RedHat: Important: kernel security and bug fix update

    Date14 Mar 2007
    CategoryRed Hat
    1624
    Posted ByLinuxSecurity Advisories
    Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.
    - ---------------------------------------------------------------------
                       Red Hat Security Advisory
    
    Synopsis:          Important: kernel security and bug fix update
    Advisory ID:       RHSA-2007:0099-02
    Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0099.html
    Issue date:        2007-03-14
    Updated on:        2007-03-14
    Product:           Red Hat Enterprise Linux
    CVE Names:         CVE-2007-0005 CVE-2007-0006 CVE-2007-0958 
    - ---------------------------------------------------------------------
    
    1. Summary:
    
    Updated kernel packages that fix security issues and bugs in the Red Hat
    Enterprise Linux 5 kernel are now available.
    
    This update has been rated as having important security impact by the Red
    Hat Security Response Team.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
    RHEL Desktop Workstation (v. 5 client) - i386, x86_64
    Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
    
    3. Problem description:
    
    The Linux kernel handles the basic functions of the operating system.
    
    These new kernel packages contain fixes for the following security issues:
    
    * a flaw in the key serial number collision avoidance algorithm of the
    keyctl subsystem that allowed a local user to cause a denial of service
    (CVE-2007-0006, Important)
    
    * a flaw in the Omnikey CardMan 4040 driver that allowed a local user to
    execute arbitrary code with kernel privileges. In order to exploit this
    issue, the Omnikey CardMan 4040 PCMCIA card must be present and the local
    user must have access rights to the character device created by the driver.
    (CVE-2007-0005, Moderate)
    
    * a flaw in the core-dump handling that allowed a local user to create core
    dumps from unreadable binaries via PT_INTERP. (CVE-2007-0958, Low)
    
    In addition to the security issues described above, a fix for a kernel
    panic in the powernow-k8 module, and a fix for a kernel panic when booting
    the Xen domain-0 on system with large memory installations have been included.
    
    Red Hat would like to thank Daniel Roethlisberger for reporting an issue
    fixed in this erratum.
    
    Red Hat Enterprise Linux 5 users are advised to upgrade their kernels to
    the packages associated with their machine architecture and configurations
    as listed in this erratum.
    
    4. Solution:
    
    Before applying this update, make sure that all previously-released
    errata relevant to your system have been applied.  
    
    This update is available via Red Hat Network.  Details on how to use 
    the Red Hat Network to apply this update are available at
    http://kbase.redhat.com/faq/FAQ_58_10188
    
    5. Bug IDs fixed (http://bugzilla.redhat.com/):
    
    229883 - CVE-2007-0006 Key serial number collision problem
    229884 - CVE-2007-0005 Buffer Overflow in Omnikey CardMan 4040 cmx driver
    229885 - CVE-2007-0958 core-dumping unreadable binaries via PT_INTERP
    
    6. RPMs required:
    
    Red Hat Enterprise Linux Desktop (v. 5 client):
    
    SRPMS:
    ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm
    2744fcbcfaf6da06a0f26c920d040b51  kernel-2.6.18-8.1.1.el5.src.rpm
    
    i386:
    f97e00e18601fd588bb5e920f5685f71  kernel-2.6.18-8.1.1.el5.i686.rpm
    b364467d99e079cb91759eb38dd7a1db  kernel-PAE-2.6.18-8.1.1.el5.i686.rpm
    b45712015924d73159a895f10bad5e8b  kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    88ac0d2612d402800276d9da72db5b1e  kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    7fb8a3a50492064fbfba3ee05bcf1759  kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm
    9b085bd3fc2faee25b4bee012cc7871a  kernel-headers-2.6.18-8.1.1.el5.i386.rpm
    d6340ff404a26f3e475f183cefbaad71  kernel-xen-2.6.18-8.1.1.el5.i686.rpm
    e398acde099b0a0e3f5e65c4c9f07f90  kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    
    noarch:
    8544c5c2ba06c1807756ea3f458bdbb7  kernel-doc-2.6.18-8.1.1.el5.noarch.rpm
    
    x86_64:
    ff57af3ca7970d24428155c5cd0c42ef  kernel-2.6.18-8.1.1.el5.x86_64.rpm
    41cbaa96be6d2e8edf5556f7aa827b49  kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    af0186afbfddf6cacb41648d26687242  kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm
    57a6db9809542db62551864b92a944f7  kernel-headers-2.6.18-8.1.1.el5.x86_64.rpm
    c456f6bc5801e67a88c59be81019116f  kernel-xen-2.6.18-8.1.1.el5.x86_64.rpm
    022bd557cfcede11e7547c05d944b32d  kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    
    RHEL Desktop Workstation (v. 5 client):
    
    SRPMS:
    ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm
    2744fcbcfaf6da06a0f26c920d040b51  kernel-2.6.18-8.1.1.el5.src.rpm
    
    i386:
    b45712015924d73159a895f10bad5e8b  kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    dd24498506dafa2baaac2dbc73caf1df  kernel-PAE-devel-2.6.18-8.1.1.el5.i686.rpm
    88ac0d2612d402800276d9da72db5b1e  kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    7fb8a3a50492064fbfba3ee05bcf1759  kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm
    ada80c33f4246c176453cd7959131ff9  kernel-devel-2.6.18-8.1.1.el5.i686.rpm
    e398acde099b0a0e3f5e65c4c9f07f90  kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    5178447f1a732ea42c18025b2e9b0d41  kernel-xen-devel-2.6.18-8.1.1.el5.i686.rpm
    
    x86_64:
    41cbaa96be6d2e8edf5556f7aa827b49  kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    af0186afbfddf6cacb41648d26687242  kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm
    e9db5d366e74227fc07122d97fec7b95  kernel-devel-2.6.18-8.1.1.el5.x86_64.rpm
    022bd557cfcede11e7547c05d944b32d  kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    a5ea0c18641105e334229134225a78de  kernel-xen-devel-2.6.18-8.1.1.el5.x86_64.rpm
    
    Red Hat Enterprise Linux (v. 5 server):
    
    SRPMS:
    ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-8.1.1.el5.src.rpm
    2744fcbcfaf6da06a0f26c920d040b51  kernel-2.6.18-8.1.1.el5.src.rpm
    
    i386:
    f97e00e18601fd588bb5e920f5685f71  kernel-2.6.18-8.1.1.el5.i686.rpm
    b364467d99e079cb91759eb38dd7a1db  kernel-PAE-2.6.18-8.1.1.el5.i686.rpm
    b45712015924d73159a895f10bad5e8b  kernel-PAE-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    dd24498506dafa2baaac2dbc73caf1df  kernel-PAE-devel-2.6.18-8.1.1.el5.i686.rpm
    88ac0d2612d402800276d9da72db5b1e  kernel-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    7fb8a3a50492064fbfba3ee05bcf1759  kernel-debuginfo-common-2.6.18-8.1.1.el5.i686.rpm
    ada80c33f4246c176453cd7959131ff9  kernel-devel-2.6.18-8.1.1.el5.i686.rpm
    9b085bd3fc2faee25b4bee012cc7871a  kernel-headers-2.6.18-8.1.1.el5.i386.rpm
    d6340ff404a26f3e475f183cefbaad71  kernel-xen-2.6.18-8.1.1.el5.i686.rpm
    e398acde099b0a0e3f5e65c4c9f07f90  kernel-xen-debuginfo-2.6.18-8.1.1.el5.i686.rpm
    5178447f1a732ea42c18025b2e9b0d41  kernel-xen-devel-2.6.18-8.1.1.el5.i686.rpm
    
    ia64:
    2905b52ebddeba1c913612fba91fee3e  kernel-2.6.18-8.1.1.el5.ia64.rpm
    33ea96f6b26b1784d9795cedc6d6335a  kernel-debuginfo-2.6.18-8.1.1.el5.ia64.rpm
    8cb4bacb8954ad5f1bcc0a5356475fa2  kernel-debuginfo-common-2.6.18-8.1.1.el5.ia64.rpm
    c9c53f487bbe1600b2ba0fc0ce3e94ca  kernel-devel-2.6.18-8.1.1.el5.ia64.rpm
    d1f64119e9583e1880f7512106b3664b  kernel-headers-2.6.18-8.1.1.el5.ia64.rpm
    e890b7d7b3181afc5bfad05d746e840b  kernel-xen-2.6.18-8.1.1.el5.ia64.rpm
    be8a6439137ad9e09dac6f61d3d4bb45  kernel-xen-debuginfo-2.6.18-8.1.1.el5.ia64.rpm
    403efa13018904be8730c28fa8028409  kernel-xen-devel-2.6.18-8.1.1.el5.ia64.rpm
    
    noarch:
    8544c5c2ba06c1807756ea3f458bdbb7  kernel-doc-2.6.18-8.1.1.el5.noarch.rpm
    
    ppc:
    4285e4fad7664624ab5971bebea97232  kernel-2.6.18-8.1.1.el5.ppc64.rpm
    690a4c1c19744caff06cbcdab223b07d  kernel-debuginfo-2.6.18-8.1.1.el5.ppc64.rpm
    57c57d363cb309a212b96dc5172d70a2  kernel-debuginfo-common-2.6.18-8.1.1.el5.ppc64.rpm
    ba5d5adbc2026218f3a5cd5f8eeba504  kernel-devel-2.6.18-8.1.1.el5.ppc64.rpm
    2245c81f05272e33663a1730c6aeabdb  kernel-headers-2.6.18-8.1.1.el5.ppc.rpm
    c6ab8bde7c3587a776763075b5fcc697  kernel-headers-2.6.18-8.1.1.el5.ppc64.rpm
    d0c2637b7452cbb5d96173ec5b706a3e  kernel-kdump-2.6.18-8.1.1.el5.ppc64.rpm
    b3ab64773b3ab428cb82a7f07152e522  kernel-kdump-debuginfo-2.6.18-8.1.1.el5.ppc64.rpm
    64fe4b732f36c36d8132f257ee13510d  kernel-kdump-devel-2.6.18-8.1.1.el5.ppc64.rpm
    
    s390x:
    fcc9f91e038e5eb07d5aa1945e5a13c0  kernel-2.6.18-8.1.1.el5.s390x.rpm
    cf0e1211688ce1cab455a17824bf3996  kernel-debuginfo-2.6.18-8.1.1.el5.s390x.rpm
    f709be36f5639feeb905061ee4af627f  kernel-debuginfo-common-2.6.18-8.1.1.el5.s390x.rpm
    3495075c9d16f20ffc93f4cb1f0d3492  kernel-devel-2.6.18-8.1.1.el5.s390x.rpm
    553a860b06c29d549eb2da4ff345542a  kernel-headers-2.6.18-8.1.1.el5.s390x.rpm
    
    x86_64:
    ff57af3ca7970d24428155c5cd0c42ef  kernel-2.6.18-8.1.1.el5.x86_64.rpm
    41cbaa96be6d2e8edf5556f7aa827b49  kernel-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    af0186afbfddf6cacb41648d26687242  kernel-debuginfo-common-2.6.18-8.1.1.el5.x86_64.rpm
    e9db5d366e74227fc07122d97fec7b95  kernel-devel-2.6.18-8.1.1.el5.x86_64.rpm
    57a6db9809542db62551864b92a944f7  kernel-headers-2.6.18-8.1.1.el5.x86_64.rpm
    c456f6bc5801e67a88c59be81019116f  kernel-xen-2.6.18-8.1.1.el5.x86_64.rpm
    022bd557cfcede11e7547c05d944b32d  kernel-xen-debuginfo-2.6.18-8.1.1.el5.x86_64.rpm
    a5ea0c18641105e334229134225a78de  kernel-xen-devel-2.6.18-8.1.1.el5.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and 
    details on how to verify the signature are available from
    https://www.redhat.com/security/team/key/#package
    
    7. References:
    
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0005
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0958
    http://www.redhat.com/security/updates/classification/#important
    
    8. Contact:
    
    The Red Hat security contact is .  More contact
    details at https://www.redhat.com/security/team/contact/
    
    Copyright 2007 Red Hat, Inc.
    
    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"56","title":"No","votes":"0","type":"x","order":"2","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.