(RHSA-2009:0326) Important: kernel security and bug fix update

ID RHSA-2009:0326
Type redhat
Reporter RedHat
Modified 2017-09-08T11:55:19


The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security fixes:

  • memory leaks were found on some error paths in the icmp_send() function in the Linux kernel. This could, potentially, cause the network connectivity to cease. (CVE-2009-0778, Important)

  • Chris Evans reported a deficiency in the clone() system call when called with the CLONE_PARENT flag. This flaw permits the caller (the parent process) to indicate an arbitrary signal it wants to receive when its child process exits. This could lead to a denial of service of the parent process. (CVE-2009-0028, Moderate)

  • an off-by-one underflow flaw was found in the eCryptfs subsystem. This could potentially cause a local denial of service when the readlink() function returned an error. (CVE-2009-0269, Moderate)

  • a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size files in "/sys/devices/platform/dell_rbu/". (CVE-2009-0322, Moderate)

  • an inverted logic flaw was found in the SysKonnect FDDI PCI adapter driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN capability was absent (local, unprivileged users could reset driver statistics). (CVE-2009-0675, Moderate)

  • the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure. (CVE-2009-0676, Moderate)

  • the ext2 and ext3 file system code failed to properly handle corrupted data structures, leading to a possible local denial of service when read or write operations were performed on a specially-crafted file system. (CVE-2008-3528, Low)

  • a deficiency was found in the libATA implementation. This could, potentially, lead to a local denial of service. Note: by default, the "/dev/sg*" devices are accessible only to the root user. (CVE-2008-5700, Low)

Bug fixes:

  • a bug in aic94xx may have caused kernel panics during boot on some systems with certain SATA disks. (BZ#485909)

  • a word endianness problem in the qla2xx driver on PowerPC-based machines may have corrupted flash-based devices. (BZ#485908)

  • a memory leak in pipe() may have caused a system deadlock. The workaround in Section 1.5, Known Issues, of the Red Hat Enterprise Linux 5.3 Release Notes Updates, which involved manually allocating extra file descriptors to processes calling do_pipe, is no longer necessary. (BZ#481576)

  • CPU soft-lockups in the network rate estimator. (BZ#481746)

  • bugs in the ixgbe driver caused it to function unreliably on some systems with 16 or more CPU cores. (BZ#483210)

  • the iwl4965 driver may have caused a kernel panic. (BZ#483206)

  • a bug caused NFS attributes to not update for some long-lived NFS mounted file systems. (BZ#483201)

  • unmounting a GFS2 file system may have caused a panic. (BZ#485910)

  • a bug in ptrace() may have caused a panic when single stepping a target. (BZ#487394)

  • on some 64-bit systems, notsc was incorrectly set at boot, causing slow gettimeofday() calls. (BZ#488239)

  • do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#490433)

  • scaling problems caused performance problems for LAPI applications. (BZ#489457)

  • a panic may have occurred on systems using certain Intel WiFi Link 5000 products when booting with the RF Kill switch on. (BZ#489846)

  • the TSC is invariant with C/P/T states, and always runs at constant frequency from now on. (BZ#489310)

All users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.