Explore top 10 tips to secure your open-source projects now. Read More
×
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* a race condition was found in the mac80211 implementation, a framework
used for writing drivers for wireless devices. An attacker could trigger
this flaw by sending a Delete Block ACK (DELBA) packet to a target system,
resulting in a remote denial of service. Note: This issue only affected
users on 802.11n networks, and that also use the iwlagn driver with Intel
wireless hardware. (CVE-2009-4027, Important)
* a flaw was found in the gfs2_lock() implementation. The GFS2 locking code
could skip the lock operation for files that have the S_ISGID bit
(set-group-ID on execution) in their mode set. A local, unprivileged user
on a system that has a GFS2 file system mounted could use this flaw to
cause a kernel panic. (CVE-2010-0727, Moderate)
* a divide-by-zero flaw was found in the ext4 file system code. A local
attacker could use this flaw to cause a denial of service by mounting a
specially-crafted ext4 file system. (CVE-2009-4307, Low)
These updated packages also include several hundred bug fixes for and
enhancements to the Linux kernel. Space precludes documenting each of these
changes in this advisory and users are directed to the Red Hat Enterprise
Linux 5.5 Release Notes for information on the most significant of these
changes:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html/5.5_release_notes/index
Also, for details concerning every bug fixed in and every enhancement added
to the kernel for this release, refer to the kernel chapter in the Red Hat
Enterprise Linux 5.5 Technical Notes:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html-single/5.5_technical_notes/index
All Red Hat Enterprise Linux 5 users are advised to install these updated
packages, which address these vulnerabilities as well as fixing the bugs
and adding the enhancements noted in the Red Hat Enterprise Linux 5.5
Release Notes and Technical Notes. The system must be rebooted for this
update to take effect.
https://access.redhat.com/security/cve/CVE-2009-4027 https://access.redhat.com/security/cve/CVE-2009-4307 https://access.redhat.com/security/cve/CVE-2010-0727 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html/5.5_release_notes/index https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/5/html-single/5.5_technical_notes/index
Red Hat Enterprise Linux Desktop (v. 5 client):
Source:
i386:
kernel-2.6.18-194.el5.i686.rpm
kernel-PAE-2.6.18-194.el5.i686.rpm
kernel-PAE-debuginfo-2.6.18-194.el5.i686.rpm
kernel-PAE-devel-2.6.18-194.el5.i686.rpm
kernel-debug-2.6.18-194.el5.i686.rpm
kernel-debug-debuginfo-2.6.18-194.el5.i686.rpm
kernel-debug-devel-2.6.18-194.el5.i686.rpm
kernel-debuginfo-2.6.18-194.el5.i686.rpm
kernel-debuginfo-common-2.6.18-194.el5.i686.rpm
kernel-devel-2.6.18-194.el5.i686.rpm
kernel-headers-2.6.18-194.el5.i386.rpm
kernel-xen-2.6.18-194.el5.i686.rpm
kernel-xen-debuginfo-2.6.18-194.el5.i686.rpm
kernel-xen-devel-2.6.18-194.el5.i686.rpm
noarch:
kernel-doc-2.6.18-194.el5.noarch.rpm
x86_64:
kernel-2.6.18-194.el5.x86_64.rpm
kernel-debug-2.6.18-194.el5.x86_64.rpm
kernel-debug-debuginfo-2.6.18-194.el5.x86_64.rpm
kernel-debug-devel-2.6.18-194.el5.x86_64.rpm
kernel-debuginfo-2.6.18-194.el5.x86_64.rpm
kernel-debuginfo-common-2.6.18-194.el5.x86_64.rpm
kernel-devel-2.6.18-194.el5.x86_64.rpm
kernel-headers-2.6.18-194.el5.x86_64.rpm
kernel-xen-2.6.18-194.el5.x86_64.rpm
kernel-xen-debuginfo-2.6.18-194.el5.x86_64.rpm
kernel-xen-devel-2.6.18-194.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source:
i386:
kernel-2.6.18-194.el5.i686.rpm
kernel-PAE-2.6.18-194.el5.i686.rpm
Read the Full Advisory
Updated kernel packages that fix three security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enterprise Linux version 5.This is the fifth regular update.The Red Hat Security Response Team has rated this update as havingimportant security impact. Common Vulnerability Scoring System (CVSS) basescores, which give detailed severity ratings, are available for eachvulnerability from the CVE links in the References section.
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
250561 - w83627ehf sensor not supported by 2.6.18-8.1.8.el5 kernel
322881 - /proc/self/smaps unreadable after setuid
427709 - dump and large file ops are slow, please implement kernel workaround
446061 - IT87 hwmon module does not support later chipset revisions.
448130 - 50-75 % drop in cfq read performance compared to rhel 4.6+
450121 - RFE: Symbol pci_domain_nr needs to be added the whitelist for ppc64
452129 - memory mapped files not updating timestamps
456181 - Read speed of /sbin/dump command is critically slow with CFQ I/O scheduler
461100 - [PATCH]RHEL5:fix dio write returning EIO due to bh race
461442 - VLAN driver logs excessive messages in kernel message log (dmesg)
461506 - kernel BUG at mm/mempool.c:121! caused by lvcreate
466681 - pygrub uses cached and eventually outdated grub.conf, kernel and initrd
469976 - The EDAC driver not support The Intel 3200 and 3210 Chipsets
473404 - [5.3] Kdump Kernel Hangs on Dell AMD Machines
475457 - [FUJITSU 5.5] More tracepoints support - networking
476075 - use KVM pvclock code to detect/correct lost ticks
481658 - Backport partition table sanity checks to RHEL5
482756 - GFS2: After gfs2_grow, new size is not seen immediately
483646 - bridge: Fix LRO crash with tun (tun_chr_read())
485016 - HP6510b close lid cause system crash
485099 - Inconsistent behaviour in stripping SUID/SGID flags when chmod/chgrp directories
486092 - httpd Sendfile troubles reading from a CIFS share
Get the latest Linux and open source security news straight to your inbox.