CentOS Errata and Security Advisory CESA-2008:0972
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
a flaw was found in the Linux kernelβs Direct-IO implementation. This
could have allowed a local unprivileged user to cause a denial of service.
(CVE-2007-6716, Important)
when running ptrace in 31-bit mode on an IBM S/390 or IBM System z
kernel, a local unprivileged user could cause a denial of service by
reading from or writing into a padding area in the user_regs_struct32
structure. (CVE-2008-1514, Important)
the do_truncate() and generic_file_splice_write() functions did not clear
the setuid and setgid bits. This could have allowed a local unprivileged
user to obtain access to privileged information. (CVE-2008-4210, Important)
Tobias Klein reported a missing check in the Linux kernelβs Open Sound
System (OSS) implementation. This deficiency could have led to an
information leak. (CVE-2008-3272, Moderate)
a potential denial of service attack was discovered in the Linux kernelβs
PWC USB video driver. A local unprivileged user could have used this flaw
to bring the kernel USB subsystem into the busy-waiting state.
(CVE-2007-5093, Low)
the ext2 and ext3 file systems code failed to properly handle corrupted
data structures, leading to a possible local denial of service issue when
read or write operations were performed. (CVE-2008-3528, Low)
In addition, these updated packages fix the following bugs:
when using the CIFS βforcedirectioβ option, appending to an open file on
a CIFS share resulted in that file being overwritten with the data to be
appended.
a kernel panic occurred when a device with PCI ID 8086:10c8 was present
on a system with a loaded ixgbe driver.
due to an aacraid driver regression, the kernel failed to boot when trying
to load the aacraid driver and printed the following error message:
βaac_srb: aac_fib_send failed with status: 8195β.
due to an mpt driver regression, when RAID 1 was configured on Primergy
systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked
during boot.
the mpt driver produced a large number of extraneous debugging messages
when performing a βHost resetβ operation.
due to a regression in the sym driver, the kernel panicked when a SCSI
hot swap was performed using MCP18 hardware.
all cores on a multi-core system now scale their frequencies in
accordance with the policy set by the systemβs CPU frequency governor.
the netdump subsystem suffered from several stability issues. These are
addressed in this updated kernel.
under certain conditions, the ext3 file system reported a negative count
of used blocks.
reading /proc/self/mem incorrectly returned βInvalid argumentβ instead of
βinput/output errorβ due to a regression.
under certain conditions, the kernel panicked when a USB device was
removed while the system was busy accessing the device.
a race condition in the kernel could have led to a kernel crash during
the creation of a new process.
All Red Hat Enterprise Linux 4 Users should upgrade to these updated
packages, which contain backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-November/077586.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077587.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077605.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077607.html
Affected packages:
kernel
kernel-devel
kernel-doc
kernel-hugemem
kernel-hugemem-devel
kernel-largesmp
kernel-largesmp-devel
kernel-smp
kernel-smp-devel
kernel-xenU
kernel-xenU-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0972
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | x86_64 | kernel | <Β 2.6.9-78.0.8.EL | kernel-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-devel | <Β 2.6.9-78.0.8.EL | kernel-devel-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | noarch | kernel-doc | <Β 2.6.9-78.0.8.EL | kernel-doc-2.6.9-78.0.8.EL.noarch.rpm |
CentOS | 4 | x86_64 | kernel-largesmp | <Β 2.6.9-78.0.8.EL | kernel-largesmp-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-largesmp-devel | <Β 2.6.9-78.0.8.EL | kernel-largesmp-devel-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp | <Β 2.6.9-78.0.8.EL | kernel-smp-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp-devel | <Β 2.6.9-78.0.8.EL | kernel-smp-devel-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-xenu | <Β 2.6.9-78.0.8.EL | kernel-xenU-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-xenu-devel | <Β 2.6.9-78.0.8.EL | kernel-xenU-devel-2.6.9-78.0.8.EL.x86_64.rpm |
CentOS | 4 | i586 | kernel | <Β 2.6.9-78.0.8.EL | kernel-2.6.9-78.0.8.EL.i586.rpm |