CentOS ProjectCESA-2008:0607kernel security update
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.894 High
EPSS
Percentile
98.7%
CentOS Errata and Security Advisory CESA-2008:0607
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
These updated packages fix the following security issue:
- a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)
As well, these updated packages fix the following bugs:
-
a possible kernel hang on hugemem systems, due to a bug in NFS, which may
have caused systems to become unresponsive, has been resolved. -
an inappropriate exit condition occurred in the architecture-specific
βmmap()β realization, which fell into an infinite loop under certain
conditions. On 64-bit systems, this issue may have manifested itself to
users as a soft lockup, or process hangs. -
due to a bug in hardware initialization in the βohci_hcdβ kernel module,
the kernel may have failed with a NULL pointer dereference. On 64-bit
PowerPC systems, this may have caused booting to fail, and drop to xmon. On
other platforms, a kernel oops occurred. -
due to insufficient locks in task termination code, a panic may have
occurred in the βsys_times()β system call on SMP machines.
Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-July/077317.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077318.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077333.html
https://lists.centos.org/pipermail/centos-announce/2008-July/077334.html
Affected packages:
kernel
kernel-devel
kernel-doc
kernel-hugemem
kernel-hugemem-devel
kernel-largesmp
kernel-largesmp-devel
kernel-smp
kernel-smp-devel
kernel-xenU
kernel-xenU-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0607
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 4 | x86_64 | kernel | <Β 2.6.9-67.0.22.EL | kernel-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-devel | <Β 2.6.9-67.0.22.EL | kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | noarch | kernel-doc | <Β 2.6.9-67.0.22.EL | kernel-doc-2.6.9-67.0.22.EL.noarch.rpm |
| CentOS | 4 | x86_64 | kernel-largesmp | <Β 2.6.9-67.0.22.EL | kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-largesmp-devel | <Β 2.6.9-67.0.22.EL | kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-smp | <Β 2.6.9-67.0.22.EL | kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-smp-devel | <Β 2.6.9-67.0.22.EL | kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-xenu | <Β 2.6.9-67.0.22.EL | kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | x86_64 | kernel-xenu-devel | <Β 2.6.9-67.0.22.EL | kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm |
| CentOS | 4 | i586 | kernel | <Β 2.6.9-67.0.22.EL | kernel-2.6.9-67.0.22.EL.i586.rpm |
Related
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.894 High
EPSS
Percentile
98.7%