SciLinux: CVE-2010-2248 Important: kernel SL4.x i386/x86_64

Date:         Mon, 9 Aug 2010 08:09:57 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Important: kernel on SL4.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: kernel security and bug fix update
Issue date:	2010-08-05
CVE Names:	CVE-2010-2248 CVE-2010-2521

This update fixes the following security issues:

* a flaw was found in the CIFSSMBWrite() function in the Linux kernel
Common Internet File System (CIFS) implementation. A remote attacker 
could send a specially-crafted SMB response packet to a target CIFS 
client, resulting in a kernel panic (denial of service). (CVE-2010-2248, 
Important)

* buffer overflow flaws were found in the Linux kernel's implementation 
of the server-side External Data Representation (XDR) for the Network 
File System (NFS) version 4. An attacker on the local network could send 
a specially-crafted large compound request to the NFSv4 server, which 
could possibly result in a kernel panic (denial of service) or, 
potentially, code execution. (CVE-2010-2521, Important)

This update also fixes the following bug:

* the rpc_call_async() function in the SUN Remote Procedure Call (RPC)
subsystem in the Linux kernel had a reference counting bug. In certain
situations, some Network Lock Manager (NLM) messages may have triggered
this bug on NFSv2 and NFSv3 servers, leading to a kernel panic (with
"kernel BUG at fs/lockd/host.c:[xxx]!" logged to "/var/log/messages").
(BZ#612962)

The system must be rebooted for this update to take effect.

SL 4.x

     SRPMS:
kernel-2.6.9-89.0.28.EL.src.rpm
     i386:
kernel-2.6.9-89.0.28.EL.i686.rpm
kernel-devel-2.6.9-89.0.28.EL.i686.rpm
kernel-doc-2.6.9-89.0.28.EL.noarch.rpm
kernel-hugemem-2.6.9-89.0.28.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.0.28.EL.i686.rpm
kernel-smp-2.6.9-89.0.28.EL.i686.rpm
kernel-smp-devel-2.6.9-89.0.28.EL.i686.rpm
kernel-xenU-2.6.9-89.0.28.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.0.28.EL.i686.rpm
   Dependancies:
kernel-module-fuse-2.6.9-89.0.28.EL-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.28.ELhugemem-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.28.ELsmp-2.7.3-1.SL.i686.rpm
kernel-module-fuse-2.6.9-89.0.28.ELxenU-2.7.3-1.SL.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.28.EL-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELhugemem-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELsmp-1.1.0-1.SL4.i686.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELxenU-1.1.0-1.SL4.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.EL-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELhugemem-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELsmp-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELxenU-1.41-1.SL.i686.rpm
kernel-module-openafs-2.6.9-89.0.28.EL-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.28.ELhugemem-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.28.ELsmp-1.4.7-68.2.SL4.i686.rpm
kernel-module-openafs-2.6.9-89.0.28.ELxenU-1.4.7-68.2.SL4.i686.rpm
kernel-module-r1000-2.6.9-89.0.28.EL-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.28.ELhugemem-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.28.ELsmp-2.2-2.SL4x.i686.rpm
kernel-module-r1000-2.6.9-89.0.28.ELxenU-2.2-2.SL4x.i686.rpm
kernel-module-squashfs-2.6.9-89.0.28.EL-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELhugemem-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELsmp-3.1.2-3.i686.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELxenU-3.1.2-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.28.EL-1.1.5-3.i686.rpm
kernel-module-unionfs-2.6.9-89.0.28.ELsmp-1.1.5-3.i686.rpm


     x86_64:
kernel-2.6.9-89.0.28.EL.x86_64.rpm
kernel-devel-2.6.9-89.0.28.EL.x86_64.rpm
kernel-doc-2.6.9-89.0.28.EL.noarch.rpm
kernel-largesmp-2.6.9-89.0.28.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.0.28.EL.x86_64.rpm
kernel-smp-2.6.9-89.0.28.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.0.28.EL.x86_64.rpm
kernel-xenU-2.6.9-89.0.28.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.0.28.EL.x86_64.rpm
   Dependancies
kernel-module-fuse-2.6.9-89.0.28.EL-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.28.ELlargesmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.28.ELsmp-2.7.3-1.SL.x86_64.rpm
kernel-module-fuse-2.6.9-89.0.28.ELxenU-2.7.3-1.SL.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.28.EL-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELlargesmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELsmp-1.1.0-1.SL4.x86_64.rpm
kernel-module-ipw3945-2.6.9-89.0.28.ELxenU-1.1.0-1.SL4.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.EL-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELlargesmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELsmp-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.9-89.0.28.ELxenU-1.41-1.SL.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.28.EL-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.28.ELlargesmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.28.ELsmp-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-openafs-2.6.9-89.0.28.ELxenU-1.4.7-68.2.SL4.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.28.EL-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.28.ELlargesmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.28.ELsmp-2.2-2.SL4x.x86_64.rpm
kernel-module-r1000-2.6.9-89.0.28.ELxenU-2.2-2.SL4x.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.28.EL-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELlargesmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELsmp-3.1.2-3.x86_64.rpm
kernel-module-squashfs-2.6.9-89.0.28.ELxenU-3.1.2-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.28.EL-1.1.5-3.x86_64.rpm
kernel-module-unionfs-2.6.9-89.0.28.ELsmp-1.1.5-3.x86_64.rpm


-Connie Sieh
-Troy Dawson
Get the Latest News & Insights
SciLinux: CVE-2010-2248 Important: kernel SL4.x i386/x86_64

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
