Fedora 12: kernel Security Update

    Date10 Dec 2009
    CategoryFedora
    64
    Posted ByLinuxSecurity Advisories
    CVE-2009-4131: EXT4 - fix insufficient permission checking which could result in arbitrary data corruption by a local unprivileged user.
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2009-13039
    2009-12-10 16:35:30.934288
    --------------------------------------------------------------------------------
    
    Name        : kernel
    Product     : Fedora 12
    Version     : 2.6.31.6
    Release     : 166.fc12
    URL         : http://www.kernel.org/
    Summary     : The Linux kernel
    Description :
    The kernel package contains the Linux kernel (vmlinuz), the core of any
    Linux operating system.  The kernel handles the basic functions
    of the operating system: memory allocation, process allocation, device
    input and output, etc.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    CVE-2009-4131:  EXT4 - fix insufficient permission checking which could result
    in arbitrary data corruption by a local unprivileged user.
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Wed Dec  9 2009 Kyle McMartin  2.6.31.6-166
    - ext4-fix-insufficient-checks-in-EXT4_IOC_MOVE_EXT.patch: CVE-2009-4131
      fix insufficient permission checking which could result in arbitrary
      data corruption by a local unprivileged user.
    * Tue Dec  8 2009 Steve Dickson  2.6.31.6-165
    - nfsd: Updated to latest pseudo root code fixing rhbz# 538609
    * Mon Dec  7 2009 Ben Skeggs  2.6.31.6-164
    - nouveau: fix NV17 breakage caused by NVA8 fixes
    - nouveau: use ratelimit for GPU error message
    * Fri Dec  4 2009 Ben Skeggs  2.6.31.6-163
    - nouveau: reduce debug level of some warning messages (rh#543883)
    - nouveau: modesetting fixes on nva5/nva8
    - nouveau: suspend/resume fixes on nva5/nva8 (bios opcode 0x8d)
    - nouveau: cleanup chipset/arch handling, fail init on unknown chipsets
    - nouveau: fix failure to detect some outputs when dcb table is odd
    - nouveau: eliminate unnecessary cursor state changes on nv50
    * Thu Dec  3 2009 Kyle McMartin  2.6.31.6-162
    - ipv4-fix-null-ptr-deref-in-ip_fragment.patch: null ptr deref
      bug fix.
    * Thu Dec  3 2009 Dave Airlie  2.6.31.6-161
    - rv410 LVDS on resume test fix from AMD (#541562)
    * Wed Dec  2 2009 John W. Linville  2.6.31.6-160
    - ath9k: add fixes suggested by upstream maintainer
    * Wed Dec  2 2009 Dave Airlie  2.6.31.6-159
    - drm-radeon-misc-fixes.patch: r400 LVDS, r600 digital dpms, cursor fix, tv property
    * Wed Dec  2 2009 Ben Skeggs  2.6.31.6-158
    - nouveau: more complete lvds script selection on >=G80 (rh#522690, rh#529859)
    - nouveau: more complete tmds script selection on >=G80 (rh#537853)
    - nouveau: TV detection fixes
    * Tue Dec  1 2009 Dave Airlie  2.6.31.6-157
    - div/0 fix harder (#540593) - also ignore unposted GPUs with no BIOS
    * Tue Dec  1 2009 Dave Airlie  2.6.31.6-156
    - drm-next: fixes LVDS resume on r4xx, div/0 on no bios (#540593)
      lockup on tv-out only startup.
    * Mon Nov 30 2009 Kyle McMartin 
    - drm-i915-fix-sync-to-vbl-when-vga-is-off.patch: add (rhbz#541670)
    * Sun Nov 29 2009 Kyle McMartin 
    - Drop linux-2.6-sysrq-c.patch, made consistent upstream.
    * Fri Nov 27 2009 Jarod Wilson  2.6.31.6-153
    - add device name to lirc_zilog, fixes issues w/multiple target devices
    - add lirc_imon pure input mode support for onboard decode devices
    * Thu Nov 26 2009 David Woodhouse  2.6.31.6-152
    - Fix intel_tv_mode_set oops (#540218)
    * Thu Nov 26 2009 David Woodhouse  2.6.31.6-151
    - VT-d: Work around yet more HP BIOS brokenness (#536675)
    * Wed Nov 25 2009 Kyle McMartin 
    - dlm: fix connection close handling.
      Fix by lmb, requested by fabio.
    * Wed Nov 25 2009 David Woodhouse  2.6.31.6-149
    - VT-d: Work around more HP BIOS brokenness.
    * Tue Nov 24 2009 Dave Airlie  2.6.31.6-148
    - radeon: flush HDP cache on rendering wait - fixes r600 rendercheck failure
    * Mon Nov 23 2009 Adam Jackson 
    - drm-default-mode.patch: Default to 1024x768 to match UMS. (#538761)
    * Mon Nov 23 2009 Roland McGrath  2.6.31.6-146
    - Fix oops in x86-32 kernel's iret handling for bogus user %cs. (#540580)
    * Sat Nov 21 2009 Kyle McMartin 
    - Fix up ssp' highmem fixes with fixes for arm & ppc.
    * Fri Nov 20 2009 Chris Wright  2.6.31.6-144
    - VT-d: another fallback for another BIOS bug (#524808)
    * Thu Nov 19 2009 Ben Skeggs  2.6.31.6-142
    - Oops, add new patch to spec file
    * Thu Nov 19 2009 Ben Skeggs  2.6.31.6-141
    - Lower debug level of fbcon handover messages (rh#538526)
    * Thu Nov 19 2009 Dave Airlie  2.6.31.6-140
    - drm-next-44c83571.patch: oops pulled the wrong tree into my f12 tree
    * Thu Nov 19 2009 Ben Skeggs  2.6.31.6-139
    - nouveau: s/r fixes on chipsets using bios opcode 0x87
    - nouveau: fixes to bios opcode 0x8e
    - nouveau: hopefully fix nv1x context switching issues (rh#526577)
    - nouveau: support for NVA5 (GeForce G220)
    - nouveau: fixes for NVAA support
    * Thu Nov 19 2009 Dave Airlie  2.6.31.6-138
    - drm-next-d56672a9.patch: fix some rn50 cloning issues
    * Wed Nov 18 2009 David Woodhouse  2.6.31.6-137
    - Actually force the IOMMU not to be used when we detect the HP/Acer bug.
    * Tue Nov 17 2009 Chuck Ebbert  2.6.31.6-136
    - ACPI embedded controller fixes from Fedora 11.
    * Tue Nov 17 2009 Chuck Ebbert  2.6.31.6-135
    - Scheduler fixes and latency tuning patches from F-11.
    * Tue Nov 17 2009 Dave Airlie  2.6.31.6-134
    - glad to see edid retry patch was compiled.
    * Tue Nov 17 2009 Dave Airlie  2.6.31.6-133
    - drm-next-984d1f3c.patch: rebase with upstream fixes - drop all merged
    * Thu Nov 12 2009 Adam Jackson 
    - Actually apply the EDID retry patch
    - drm-edid-header-fixup.patch: Fix up some broken EDID headers (#534120)
    * Thu Nov 12 2009 Chuck Ebbert  2.6.31.6-130
    - Use ApplyOptionalPatch for v4l and firewire updates.
    - Drop unused v4l ABI fix.
    * Thu Nov 12 2009 Chuck Ebbert  2.6.31.6-129
    - Linux 2.6.31.6
    - Drop merged patches:
      linux-2.6-iwlwifi-reduce-noise-when-skb-allocation-fails.patch
      linux-2.6-libertas-crash.patch
      pci-increase-alignment-to-make-more-space.patch
      acpi-revert-attach-device-to-handle-early.patch
      ahci-revert-restore-sb600-sata-controller-64-bit-dma.patch
      acpi-pci-fix-null-pointer-dereference-in-acpi-get-pci-dev.patch
      af_unix-fix-deadlock-connecting-to-shutdown-socket.patch
      keys-get_instantiation_keyring-should-inc-the-keyring-refcount.patch
      netlink-fix-typo-in-initialization.patch
      fs-pipe-null-ptr-deref-fix.patch
    * Wed Nov 11 2009 Justin M. Forbes  2.6.31.5-128
    - Fix KSM for i686 users. (#532215)
    - Add KSM fixes from 2.6.32
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #544471 - CVE-2009-4131 EMBARGOED kernel: ext4: Fix insufficient checks in EXT4_IOC_MOVE_EXT
            https://bugzilla.redhat.com/show_bug.cgi?id=544471
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use 
    su -c 'yum update kernel' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    http://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    
    _______________________________________________
    Fedora-package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    	
    http://www.redhat.com/mailman/listinfo/fedora-package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"37","type":"x","order":"1","pct":51.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":13.89,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"25","type":"x","order":"3","pct":34.72,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.