Date:         Wed, 4 Nov 2009 15:30:56 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Important: kernel on SL4.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: kernel security update
Issue date:	2009-11-03
CVE Names:	CVE-2009-3547

CVE-2009-3547 kernel: fs: pipe.c null pointer dereference

This update fixes the following security issues:

* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and
pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer 
could be released by other processes before it is used to update the 
pipe's reader and writer counters. This could lead to a local denial of 
service or privilege escalation. (CVE-2009-3547, Important)

The system must be rebooted for this update to take effect.

SL 4.x

     SRPMS:
kernel-2.6.9-89.0.16.EL.src.rpm
     i386:
kernel-2.6.9-89.0.16.EL.i686.rpm
kernel-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-2.6.9-89.0.16.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-2.6.9-89.0.16.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm
   Dependencies:
kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.16.ELhugemem-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELhugemem-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.i686.rpm
kernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELhugemem-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.i686.rpm
kernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.16.ELhugemem-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.i686.rpm
kernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.16.ELhugemem-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.i686.rpm
kernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELhugemem-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.i686.rpm

     x86_64:
kernel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.16.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm
   Dependencies:
kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.16.ELlargesmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.x86_64.rpm
kernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELlargesmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.16.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.16.ELlargesmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELlargesmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2009-3547 Important: kernel SL4.x i386/x86_64

Important: kernel security update

Summary

Date:         Wed, 4 Nov 2009 15:30:56 -0600Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA Important: kernel on SL4.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Important: kernel security updateIssue date:	2009-11-03CVE Names:	CVE-2009-3547CVE-2009-3547 kernel: fs: pipe.c null pointer dereferenceThis update fixes the following security issues:* a NULL pointer dereference flaw was found in each of the followingfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), andpipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)The system must be rebooted for this update to take effect.SL 4.x     SRPMS:kernel-2.6.9-89.0.16.EL.src.rpm     i386:kernel-2.6.9-89.0.16.EL.i686.rpmkernel-devel-2.6.9-89.0.16.EL.i686.rpmkernel-doc-2.6.9-89.0.16.EL.noarch.rpmkernel-hugemem-2.6.9-89.0.16.EL.i686.rpmkernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpmkernel-smp-2.6.9-89.0.16.EL.i686.rpmkernel-smp-devel-2.6.9-89.0.16.EL.i686.rpmkernel-xenU-2.6.9-89.0.16.EL.i686.rpmkernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm   Dependencies:kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.i686.rpmkernel-module-fuse-2.6.9-89.0.16.ELhugemem-2.7.3-1.SL.i686.rpmkernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.i686.rpmkernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.i686.rpmkernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.i686.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELhugemem-1.1.0-1.SL4.i686.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.i686.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.i686.rpmkernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpmkernel-module-madwifi-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpmkernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.i686.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.ELhugemem-0.9.4-10.sl4.i686.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.i686.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.i686.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELhugemem-1.41-1.SL.i686.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.i686.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.i686.rpmkernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.i686.rpmkernel-module-openafs-2.6.9-89.0.16.ELhugemem-1.4.7-68.2.SL4.i686.rpmkernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.i686.rpmkernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.i686.rpmkernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.i686.rpmkernel-module-r1000-2.6.9-89.0.16.ELhugemem-2.2-2.SL4x.i686.rpmkernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.i686.rpmkernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.i686.rpmkernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.i686.rpmkernel-module-squashfs-2.6.9-89.0.16.ELhugemem-3.1.2-3.i686.rpmkernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.i686.rpmkernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.i686.rpmkernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.i686.rpmkernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.i686.rpm     x86_64:kernel-2.6.9-89.0.16.EL.x86_64.rpmkernel-devel-2.6.9-89.0.16.EL.x86_64.rpmkernel-doc-2.6.9-89.0.16.EL.noarch.rpmkernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpmkernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpmkernel-smp-2.6.9-89.0.16.EL.x86_64.rpmkernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpmkernel-xenU-2.6.9-89.0.16.EL.x86_64.rpmkernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm   Dependencies:kernel-module-fuse-2.6.9-89.0.16.EL-2.7.3-1.SL.x86_64.rpmkernel-module-fuse-2.6.9-89.0.16.ELlargesmp-2.7.3-1.SL.x86_64.rpmkernel-module-fuse-2.6.9-89.0.16.ELsmp-2.7.3-1.SL.x86_64.rpmkernel-module-fuse-2.6.9-89.0.16.ELxenU-2.7.3-1.SL.x86_64.rpmkernel-module-ipw3945-2.6.9-89.0.16.EL-1.1.0-1.SL4.x86_64.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELlargesmp-1.1.0-1.SL4.x86_64.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELsmp-1.1.0-1.SL4.x86_64.rpmkernel-module-ipw3945-2.6.9-89.0.16.ELxenU-1.1.0-1.SL4.x86_64.rpmkernel-module-madwifi-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpmkernel-module-madwifi-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpmkernel-module-madwifi-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.EL-0.9.4-10.sl4.x86_64.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.ELlargesmp-0.9.4-10.sl4.x86_64.rpmkernel-module-madwifi-hal-2.6.9-89.0.16.ELsmp-0.9.4-10.sl4.x86_64.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.EL-1.41-1.SL.x86_64.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELlargesmp-1.41-1.SL.x86_64.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELsmp-1.41-1.SL.x86_64.rpmkernel-module-ndiswrapper-2.6.9-89.0.16.ELxenU-1.41-1.SL.x86_64.rpmkernel-module-openafs-2.6.9-89.0.16.EL-1.4.7-68.2.SL4.x86_64.rpmkernel-module-openafs-2.6.9-89.0.16.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpmkernel-module-openafs-2.6.9-89.0.16.ELsmp-1.4.7-68.2.SL4.x86_64.rpmkernel-module-openafs-2.6.9-89.0.16.ELxenU-1.4.7-68.2.SL4.x86_64.rpmkernel-module-r1000-2.6.9-89.0.16.EL-2.2-2.SL4x.x86_64.rpmkernel-module-r1000-2.6.9-89.0.16.ELlargesmp-2.2-2.SL4x.x86_64.rpmkernel-module-r1000-2.6.9-89.0.16.ELsmp-2.2-2.SL4x.x86_64.rpmkernel-module-r1000-2.6.9-89.0.16.ELxenU-2.2-2.SL4x.x86_64.rpmkernel-module-squashfs-2.6.9-89.0.16.EL-3.1.2-3.x86_64.rpmkernel-module-squashfs-2.6.9-89.0.16.ELlargesmp-3.1.2-3.x86_64.rpmkernel-module-squashfs-2.6.9-89.0.16.ELsmp-3.1.2-3.x86_64.rpmkernel-module-squashfs-2.6.9-89.0.16.ELxenU-3.1.2-3.x86_64.rpmkernel-module-unionfs-2.6.9-89.0.16.EL-1.1.5-3.x86_64.rpmkernel-module-unionfs-2.6.9-89.0.16.ELsmp-1.1.5-3.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved