(RHSA-2009:1024) Important: Red Hat Enterprise Linux 4.8 kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fixes:

• the exit_notify() function in the Linux kernel did not properly reset the
  exit signal if a process executed a set user ID (setuid) application before
  exiting. This could allow a local, unprivileged user to elevate their
  privileges. (CVE-2009-1337, Important)

• the Linux kernel implementation of the Network File System (NFS) did not
  properly initialize the file name limit in the nfs_server data structure.
  This flaw could possibly lead to a denial of service on a client mounting
  an NFS share. (CVE-2009-1336, Moderate)

Bug Fixes and Enhancements:

Kernel Feature Support:

• added a new allowable value to “/proc/sys/kernel/wake_balance” to allow
  the scheduler to run the thread on any available CPU rather than scheduling
  it on the optimal CPU.
• added “max_writeback_pages” tunable parameter to /proc/sys/vm/ to allow
  the maximum number of modified pages kupdate writes to disk, per iteration
  per run.
• added “swap_token_timeout” tunable parameter to /proc/sys/vm/ to provide
  a valid hold time for the swap out protection token.
• added diskdump support to sata_svw driver.
• limited physical memory to 64GB for 32-bit kernels running on systems
  with more than 64GB of physical memory to prevent boot failures.
• improved reliability of autofs.
• added support for ‘rdattr_error’ in NFSv4 readdir requests.
• fixed various short packet handling issues for NFSv4 readdir and sunrpc.
• fixed several CIFS bugs.

Networking and IPv6 Enablement:

• added router solicitation support.
• enforced sg requires tx csum in ethtool.

Platform Support:

x86, AMD64, Intel 64, IBM System z

• added support for a new Intel chipset.
• added initialization vendor info in boot_cpu_data.
• added support for N_Port ID Virtualization (NPIV) for IBM System z guests
  using zFCP.
• added HDMI support for some AMD and ATI chipsets.
• updated HDA driver in ALSA to latest upstream as of 2008-07-22.
• added support for affected_cpus for cpufreq.
• removed polling timer from i8042.
• fixed PM-Timer when using the ASUS A8V Deluxe motherboard.
• backported usbfs_mutex in usbfs.

64-bit PowerPC:

• updated eHEA driver from version 0078-04 to 0078-08.
• updated logging of checksum errors in the eHEA driver.

Network Driver Updates:

• updated forcedeth driver to latest upstream version 0.61.
• fixed various e1000 issues when using Intel ESB2 hardware.
• updated e1000e driver to upstream version 0.3.3.3-k6.
• updated igb to upstream version 1.2.45-k2.
• updated tg3 to upstream version 3.96.
• updated ixgbe to upstream version 1.3.18-k4.
• updated bnx2 to upstream version 1.7.9.
• updated bnx2x to upstream version 1.45.23.
• fixed bugs and added enhancements for the NetXen NX2031 and NX3031
  products.
• updated Realtek r8169 driver to support newer network chipsets. All
  variants of RTL810x/RTL8168(9) are now supported.

Storage Driver Updates:

• fixed various SCSI issues. Also, the SCSI sd driver now calls the
  revalidate_disk wrapper.
• fixed a dmraid reduced I/O delay bug in certain configurations.
• removed quirk aac_quirk_scsi_32 for some aacraid controllers.
• updated FCP driver on IBM System z systems with support for
  point-to-point connections.
• updated lpfc to version 8.0.16.46.
• updated megaraid_sas to version 4.01-RH1.
• updated MPT Fusion driver to version 3.12.29.00rh.
• updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s adapters.
• updated qla2xxx driver to version 8.02.09.00.04.08-d.
• fixed sata_nv in libsata to disable ADMA mode by default.

Miscellaneous Updates:

• upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to version
  1.4.
• added driver support and fixes for various Wacom tablets.

Users should install this update, which resolves these issues and adds
these enhancements.