Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
217
security advisorysecurity issuekernel updateOracle7: ELSA-2024-12806 critical: kernel security updates for Linux 7
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12806 http://linux.oracle.com/errata/ELSA-2024-12806.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-doc-4.1.12-124.91.3.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.91.3.el7uek.noarch.rpm kernel-uek-4.1.12-124.91.3.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.91.3.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.91.3.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.91.3.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.91.3.el7uek.src.rpm Related CVEs: CVE-2022-48760 CVE-2022-48804 CVE-2023-6606 Description of changes: [4.1.12-124.91.3.el7uek] - nfs_atomic_open(): prevent parallel nfs_lookup() on a negative hashed (Al Viro) [Orabug: 37006239] [4.1.12-124.91.2.el7uek] - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37035560] [4.1.12-124.91.1.el7uek] - vt_ioctl: fix array_index_nospec in vt_setactivate (Jakob Koschel) [Orabug: 37101899] {CVE-2022-48804} - tty: vt_ioctl: fix potential Spectre v1 (Gustavo A. R. Silva) [Orabug: 37101899] {CVE-2022-48804} - USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) [Orabug: 37101883] {CVE-2022-48760} - smb: client: fix OOB in smbCalcSize() (Paulo Alcantara) [Orabug: 36165420] {CVE-2023-6606} _______________________________________________ El-errata mailing list
Nov 06, 2024
•Critical
Oracle
100
security advisorysecurity updatecriticalSUSE 12 SP5: 2024:1834-1 Critical: NFS Data Corruption Fix
* bsc#1224785 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1834-1 Rating: critical References: * bsc#1224785 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The update is fixing a regression with nfs that could lead to data corruption. The following non-security bugs were fixed: * nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) *kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224785 . Urgent security patch released for the Linux kernel addressing nfs-associated data integrity problems on openSUSE distributions.. Linux Kernel Update, SUSE Security Patch, Azure Kernel Fix, Critical Update, nfs Correction. . Severity: Critical. LinuxSecurity.com Team
May 29, 2024
•Critical
SuSE
89
security advisoryFedorapermissions issueFedora 24 Vagrant Update to Fix Nfs_Cleanup Permissions Issue
Fix nfs_cleanup security race and permissions (rhbz#1395040).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-24ffcb9a47 2016-11-29 23:54:35.896654 -------------------------------------------------------------------------------- Name : vagrant Product : Fedora 24 Version : 1.8.1 Release : 5.fc24 URL : https://developer.hashicorp.com/vagrant Summary : Build and distribute virtualized development environments Description : Vagrant is a tool for building and distributing virtualized development environments. -------------------------------------------------------------------------------- Update Information: Fix nfs_cleanup security race and permissions (rhbz#1395040). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395040 - vagrant nfs exports race https://bugzilla.redhat.com/show_bug.cgi?id=1395040 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade vagrant' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 30, 2016
•Important
Fedora
98
security advisorybuffer overflowimportantRed Hat 5.4: RHSA-2010:0907-01 Important: Kernel Buffer Overflow DoS
Updated kernel packages that fix one security issue and four bugs are now available for Red Hat Enterprise Linux 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2010:0907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0907.html Issue date: 2010-11-23 CVE Names: CVE-2010-2521 ==================================================================== 1. Summary: Updated kernel packages that fix one security issue and four bugs are now available for Red Hat Enterprise Linux 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5.4.z server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * Buffer overflow flaws were found in the Linux kernel's implementation of the server-side External Data Representation (XDR) for the Network File System (NFS) version 4. An attacker on the local network could send a specially-crafted large compound request to the NFSv4 server, which could possibly result in a kernel panic (denial of service) or, potentially, code execution. (CVE-2010-2521, Important) This update also fixes the following bugs: * A race condition existed when generating new process IDs with the result that the wrong process could have been signaled or killed accidentally, leading to various application faults. This update detects and disallows the reuseof PID numbers. (BZ#638865) * In a two node cluster, moving 100 files between two folders using the lock master was nearly instantaneous. However, not using the lock master resulted in considerably worse performance on both GFS1 (Global File System 1) and GFS2 (Global File System 2) file systems. With this update, not using the lock master does not lead to worsened performance on either of the aforementioned file systems. (BZ#639071) * The device naming changed after additional devices were added to the system and caused various problems. With this update, device naming remains constant after adding any additional devices. (BZ#646764) * On some bnx2-based devices, frames could drop unexpectedly. This was shown by the increasing "rx_fw_discards" values in the "ethtool --statistics" output. With this update, frames are no longer dropped and all bnx2-based devices work as expected. (BZ#649254) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 612028 - CVE-2010-2521 kernel: nfsd4: bug in read_buf 638865 - [5.5] a race in pid generation that causes pids to be reused immediately. [rhel-5.4.z] 639071 - GFS1 vs GFS2 performance issue [rhel-5.4.z] 646764 - RHEL5.6 Include DL580 G7 in bfsort whitelist [rhel-5.4.z] 649254 - bnx2 adapter periodically dropping received packets [rhel-5.4.z] 6. Package List: Red Hat Enterprise Linux (v. 5.4.zserver): Source: kernel-2.6.18-164.30.1.el5.src.rpm i386: kernel-2.6.18-164.30.1.el5.i686.rpm kernel-PAE-2.6.18-164.30.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-164.30.1.el5.i686.rpm kernel-PAE-devel-2.6.18-164.30.1.el5.i686.rpm kernel-debug-2.6.18-164.30.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-164.30.1.el5.i686.rpm kernel-debug-devel-2.6.18-164.30.1.el5.i686.rpm kernel-debuginfo-2.6.18-164.30.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-164.30.1.el5.i686.rpm kernel-devel-2.6.18-164.30.1.el5.i686.rpm kernel-headers-2.6.18-164.30.1.el5.i386.rpm kernel-xen-2.6.18-164.30.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-164.30.1.el5.i686.rpm kernel-xen-devel-2.6.18-164.30.1.el5.i686.rpm ia64: kernel-2.6.18-164.30.1.el5.ia64.rpm kernel-debug-2.6.18-164.30.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-164.30.1.el5.ia64.rpm kernel-debug-devel-2.6.18-164.30.1.el5.ia64.rpm kernel-debuginfo-2.6.18-164.30.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-164.30.1.el5.ia64.rpm kernel-devel-2.6.18-164.30.1.el5.ia64.rpm kernel-headers-2.6.18-164.30.1.el5.ia64.rpm kernel-xen-2.6.18-164.30.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-164.30.1.el5.ia64.rpm kernel-xen-devel-2.6.18-164.30.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-164.30.1.el5.noarch.rpm ppc: kernel-2.6.18-164.30.1.el5.ppc64.rpm kernel-debug-2.6.18-164.30.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-164.30.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-164.30.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-164.30.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-164.30.1.el5.ppc64.rpm kernel-devel-2.6.18-164.30.1.el5.ppc64.rpm kernel-headers-2.6.18-164.30.1.el5.ppc.rpm kernel-headers-2.6.18-164.30.1.el5.ppc64.rpm kernel-kdump-2.6.18-164.30.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-164.30.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-164.30.1.el5.ppc64.rpm s390x: kernel-2.6.18-164.30.1.el5.s390x.rpm kernel-debug-2.6.18-164.30.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-164.30.1.el5.s390x.rpm kernel-debug-devel-2.6.18-164.30.1.el5.s390x.rpm kernel-debuginfo-2.6.18-164.30.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-164.30.1.el5.s390x.rpm kernel-devel-2.6.18-164.30.1.el5.s390x.rpm kernel-headers-2.6.18-164.30.1.el5.s390x.rpm kernel-kdump-2.6.18-164.30.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-164.30.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-164.30.1.el5.s390x.rpm x86_64: kernel-2.6.18-164.30.1.el5.x86_64.rpm kernel-debug-2.6.18-164.30.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-164.30.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-164.30.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-164.30.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-164.30.1.el5.x86_64.rpm kernel-devel-2.6.18-164.30.1.el5.x86_64.rpm kernel-headers-2.6.18-164.30.1.el5.x86_64.rpm kernel-xen-2.6.18-164.30.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-164.30.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-164.30.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-2521 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. . An important security patch for Red Hat's kernel has been released, fixing severe vulnerabilities and addressing a buffer overflow issue, necessitating a restart of the system.. Red Hat Advisory,Kernel Security,Buffer Overflow Fix,Red Hat Updates,Kernel Packages. . Severity: Important. LinuxSecurity.com Team
Nov 23, 2010
•Important
Red Hat
98
security advisorybug fiximportantRed Hat Enterprise Linux 4.8 RHSA-2009:1024-01 Important NFS Issues
Updated kernel packages are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the eighth regular update. These updated packages fix two security issues, hundreds of bugs, and add numerous enhancements. Space precludes a detailed description of each of these in this advisory. Refer to the Red Hat Enterprise Linux 4.8 Release Notes for information on 22 of the most significant of these changes. For more detailed information on specific bug fixes or enhancements, refer to the Bugzilla numbers associated with this advisory. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Enterprise Linux 4.8 kernel security and bug fix update Advisory ID: RHSA-2009:1024-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1024.html Issue date: 2009-05-18 Keywords: nahant kernel update Obsoletes: RHSA-2008:0665-13 CVE Names: CVE-2009-1336 CVE-2009-1337 ==================================================================== 1. Summary: Updated kernel packages are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the eighth regular update. These updated packages fix two security issues, hundreds of bugs, and add numerous enhancements. Space precludes a detailed description of each of these in this advisory. Refer to the Red Hat Enterprise Linux 4.8 Release Notes for information on 22 of the most significant of these changes. For more detailed information on specific bug fixes or enhancements, refer to the Bugzilla numbers associated with this advisory. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux ASversion 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: * the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important) * the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate) Bug Fixes and Enhancements: Kernel Feature Support: * added a new allowable value to "/proc/sys/kernel/wake_balance" to allow the scheduler to run the thread on any available CPU rather than scheduling it on the optimal CPU. * added "max_writeback_pages" tunable parameter to /proc/sys/vm/ to allow the maximum number of modified pages kupdate writes to disk, per iteration per run. * added "swap_token_timeout" tunable parameter to /proc/sys/vm/ to provide a valid hold time for the swap out protection token. * added diskdump support to sata_svw driver. * limited physical memory to 64GB for 32-bit kernels running on systems with more than 64GB of physical memory to prevent boot failures. * improved reliability of autofs. * added support for 'rdattr_error' in NFSv4 readdir requests. * fixed various short packet handling issues for NFSv4 readdir and sunrpc. * fixed several CIFS bugs. Networking and IPv6 Enablement: * added router solicitation support. * enforced sg requires tx csum in ethtool. Platform Support: x86, AMD64, Intel 64, IBM System z * added support for a new Intel chipset. * added initialization vendor info inboot_cpu_data. * added support for N_Port ID Virtualization (NPIV) for IBM System z guests using zFCP. * added HDMI support for some AMD and ATI chipsets. * updated HDA driver in ALSA to latest upstream as of 2008-07-22. * added support for affected_cpus for cpufreq. * removed polling timer from i8042. * fixed PM-Timer when using the ASUS A8V Deluxe motherboard. * backported usbfs_mutex in usbfs. 64-bit PowerPC: * updated eHEA driver from version 0078-04 to 0078-08. * updated logging of checksum errors in the eHEA driver. Network Driver Updates: * updated forcedeth driver to latest upstream version 0.61. * fixed various e1000 issues when using Intel ESB2 hardware. * updated e1000e driver to upstream version 0.3.3.3-k6. * updated igb to upstream version 1.2.45-k2. * updated tg3 to upstream version 3.96. * updated ixgbe to upstream version 1.3.18-k4. * updated bnx2 to upstream version 1.7.9. * updated bnx2x to upstream version 1.45.23. * fixed bugs and added enhancements for the NetXen NX2031 and NX3031 products. * updated Realtek r8169 driver to support newer network chipsets. All variants of RTL810x/RTL8168(9) are now supported. Storage Driver Updates: * fixed various SCSI issues. Also, the SCSI sd driver now calls the revalidate_disk wrapper. * fixed a dmraid reduced I/O delay bug in certain configurations. * removed quirk aac_quirk_scsi_32 for some aacraid controllers. * updated FCP driver on IBM System z systems with support for point-to-point connections. * updated lpfc to version 8.0.16.46. * updated megaraid_sas to version 4.01-RH1. * updated MPT Fusion driver to version 3.12.29.00rh. * updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s adapters. * updated qla2xxx driver to version 8.02.09.00.04.08-d. * fixed sata_nv in libsata to disable ADMA mode by default. Miscellaneous Updates: * upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to version 1.4. * added driver support and fixes for various Wacom tablets. Users should install this update, which resolves these issues andadds these enhancements. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 161590 - sr_get_mcn: check for kmalloc failure 161594 - drivers/scsi/sg.c: fix check after use 169129 - remove tape during error handling -> "illegal state transition" 175189 - Debug: sleeping function called from invalid context at include/linux/rwsem.h:43 175830 - dm-snap.c: Data read from snapshot may be corrupt if origin is being written to simultaneously 182687 - lm_sensors fails with piix4_smbus errors on ServerWorks Grand Champion SL/w83781d 183651 - sd data corrupter 185585 - Hangs when registering modules to handle ioctls in kernel compatibility mode 191764 - [PATCH] Don't match tcp/udp source/destination port for IP fragments 191767 - [PATCH] NET: Ensure device name passed to SO_BINDTODEVICE is NULL terminated. 191770 - [PATCH] Netfilter ip_queue: Fix wrong skb-> len == nlmsg_len assumption 191777 - [PATCH] Fix deadlock in br_stp_disable_bridge 191797 - [PATCH] Fix extra dst release when ip_options_echo fails 203235 - PMTimer doesn't get detected in an Asus A8V Deluxe motherboard 243067 - Kernel panic using USB serial I/O 248666 - Serious problems during the diskdump, can cause the machine to hang and not reboot. 249775 - Request to backport zFCP NPIV support to RHEL 4 249867 - Kernel can BUG() in low memory conditions 253754 - use after free in nlm subsystem 294821 - RHEL4.5: PM Timer appears in top-level make menuconfig 298811 - pci_alloc_consistent() for 64k on 16gig machine -> return value is not multiple of 64k 329201 - scsi hot swapp mechanism not working with SATA HDD under RHEL4U5 334411 - Watchdog timeout e1000 (7.3.20-k2-NAPI) 367661 - Getting Cpu stuck messages on boot up 430997 - tx checksum offload settings reported incorrectly 432364 - e1000e: Wakeup-on-Landoes not work 432393 - memory leak on size-8192 buckets with NFSV4 432881 - kernel: NFS: v4 server returned a bad sequence-id error! 437410 - ip tunnel can't be bound to another device 437555 - via-rhine may lose link 437674 - Kernel Panic in tcp_retransmit_skb 437881 - ptrace: orig_rax 0x00000000ffffffff not recognized as -1 437921 - [PATCH] NFSv3: mode of the symlink can be update 439043 - Swap Token issue with RHEL4 439431 - include patch to add FATTR4_RDATTR_ERROR to readdir calls 439548 - A deadlock can occur between mmap/munmap and journaling(ext3). 439920 - entropy generation in bnx2 driver not consistent with other network drivers on RHEL4 439921 - align per-cpu section to configured cache bytes 440467 - ethttool -S on r8169 version 2.2LK hangs when interface is down 441707 - ADMA problems with sata_nv 441794 - intermittant mount failures 442579 - Backport fix for possible data corruption in mark_buffer_dirty on SMP 443044 - fix setuid/setgid clearing by knfsd 443655 - Clean up handling of short readdir packets in NFS client 445054 - 8250 serial port lock recursion 445412 - clean up CIFS build warnings 445795 - /proc filesystem in RHEL4 doesn't follow usual unix filesystem conventions 446083 - Ensure that 'noac' and/or 'actimeo=0' turn off attribute caching 446396 - crm #1790828 Kernel 2.6.9-67.ELsmp panics in nfs4_free_client 447397 - CIFS: slab error in kmem_cache_destroy(): cache `cifs_request': Can't free all objects 447401 - CIFS VFS: Send error in FindClose = -9 447413 - CIFS: clear DFS bit in header_assemble 447569 - mounting CIFS subshare doesn't autoconvert prepath delimiters447741 - JBD: Fix typo that could result in filesystem corruption. 448076 - memory corruption due to portmap call succeeding after parent rpc_clnt has been freed 448603 - holding files under /proc/net open no longer adds to module refcount 448777 - Backport FCP point-to-point to RHEL 4 450953 - el4u6 xenU guest kernel lockup due to mm_unpinned_lock and runqueue spinlock deadlock 451819 - process hangs in async direct IO /possible race between dio_bio_end_aio() and dio_await_one() ? 452287 - [Intel 4.8 FEAT] e1000e driver update to latest upstream 452289 - [Intel 4.8 FEAT] igb driver update to latest upstream 452292 - [Intel 4.8 FEAT] ixgbe driver update to latest upstream 452390 - PATH and EXECVE audit records contain bogus newlines 452706 - kernel BUG at kernel/signal.c:369! (attempt to free tsk-> signal twice) 452846 - FEAT: RHEL 4.8 HDA ALSA driver update from mainstream 453053 - RHSA-2008:0508 linux-2.6.9-x86_64-copy_user-zero-tail.patch broken 453171 - kernel: usbhid: probe of 3-1:1.0 failed with error -5 453359 - page keeps non uptodate 453507 - kernel panic with kernel version 2.6.9-67.0.20.EL 454050 - Fail to build kernel when enable CONFIG_ACPI_DEBUG in .config 454417 - Inconsistent documentation regarding pci_alloc_consistent 454793 - document divider= option in kernel docs 454838 - LTC:4.8:201714:Update the ehea driver to sync with mainline kernel 454872 - [NetApp 4.8 bug] online resize of filesystem does not work 455253 - [4.7] /proc/acpi/dsdt: No such device 455756 - [RHEL4/Xen]: Allow attach of > 16 xvd devices 455843 - Kernel panic at hcd_pci_release+16 455917 - fattr structs being used uninitialized in nfs3_proc_getacl and nfs3_proc_setacls 456051 - kernel: fix array out of bounds when mounting with selinux options [rhel-4.8] 456078 - Timeouts in wait_drive_not_busy with TEAC DV-W28ECW and similar 456425 - Crash dump fails on IA64 with block_order set to 10 456438 - [RHEL4.7 Beta] Wake on LAN function does not operate with LAN card which uses igb driver 456653 - Crash due to incorrect inet{,6} device initialization order 456664 - Kernel panic when unloading ip conntrack modules 456686 - race in aio_complete() leads to process hang 456911 - RHEL4 scheduler optimizations for financial applications 457009 - ipv6: use timer pending to fix bridge reference count problem [rhel-4.8] 457015 - pppoe: Check packet length on all receive paths [rhel-4.8] 457020 - pppoe: Unshare skb before anything else [rhel-4.8] 457028 -ide-cd: fix oops when using growisofs [rhel-4.8] 457310 - RTL8101E with driver r8169 does not work on 1000 network 457409 - [RHEL4.6] x86_64 race condition at shutdown/panic 457552 - aac_fib_send failed with status 8195 458022 - kernel: random32: seeding improvement [rhel-4.8] 458805 - missing infiniband kernel headers458863 - Backport NetXen nic driver from upstream kernel to RHEL4 458955 - Badness in __writeback_single_inode at fs/fs-writeback.c:248 459063 - pppoe: Fix skb_unshare_check call position [rhel-4.8] 459222 - RHEL4.8: Patch to support new HDMI Audio 459644 - [RHEL4] nmi watchdog: include fix for Pentium 4 D processors460083 - Kernel part of AutoFS still having issues with expiration of submount maps 460106 - regression, rhel4.7+, on the try to read /proc/self/mem getting improper return value 460859 - kernel: devmem: add range_is_allowed() check to mmap_mem() [rhel-4.8] 460874 - lost packets when live migrating (RHEL4 XEN) 461005 - CIFS option forcedirectio fails to allow the appending of text to files. 461014 - netdump fails when bnx2 has remote copper PHY - Badness in local_bh_enable at kernel/softirq.c:141 461085 - lockd: return NLM_LCK_DENIED_GRACE_PERIOD after long periods 461246 - RHEL4 64 bit skips all pids with bit 15 set (32768-65535, 98304-131071 etc) 462277 - find using an automounted directory results in 'No such file or directory' 462278 - do_mount_indirect: indirect trigger not valid 462459 - Update CIFS for RHEL4.8 463897 - [RHEL4 PV-on-HVM]: Crash in xen-vbd when trying to attach disks 464676 - virtual ethernet device stops working on reception of duplicate backend state change signals 465360 - openib creates multiple /proc/net/sdp files 465366 - add multi-core support to cpufreq driver 465487 - Fix compile warnings caused by adding roundup() to kernel.h 465914 - rhel4 PV guest installations busted on rhel 5.3 i386 intel dom0 466127 - dasd: fix loop in request expiration handling 467442 - Concurrent CIFS mount/umount processes to same windows machine, different shares hangs umountprocesses or crashes kernel 467669 - kernel panic related to autofs4_catatonic_mode when stopping autofs 467714 - Kernel BUG at include/linux/module.h:397 467829 - md: pass down BIO_RW_SYNC in raid{1,10}' applied to RHEL4 kernel 468890 - BUG() call in net/core/skbuff.c in function ___pksb_trim() 471560 - [4.7.z] Unable to Unload "ohci-hcd " And to Reboot 472005 - [Stratus 4.8 bug REVERT] panic reading /proc/bus/input/devices during input device removal 472557 - futex missreporting ETIMEDOUT instead of EINVAL 472568 - CRM #1862478 xen guest installation panics when installing 100th guest 472572 - RHEL4.7 guest will crash, if creating with only RTL8139 emulation NIC 473258 - [4.7] ethtool operation to the slave device of bonding makes the system hang up. 474055 - [RHEL-4] wacomexpresskeys: fix Graphire support 474479 - RHEL4.8 kernel crashed in net_rx_action() on IA64 machine in RHTS connectathon test 474667 - Need to build xen-platform-pci as a module and not into the kernel 475715 - [autofs4] Incorrect "active offset mount" messages in syslog 475849 - [RHEL 4.7 Xen]: Guest hang on FV save/restore 476461 - panic in kcopyd during snapshot I/O 476704 - [QLogic 4.8 bug] qla2xxx - Properly support programmable devices 476726 - [nfs] actimeo=0 not enforced during ftruncate operations, resulting in database crashes 477202 - oops in net_rx_action on double free of dev-> poll_list 477280 - [QLogic 4.8 bug] qla4xxx - Driver Update Patches - bugs, cleanups 477635 - If diskdump fails, panic information should be displayed. 477945 - Kernel Panic with Bnx2 - Badness in local_bh_enable at kernel/softirq.c:141 478687 - LTC:4.8:200770:Include Open Fabric Enterprise Distribution 478798 - fix scsi device cleanup when sysfs addition fails 479094 - [QLogic 4.8 bug] qla2xxx - Updates from standard and upstream drivers479728 - NFS: unable to unmount file system 479764 - Leap second message can hang the kernel 479845 - Kernel maintainer's bz for committing some maintenance patches 479862 - [QLogic 4.8 bug] qla4xxx - Correct versionnumber 479910 - Kernel Panic on AMD-K6 480137 - Improve udp port randomization 480158 - RHEL 4.8 mpt driver fails to bring up device 480666 - [EMULEX 4.8 bug] scsi messages correlate with silent data corruption, but no i/o errors481207 - netdump generates incomplete vmcore logs with Broadcom BCM5754 482822 - Intel E1000 doesn't work on NVIDIA MCP51 motherboards 483535 - RHEL4 kvm virtio: kernel driver updates 484261 - cifs mounted home directory breaks ssh security checks on authorized_keys file 484319 - Random crashing in dm snapshots because of a race condition 484376 - netdump is broken on igb and ixgbe devices in recent update 484667 - Dropping packets in bnx2 since 1.7.9 bnx2 version 485092 - [Qlogic 4.8 bug] qla4xxx: properly support the Async Msg PDU 485421 - Kernel panic when running xen-vnif enabled FV guest image on KVM 488018 - NMI appears to be stuck (460) - NMI received for unknown reason 21 489300 - fix dst cache leak 489768 - [RHEL4u4] Kernel panic was caused by page_symlink() when kernel has to shrink caches 490021 - Creation of mirrored logical volume with VG extent-size of 1K fails 490744 - UNDERRUN and TIMEOUT status with qla2xxx 491154 - divider option does not work with TSC clocksource 491784 - [QLogic 4.8 bug] qla2xxx - fixes for flash, loop resets and HBA traversal 492156 - [QLogic 4.8 bug] qla2xxx - firmware update for blade servers493771 - CVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL) check 494074 - CVE-2009-1336 kernel: nfsv4 client can be crashed by stating a long filename 495673 - kernel dm crypt: memory corruption when invalid mapping parameters provided 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: kernel-2.6.9-89.EL.i686.rpm kernel-debuginfo-2.6.9-89.EL.i686.rpm kernel-devel-2.6.9-89.EL.i686.rpm kernel-hugemem-2.6.9-89.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.EL.i686.rpm kernel-smp-2.6.9-89.EL.i686.rpm kernel-smp-devel-2.6.9-89.EL.i686.rpm kernel-xenU-2.6.9-89.EL.i686.rpm kernel-xenU-devel-2.6.9-89.EL.i686.rpm ia64: kernel-2.6.9-89.EL.ia64.rpm kernel-debuginfo-2.6.9-89.EL.ia64.rpm kernel-devel-2.6.9-89.EL.ia64.rpm kernel-largesmp-2.6.9-89.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.EL.noarch.rpm ppc: kernel-2.6.9-89.EL.ppc64.rpm kernel-2.6.9-89.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-89.EL.ppc64.rpm kernel-debuginfo-2.6.9-89.EL.ppc64iseries.rpm kernel-devel-2.6.9-89.EL.ppc64.rpm kernel-devel-2.6.9-89.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-89.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-89.EL.ppc64.rpm s390: kernel-2.6.9-89.EL.s390.rpm kernel-debuginfo-2.6.9-89.EL.s390.rpm kernel-devel-2.6.9-89.EL.s390.rpm s390x: kernel-2.6.9-89.EL.s390x.rpm kernel-debuginfo-2.6.9-89.EL.s390x.rpm kernel-devel-2.6.9-89.EL.s390x.rpm x86_64: kernel-2.6.9-89.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.EL.x86_64.rpm kernel-devel-2.6.9-89.EL.x86_64.rpm kernel-largesmp-2.6.9-89.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.EL.x86_64.rpm kernel-smp-2.6.9-89.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.EL.x86_64.rpm kernel-xenU-2.6.9-89.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: kernel-2.6.9-89.EL.i686.rpm kernel-debuginfo-2.6.9-89.EL.i686.rpm kernel-devel-2.6.9-89.EL.i686.rpm kernel-hugemem-2.6.9-89.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.EL.i686.rpm kernel-smp-2.6.9-89.EL.i686.rpm kernel-smp-devel-2.6.9-89.EL.i686.rpm kernel-xenU-2.6.9-89.EL.i686.rpm kernel-xenU-devel-2.6.9-89.EL.i686.rpm noarch: kernel-doc-2.6.9-89.EL.noarch.rpm x86_64: kernel-2.6.9-89.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.EL.x86_64.rpm kernel-devel-2.6.9-89.EL.x86_64.rpm kernel-largesmp-2.6.9-89.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.EL.x86_64.rpm kernel-smp-2.6.9-89.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.EL.x86_64.rpm kernel-xenU-2.6.9-89.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: kernel-2.6.9-89.EL.i686.rpm kernel-debuginfo-2.6.9-89.EL.i686.rpm kernel-devel-2.6.9-89.EL.i686.rpm kernel-hugemem-2.6.9-89.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.EL.i686.rpm kernel-smp-2.6.9-89.EL.i686.rpm kernel-smp-devel-2.6.9-89.EL.i686.rpm kernel-xenU-2.6.9-89.EL.i686.rpm kernel-xenU-devel-2.6.9-89.EL.i686.rpm ia64: kernel-2.6.9-89.EL.ia64.rpm kernel-debuginfo-2.6.9-89.EL.ia64.rpm kernel-devel-2.6.9-89.EL.ia64.rpm kernel-largesmp-2.6.9-89.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.EL.noarch.rpm x86_64: kernel-2.6.9-89.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.EL.x86_64.rpm kernel-devel-2.6.9-89.EL.x86_64.rpm kernel-largesmp-2.6.9-89.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.EL.x86_64.rpm kernel-smp-2.6.9-89.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.EL.x86_64.rpm kernel-xenU-2.6.9-89.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.EL.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: kernel-2.6.9-89.EL.i686.rpm kernel-debuginfo-2.6.9-89.EL.i686.rpm kernel-devel-2.6.9-89.EL.i686.rpm kernel-hugemem-2.6.9-89.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.EL.i686.rpm kernel-smp-2.6.9-89.EL.i686.rpm kernel-smp-devel-2.6.9-89.EL.i686.rpm kernel-xenU-2.6.9-89.EL.i686.rpm kernel-xenU-devel-2.6.9-89.EL.i686.rpm ia64: kernel-2.6.9-89.EL.ia64.rpm kernel-debuginfo-2.6.9-89.EL.ia64.rpm kernel-devel-2.6.9-89.EL.ia64.rpm kernel-largesmp-2.6.9-89.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.EL.noarch.rpm x86_64: kernel-2.6.9-89.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.EL.x86_64.rpm kernel-devel-2.6.9-89.EL.x86_64.rpm kernel-largesmp-2.6.9-89.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.EL.x86_64.rpm kernel-smp-2.6.9-89.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.EL.x86_64.rpm kernel-xenU-2.6.9-89.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-1336 https://www.cve.org/CVERecord?id=CVE-2009-1337 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . Canonical announces a crucial patch for Ubuntu 20.04, addressing vulnerabilities and improving overall performance substantially.. Red Hat, Kernel Update, RHEL 4.8, NFS Issues, Security Fix. . Severity: Important. LinuxSecurity.com Team
May 18, 2009
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxlocal exploitRed Hat 4: RHSA-2007:1129-01 Important: Autofs5 Root Access Flaw
Updated Red Hat Enterprise Linux 4 Technology Preview autofs5 packages are now available to fix a security flaw. There was a security issue with the default installed configuration of autofs version 5 whereby the entry for the "hosts" map did not specify the "nosuid" mount option. A local user with control of a remote nfs server could create a setuid root executable within an exported filesystem on the remote nfs server that, if mounted using the default hosts map, would allow the user to gain root privileges. This update has been rated as having important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: autofs5 security update Advisory ID: RHSA-2007:1129-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:1129.html Issue date: 2007-12-12 Updated on: 2007-12-12 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-5964 - ---------------------------------------------------------------------1. Summary: Updated Red Hat Enterprise Linux 4 Technology Preview autofs5 packages are now available to fix a security flaw. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The autofs utility controls the operation of the automount daemon, which automatically mounts and unmounts file systems after a period of inactivity. The autofs version 5 package was made available as a technology preview in Red Hat Enterprise Linux version 4.6. There was a security issue with the default installed configuration of autofs version 5whereby the entry for the "hosts" map did not specify the "nosuid" mount option. A local user with control of a remote nfs server could create a setuid root executable within an exported filesystem on the remote nfs server that, if mounted using the default hosts map, would allow the user to gain root privileges. (CVE-2007-5964) Due to the fact that autofs version 5 always mounted hosts map entries suid by default, autofs has now been altered to always use the "nosuid" option when mounting from the default hosts map. The "suid" option must be explicitly given in the master map entry to revert to the old behavior. This change affects only the hosts map which corresponds to the /net entry in the default configuration. Users are advised to upgrade to these updated autofs5 packages, which resolve this issue. Red Hat would like to thank Josh Lange for reporting this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 410031 - CVE-2007-5964 autofs defaults don't restrict suid in /net 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: 05d5179245e60b719cbb294d175b748a autofs5-5.0.1-0.rc2.55.el4_6.1.src.rpm i386: 843984a6c993a423d230b60a53bdac84 autofs5-5.0.1-0.rc2.55.el4_6.1.i386.rpm 26cb6bd2589982a94b432ecf0864ab3a autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.i386.rpm ia64: e8651311ccacbb795889d6c6fb5ea937 autofs5-5.0.1-0.rc2.55.el4_6.1.ia64.rpm 5b182c69e3ecfc639d9cdbdb67e5ba90 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.ia64.rpm ppc: 17078df28123aef61102d27fdc23f36e autofs5-5.0.1-0.rc2.55.el4_6.1.ppc.rpm e567075f64c8c5c88b32d2a392f900fc autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.ppc.rpm s390: 7dfd1842cd49a84cec0c647d1806020e autofs5-5.0.1-0.rc2.55.el4_6.1.s390.rpm e78775fdc40cb0e21f7df1a7ff3b6e42 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.s390.rpm s390x: f9df3328f755b3d40d724e83a5fa4bc4 autofs5-5.0.1-0.rc2.55.el4_6.1.s390x.rpm d5b8283c0b0dc496ae8cbaf3500774e7 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.s390x.rpm x86_64: 1ba8f965d1eab75e4245600c2ac8d188 autofs5-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm 0521149a1e5eb334bcc68305596b16d0 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 05d5179245e60b719cbb294d175b748a autofs5-5.0.1-0.rc2.55.el4_6.1.src.rpm i386: 843984a6c993a423d230b60a53bdac84 autofs5-5.0.1-0.rc2.55.el4_6.1.i386.rpm 26cb6bd2589982a94b432ecf0864ab3a autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.i386.rpm x86_64: 1ba8f965d1eab75e4245600c2ac8d188 autofs5-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm 0521149a1e5eb334bcc68305596b16d0 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 05d5179245e60b719cbb294d175b748a autofs5-5.0.1-0.rc2.55.el4_6.1.src.rpm i386: 843984a6c993a423d230b60a53bdac84 autofs5-5.0.1-0.rc2.55.el4_6.1.i386.rpm 26cb6bd2589982a94b432ecf0864ab3a autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.i386.rpm ia64: e8651311ccacbb795889d6c6fb5ea937 autofs5-5.0.1-0.rc2.55.el4_6.1.ia64.rpm 5b182c69e3ecfc639d9cdbdb67e5ba90 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.ia64.rpm x86_64: 1ba8f965d1eab75e4245600c2ac8d188 autofs5-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm 0521149a1e5eb334bcc68305596b16d0 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 05d5179245e60b719cbb294d175b748a autofs5-5.0.1-0.rc2.55.el4_6.1.src.rpm i386: 843984a6c993a423d230b60a53bdac84 autofs5-5.0.1-0.rc2.55.el4_6.1.i386.rpm 26cb6bd2589982a94b432ecf0864ab3a autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.i386.rpm ia64: e8651311ccacbb795889d6c6fb5ea937 autofs5-5.0.1-0.rc2.55.el4_6.1.ia64.rpm 5b182c69e3ecfc639d9cdbdb67e5ba90 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.ia64.rpm x86_64: 1ba8f965d1eab75e4245600c2ac8d188 autofs5-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm 0521149a1e5eb334bcc68305596b16d0 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-5964 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . RedHat has released an important autofs5 update to fix a critical NFS server vulnerability, vital for secure automount management and access prevention. Red Hat Enterprise Linux, autofs5 security, NFS exploit. . Severity: Important. LinuxSecurity.com Team
Dec 12, 2007
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!