CentOS ProjectCESA-2008:1017kernel security update
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.089 Low
EPSS
Percentile
94.5%
CentOS Errata and Security Advisory CESA-2008:1017
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
-
Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could,
potentially, lead to local privilege escalation. Note: the flaw only
affects systems based on the Intel G33 Express Chipset and newer.
(CVE-2008-3831, Important) -
Miklos Szeredi reported a missing check for files opened with O_APPEND in
the sys_splice(). This could allow a local, unprivileged user to bypass the
append-only file restrictions. (CVE-2008-4554, Important) -
a deficiency was found in the Linux kernel Stream Control Transmission
Protocol (SCTP) implementation. This could lead to a possible denial of
service if one end of a SCTP connection did not support the AUTH extension.
(CVE-2008-4576, Important)
In addition, these updated packages fix the following bugs:
-
on Itaniumยฎ systems, when a multithreaded program was traced using the
command โstrace -fโ, messages such asPANIC: attached pid 10740 exited
PANIC: handle_group_exit: 10740 leader 10721
โฆ
will be displayed, and after which the trace would stop. With these
updated packages, โstrace -fโ command no longer results in these error
messages, and strace terminates normally after tracing all threads.
-
on big-endian systems such as PowerPC, the getsockopt() function
incorrectly returned 0 depending on the parameters passed to it when the
time to live (TTL) value equaled 255. -
when using an NFSv4 file system, accessing the same file with two
separate processes simultaneously resulted in the NFS client process
becoming unresponsive. -
on AMD64 and Intelยฎ 64 hypervisor-enabled systems, when a syscall
correctly returned โ-1โ in code compiled on Red Hat Enterprise Linux 5, the
same code, when run with the strace utility, would incorrectly return an
invalid return value. This has been fixed: on AMD64 and Intelยฎ 64
hypervisor-enabled systems, syscalls in compiled code return the same,
correct values as syscalls run with strace. -
on the Itaniumยฎ architecture, fully-virtualized guest domains created
using more than 64 GB of memory caused other guest domains not to receive
interrupts. This caused soft lockups on other guests. All guest domains are
now able to receive interrupts regardless of their allotted memory. -
when user-space used SIGIO notification, which was not disabled before
closing a file descriptor and was then re-enabled in a different process,
an attempt by the kernel to dereference a stale pointer led to a kernel
crash. With this fix, such a situation no longer causes a kernel crash. -
modifications to certain pages made through a memory-mapped region could
have been lost in cases when the NFS client needed to invalidate the page
cache for that particular memory-mapped file. -
fully-virtualized Windowsยฎ guests became unresponsive due to the vIOSAPIC
component being multiprocessor-unsafe. With this fix, vIOSAPIC is
multiprocessor-safe and Windows guests do not become unresponsive. -
on certain systems, keyboard controllers could not withstand continuous
requests to switch keyboard LEDs on or off. This resulted in some or all
key presses not being registered by the system. -
on the Itaniumยฎ architecture, setting the โvm.nr_hugepagesโ sysctl
parameter caused a kernel stack overflow resulting in a kernel panic, and
possibly stack corruption. With this fix, setting vm.nr_hugepages works
correctly. -
hugepages allow the Linux kernel to utilize the multiple page size
capabilities of modern hardware architectures. In certain configurations,
systems with large amounts of memory could fail to allocate most of this
memory for hugepages even if it was free. This could result, for example,
in database restart failures.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-December/077659.html
https://lists.centos.org/pipermail/centos-announce/2008-December/077660.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:1017
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 5 | i686 | kernel | <ย 2.6.18-92.1.22.el5 | kernel-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-debug | <ย 2.6.18-92.1.22.el5 | kernel-debug-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-debug-devel | <ย 2.6.18-92.1.22.el5 | kernel-debug-devel-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-devel | <ย 2.6.18-92.1.22.el5 | kernel-devel-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | noarch | kernel-doc | <ย 2.6.18-92.1.22.el5 | kernel-doc-2.6.18-92.1.22.el5.noarch.rpm |
| CentOS | 5 | i386 | kernel-headers | <ย 2.6.18-92.1.22.el5 | kernel-headers-2.6.18-92.1.22.el5.i386.rpm |
| CentOS | 5 | i686 | kernel-pae | <ย 2.6.18-92.1.22.el5 | kernel-PAE-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-pae-devel | <ย 2.6.18-92.1.22.el5 | kernel-PAE-devel-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-xen | <ย 2.6.18-92.1.22.el5 | kernel-xen-2.6.18-92.1.22.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-xen-devel | <ย 2.6.18-92.1.22.el5 | kernel-xen-devel-2.6.18-92.1.22.el5.i686.rpm |
Related
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.089 Low
EPSS
Percentile
94.5%