RedHat: Important: kernel security update RHSA-2006:0493-01
Summary
Summary
The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the IPv6 implementation that allowed a local user to cause a denial of service (infinite loop and crash) (CVE-2005-2973, important) * a flaw in the bridge implementation that allowed a remote user to cause forwarding of spoofed packets via poisoning of the forwarding table with already dropped frames (CVE-2005-3272, moderate) * a flaw in the atm module that allowed a local user to cause a denial of service (panic) via certain socket calls (CVE-2005-3359, important) * a flaw in the NFS client implementation that allowed a local user to cause a denial of service (panic) via O_DIRECT writes (CVE-2006-0555, important) * a difference in "sysretq" operation of EM64T (as opposed to Opteron) processors that allowed a local user to cause a denial of service (crash) upon return from certain system calls (CVE-2006-0741 and CVE-2006-0744, important) * a flaw in the keyring implementation that allowed a local user to cause a denial of service (OOPS) (CVE-2006-1522, important) * a flaw in IP routing implementation that allowed a local user to cause a denial of service (panic) via a request for a route for a multicast IP (CVE-2006-1525, important) * a flaw in the SCTP-netfilter implementation that allowed a remote user to cause a denial of service (infinite loop) (CVE-2006-1527, important) * a flaw in the sg driver that allowed a local user to cause a denial of service (crash) via a dio transfer to memory mapped (mmap) IO space (CVE-2006-1528, important) * a flaw in the threading implementation that allowed a local user to cause a denial of service (panic) (CVE-2006-1855, important) * two missing LSM hooks that allowed a local user to bypass the LSM by using readv() or writev() (CVE-2006-1856, moderate) * a flaw in the virtual memory implementation that allowed local user to cause a denial of service (panic) by using the lsof command (CVE-2006-1862, important) * a directory traversal vulnerability in smbfs that allowed a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences (CVE-2006-1864, moderate) * a flaw in the ECNE chunk handling of SCTP that allowed a remote user to cause a denial of service (panic) (CVE-2006-2271, moderate) * a flaw in the handling of COOKIE_ECHO and HEARTBEAT control chunks of SCTP that allowed a remote user to cause a denial of service (panic) (CVE-2006-2272, moderate) * a flaw in the handling of DATA fragments of SCTP that allowed a remote user to cause a denial of service (infinite recursion and crash) (CVE-2006-2274, moderate) All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
168791 - CVE-2006-1528 Possible local crash by dio/mmap sg driver
170772 - CVE-2005-2973 ipv6 infinite loop
171383 - CVE-2005-3272 bridge poisoning
175769 - CVE-2005-3359 incorrect inrement/decrement in atm module leads to panic
181795 - CVE-2006-0555 NFS client panic using O_DIRECT
183489 - CVE-2006-0741 bad elf entry address (CVE-2006-0744)
187841 - CVE-2006-1855 Old thread debugging causes false BUG() in choose_new_parent
188466 - CVE-2006-1522 DoS/bug in keyring code (security/keys/)
189260 - CVE-2006-1862 The lsof command triggers a kernel oops under heavy load
189346 - CVE-2006-1525 ip_route_input() panic
189435 - CVE-2006-1864 smbfs chroot issue
190460 - CVE-2006-1527 netfilter/sctp: lockup in sctp_new()
191201 - CVE-2006-2271 SCTP ECNE chunk handling DoS
191202 - CVE-2006-2272 SCTP incoming COOKIE_ECHO and HEARTBEAT packets DoS
191258 - CVE-2006-2274 SCTP DATA fragments DoS
191524 - CVE-2006-1856 LSM missing readv/writev
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
d43492e556689a0607d7bafd927024b7 kernel-2.6.9-34.0.1.EL.src.rpm
i386:
34813080d97fdd6f647fd7d4f809c7fc kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674 kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3 kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406 kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899 kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm
ia64:
bb16d7851570a9973acc285b1c10d4c5 kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07 kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69 kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3 kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm
noarch:
4969d66062c65e2f969a5b23f3d038fb kernel-doc-2.6.9-34.0.1.EL.noarch.rpm
ppc:
50f16a3bc3db576300e8ed39b7e58696 kernel-2.6.9-34.0.1.EL.ppc64.rpm
40f0c5f7d16d02e70f7058572c59829d kernel-2.6.9-34.0.1.EL.ppc64iseries.rpm
9c189ac2cd58ae5db8c6bc98858cf411 kernel-debuginfo-2.6.9-34.0.1.EL.ppc64.rpm
ed5ae1b541ca2147b6acfda916fb0524 kernel-debuginfo-2.6.9-34.0.1.EL.ppc64iseries.rpm
80b022ce31c0fd4fe94742f36e528d75 kernel-devel-2.6.9-34.0.1.EL.ppc64.rpm
65479dc320135ebefacb42c27ded8277 kernel-devel-2.6.9-34.0.1.EL.ppc64iseries.rpm
1e22096056638a03e4c473a0d0158268 kernel-largesmp-2.6.9-34.0.1.EL.ppc64.rpm
224188bba442a6b6109689afb7bba903 kernel-largesmp-devel-2.6.9-34.0.1.EL.ppc64.rpm
s390:
8ddc9750a621e3ea4142d1adfd06a5c5 kernel-2.6.9-34.0.1.EL.s390.rpm
390b94a99981c86375e2b5d7bc2d6084 kernel-debuginfo-2.6.9-34.0.1.EL.s390.rpm
ba2a9b707ce91af1e7ae817b726ed6c5 kernel-devel-2.6.9-34.0.1.EL.s390.rpm
s390x:
4bf39050d27a794cc1df5b3eb916484a kernel-2.6.9-34.0.1.EL.s390x.rpm
ee55f330c834a2fd38f31759caec18e0 kernel-debuginfo-2.6.9-34.0.1.EL.s390x.rpm
e959fb20625849eccbd399958265fe84 kernel-devel-2.6.9-34.0.1.EL.s390x.rpm
x86_64:
055f1e2e0ec115d813792811018da5e6 kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166 kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710 kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802 kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356 kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472 kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
d43492e556689a0607d7bafd927024b7 kernel-2.6.9-34.0.1.EL.src.rpm
i386:
34813080d97fdd6f647fd7d4f809c7fc kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674 kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3 kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406 kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899 kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm
noarch:
4969d66062c65e2f969a5b23f3d038fb kernel-doc-2.6.9-34.0.1.EL.noarch.rpm
x86_64:
055f1e2e0ec115d813792811018da5e6 kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166 kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710 kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802 kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356 kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472 kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
d43492e556689a0607d7bafd927024b7 kernel-2.6.9-34.0.1.EL.src.rpm
i386:
34813080d97fdd6f647fd7d4f809c7fc kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674 kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3 kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406 kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899 kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm
ia64:
bb16d7851570a9973acc285b1c10d4c5 kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07 kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69 kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3 kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm
noarch:
4969d66062c65e2f969a5b23f3d038fb kernel-doc-2.6.9-34.0.1.EL.noarch.rpm
x86_64:
055f1e2e0ec115d813792811018da5e6 kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166 kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710 kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802 kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356 kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472 kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
d43492e556689a0607d7bafd927024b7 kernel-2.6.9-34.0.1.EL.src.rpm
i386:
34813080d97fdd6f647fd7d4f809c7fc kernel-2.6.9-34.0.1.EL.i686.rpm
c7518db018da32cf470378154154687d kernel-debuginfo-2.6.9-34.0.1.EL.i686.rpm
e78b9ccc0c954cff7cb40e6f02b24674 kernel-devel-2.6.9-34.0.1.EL.i686.rpm
3c00e3363ab92e43224a3017fb7bb4a3 kernel-hugemem-2.6.9-34.0.1.EL.i686.rpm
861c261dc99531fecc8b90a579e3d406 kernel-hugemem-devel-2.6.9-34.0.1.EL.i686.rpm
ac1a65bd4766603619c7871c8454312d kernel-smp-2.6.9-34.0.1.EL.i686.rpm
20bb2e56287af558784e341a22ecc899 kernel-smp-devel-2.6.9-34.0.1.EL.i686.rpm
ia64:
bb16d7851570a9973acc285b1c10d4c5 kernel-2.6.9-34.0.1.EL.ia64.rpm
b09b0d137ec1fe6f4362c3a278b4181e kernel-debuginfo-2.6.9-34.0.1.EL.ia64.rpm
20207fbb33c783bad9de5c2d8d8b9a07 kernel-devel-2.6.9-34.0.1.EL.ia64.rpm
3a4a43172ab8119ffcec9a28abce6a69 kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm
58810e499bf182b64a4a11b2391e04b3 kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm
noarch:
4969d66062c65e2f969a5b23f3d038fb kernel-doc-2.6.9-34.0.1.EL.noarch.rpm
x86_64:
055f1e2e0ec115d813792811018da5e6 kernel-2.6.9-34.0.1.EL.x86_64.rpm
2fe393eb2dea769a7c673658b85d3166 kernel-debuginfo-2.6.9-34.0.1.EL.x86_64.rpm
ab2acc3e78f549776c01be84b8aae710 kernel-devel-2.6.9-34.0.1.EL.x86_64.rpm
4c09ae42fe85e7fa0699cde07b163802 kernel-largesmp-2.6.9-34.0.1.EL.x86_64.rpm
3bb0bc6a400c3bd7faebe3070402f356 kernel-largesmp-devel-2.6.9-34.0.1.EL.x86_64.rpm
f11147d14d9f88a9760aa67af12d7d6c kernel-smp-2.6.9-34.0.1.EL.x86_64.rpm
c411c259c433dd3fe50222a5a3ebc472 kernel-smp-devel-2.6.9-34.0.1.EL.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2973 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3272 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3359 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1525 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1527 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1528 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1856 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2271 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2272 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2274 http://www.redhat.com/security/updates/classification/#important
Package List
Topic
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64
Bugs Fixed