.patch
     - drm-pnp-add-resource-range-checker.patch
     - drm-i915-enable-mchbar.patch
    - The rest were merged upstream.
    * Wed Aug 12 2009 John W. Linville 
    - iwlwifi: fix TX queue race
    * Mon Aug 10 2009 Kyle McMartin 
    - Patch sync-up with F-11-2.6.29.y:
     - linux-2.6-x86-delay-tsc-barrier.patch
     - linux-2.6-fs-cifs-fix-port-numbers.patch
     - linux-2.6-kvm-skip-pit-check.patch
     - linux-2.6.29-xen-disable-gbpages.patch
     - linux-2.6-virtio_blk-dont-bounce-highmem-requests.patch
     - linux-2.6-drivers-char-low-latency-removal.patch
     - linux-2.6-serial-add-txen-test-param.patch
     - linux-2.6-input-wacom-bluetooth.patch
     - linux-2.6-defaults-saner-vm-settings.patch
     - linux-2.6-mm-lru-evict-streaming-io-pages-first.patch
     - linux-2.6-mm-lru-report-vm-flags-in-page-referenced.patch
     - linux-2.6-mm-lru-dont-evict-mapped-executable-pages.patch
     - linux-2.6-utrace.patch
     - linux-2.6-utrace-ftrace.patch
     - linux-2.6-tracehook.patch
    * Mon Aug 10 2009 Jarod Wilson 
    - Add tunable pad threshold support to lirc_imon
    - Blacklist all iMON devices in usbhid driver so lirc_imon can bind
    - Add new device ID to lirc_mceusb (#512483)
    - Enable IR transceiver on the HD PVR
    * Wed Aug  5 2009 Kyle McMartin 
    - Update to released 2.6.30.4.
    - Drop now-unneeded upstream reverts.
    * Wed Jul 29 2009 Chuck Ebbert 
    - Linux 2.6.30.4-rc1
    * Mon Jul 27 2009 Neil Horman 
    - Backport xfrm gc_thresh export code (bz 503124)
    * Fri Jul 24 2009 Kyle McMartin 
    - CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 [i386 x86_64], 4096 elsewhere, as
      per defconfigs.
    - Blat patches from other tag, now to rebase fixes, splat in the changelog,
      and tag it for building.
    * Fri Jul 24 2009 Kyle McMartin 
    - Copy over release configs from devel-2.6.30 tag.
    - Fix up some spec deviations.
    * Fri Jul 24 2009 Kyle McMartin 
    - Linux 2.6.30.3 rebase for Fedora 11.
    - Fedora 11 2.6.29 branch is on tag private-fedora-11-2_6_29_6.
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #544144 - CVE-2009-1298 kernel: ip_frag_reasm() NULL pointer dereference
            https://bugzilla.redhat.com/show_bug.cgi?id=544144
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use 
    su -c 'yum update kernel' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    http://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    
    _______________________________________________
    Fedora-package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.redhat.com/mailman/listinfo/fedora-package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.