Date:         Mon, 6 Apr 2009 15:47:12 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Important: kernel on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: kernel security and bug fix update
Issue date:	2009-04-01
CVE Names:	CVE-2008-3528 CVE-2008-5700 CVE-2009-0028
                 CVE-2009-0269 CVE-2009-0322 CVE-2009-0675
                 CVE-2009-0676 CVE-2009-0778

Security fixes:

* memory leaks were found on some error paths in the icmp_send()
function in the Linux kernel. This could, potentially, cause the network
connectivity to cease. (CVE-2009-0778, Important)

* Chris Evans reported a deficiency in the clone() system call when 
called with the CLONE_PARENT flag. This flaw permits the caller (the 
parent process) to indicate an arbitrary signal it wants to receive when 
its child process exits. This could lead to a denial of service of the 
parent process. (CVE-2009-0028, Moderate)

* an off-by-one underflow flaw was found in the eCryptfs subsystem. This
could potentially cause a local denial of service when the readlink()
function returned an error. (CVE-2009-0269, Moderate)

* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell
systems. This could allow a local, unprivileged user to cause a denial 
of service by reading zero bytes from the image_type or packet_size 
files in "/sys/devices/platform/dell_rbu/". (CVE-2009-0322, Moderate)

* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter
driver, allowing driver statistics to be reset only when the 
CAP_NET_ADMIN capability was absent (local, unprivileged users could 
reset driver statistics). (CVE-2009-0675, Moderate)

* the sock_getsockopt() function in the Linux kernel did not properly
initialize a data structure that can be directly returned to user-space
when the getsockopt() function is called with SO_BSDCOMPAT optname set.
This flaw could possibly lead to memory disclosure.
(CVE-2009-0676, Moderate)

* the ext2 and ext3 file system code failed to properly handle corrupted
data structures, leading to a possible local denial of service when read
or write operations were performed on a specially-crafted file system.
(CVE-2008-3528, Low)

* a deficiency was found in the libATA implementation. This could,
potentially, lead to a local denial of service. Note: by default, the
"/dev/sg*" devices are accessible only to the root user.
(CVE-2008-5700, Low)

Bug fixes:

* a bug in aic94xx may have caused kernel panics during boot on some
systems with certain SATA disks. (BZ#485909)

* a word endianness problem in the qla2xx driver on PowerPC-based 
machines may have corrupted flash-based devices. (BZ#485908)

* a memory leak in pipe() may have caused a system deadlock. The 
workaround, which involved manually allocating extra file descriptors 
toprocesses calling do_pipe, is no longer necessary. (BZ#481576)

* CPU soft-lockups in the network rate estimator. (BZ#481746)

* bugs in the ixgbe driver caused it to function unreliably on some
systems with 16 or more CPU cores. (BZ#483210)

* the iwl4965 driver may have caused a kernel panic. (BZ#483206)

* a bug caused NFS attributes to not update for some long-lived NFS
mounted file systems. (BZ#483201)

* unmounting a GFS2 file system may have caused a panic. (BZ#485910)

* a bug in ptrace() may have caused a panic when single stepping a 
target. (BZ#487394)

* on some 64-bit systems, notsc was incorrectly set at boot, causing 
slow gettimeofday() calls. (BZ#488239)

* do_machine_check() cleared all Machine Check Exception (MCE) status
registers, preventing the BIOS from using them to determine the cause of
certain panics and errors. (BZ#490433)

* scaling problems caused performance problems for LAPI applications.
(BZ#489457)

* a panic may have occurred on systems using certain Intel WiFi Link 
5000 products when booting with the RF Kill switch on. (BZ#489846)

* the TSC is invariant with C/P/T states, and always runs at constant
frequency from now on. (BZ#489310)

The system must be rebooted for this update to take effect.

SL 5.x

     SRPMS:
kernel-2.6.18-128.1.6.el5.src.rpm
     i386:
kernel-2.6.18-128.1.6.el5.i686.rpm
kernel-debug-2.6.18-128.1.6.el5.i686.rpm
kernel-debug-devel-2.6.18-128.1.6.el5.i686.rpm
kernel-devel-2.6.18-128.1.6.el5.i686.rpm
kernel-doc-2.6.18-128.1.6.el5.noarch.rpm
kernel-headers-2.6.18-128.1.6.el5.i386.rpm
kernel-PAE-2.6.18-128.1.6.el5.i686.rpm
kernel-PAE-devel-2.6.18-128.1.6.el5.i686.rpm
kernel-xen-2.6.18-128.1.6.el5.i686.rpm
kernel-xen-devel-2.6.18-128.1.6.el5.i686.rpm
   Dependancies:
kernel-module-aufs-2.6.18-128.1.6.el5-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-128.1.6.el5PAE-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-aufs-2.6.18-128.1.6.el5xen-0.20090202.cvs-6.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.6.el5-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.6.el5PAE-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-128.1.6.el5xen-2.6.3-1.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.6.el5-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.6.el5PAE-1.2.0-2.sl5.i686.rpm
kernel-module-ipw3945-2.6.18-128.1.6.el5xen-1.2.0-2.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.6.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.6.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-2.6.18-128.1.6.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.6.el5-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.6.el5PAE-0.9.4-15.sl5.i686.rpm
kernel-module-madwifi-hal-2.6.18-128.1.6.el5xen-0.9.4-15.sl5.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.6.el5-1.53-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.6.el5PAE-1.53-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-128.1.6.el5xen-1.53-1.SL.i686.rpm
kernel-module-openafs-2.6.18-128.1.6.el5-1.4.7-68.1.SL5.i686.rpm
kernel-module-openafs-2.6.18-128.1.6.el5PAE-1.4.7-68.1.SL5.i686.rpm
kernel-module-openafs-2.6.18-128.1.6.el5xen-1.4.7-68.1.SL5.i686.rpm
kernel-module-openafs-2.6.18-128.el5-1.4.7-68.1.SL5.i686.rpm
kernel-module-xfs-2.6.18-128.1.6.el5-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-128.1.6.el5PAE-0.4-2.sl5.i686.rpm
kernel-module-xfs-2.6.18-128.1.6.el5xen-0.4-2.sl5.i686.rpm
   Dependancies SL50, 51, 52:
hwdata-0.213.11-1.el5.noarch.rpm

     x86_64:
kernel-2.6.18-128.1.6.el5.x86_64.rpm
kernel-debug-2.6.18-128.1.6.el5.x86_64.rpm
kernel-debug-devel-2.6.18-128.1.6.el5.x86_64.rpm
kernel-devel-2.6.18-128.1.6.el5.x86_64.rpm
kernel-doc-2.6.18-128.1.6.el5.noarch.rpm
kernel-headers-2.6.18-128.1.6.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.6.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.6.el5.x86_64.rpm
   Dependancies:
kernel-module-aufs-2.6.18-128.1.6.el5-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-aufs-2.6.18-128.1.6.el5xen-0.20090202.cvs-6.sl5.x86_64.rpm
kernel-module-fuse-2.6.18-128.1.6.el5-2.6.3-1.sl5.x86_64.rpm
kernel-module-fuse-2.6.18-128.1.6.el5xen-2.6.3-1.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-128.1.6.el5-1.2.0-2.sl5.x86_64.rpm
kernel-module-ipw3945-2.6.18-128.1.6.el5xen-1.2.0-2.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-128.1.6.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-2.6.18-128.1.6.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-128.1.6.el5-0.9.4-15.sl5.x86_64.rpm
kernel-module-madwifi-hal-2.6.18-128.1.6.el5xen-0.9.4-15.sl5.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-128.1.6.el5-1.53-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-128.1.6.el5xen-1.53-1.SL.x86_64.rpm
kernel-module-openafs-2.6.18-128.1.6.el5-1.4.7-68.1.SL5.x86_64.rpm
kernel-module-openafs-2.6.18-128.1.6.el5xen-1.4.7-68.1.SL5.x86_64.rpm
kernel-module-xfs-2.6.18-128.1.6.el5-0.4-2.sl5.x86_64.rpm
kernel-module-xfs-2.6.18-128.1.6.el5xen-0.4-2.sl5.x86_64.rpm
   Dependancies SL50, 51, 52:
hwdata-0.213.11-1.el5.noarch.rpm

-Connie Sieh
-Troy Dawson