(RHSA-2010:0771) Moderate: kernel-rt security and bug fix update

The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

• On AMD64 systems, it was discovered that the kernel did not ensure the
  ELF interpreter was available before making a call to the SET_PERSONALITY
  macro. A local attacker could use this flaw to cause a denial of service by
  running a 32-bit application that attempts to execute a 64-bit application.
  (CVE-2010-0307, Moderate)

• Information leak flaws were found in the Linux kernel Traffic Control
  Unit implementation. A local attacker could use these flaws to cause the
  kernel to leak kernel memory to user-space, possibly leading to the
  disclosure of sensitive information. (CVE-2010-2942, Moderate)

• It was found that wireless drivers might not always clear allocated
  buffers when handling a driver-specific IOCTL information request. A local
  user could trigger this flaw to cause kernel memory to leak from the heap
  to user-space, leading to an information leak. (CVE-2010-2955, Moderate)

• A flaw was found in the eql_g_master_cfg() function in the Linux kernel
  equalizer load-balancer for serial network interfaces implementation. A
  data structure in eql_g_master_cfg() was not initialized properly before
  being copied to user-space. A local, unprivileged user could use this flaw
  to cause an information leak. (CVE-2010-3297, Moderate)

Red Hat would like to thank Mathias Krause for reporting CVE-2010-0307, and
Dan Rosenberg for reporting CVE-2010-3297.

This update also fixes the following bugs:

• The mkinitrd utility reported the following warning message when creating
  an initial ramdisk:

No module dm-mem-cache found for kernel [version], aborting.

This was caused by an erroneous dependency on dmraid-related modules. This
update removes these dependencies with the result that mkinitrd does not
issue a spurious warning about the dm-mem-cache module not being found.
(BZ#482753)

• The ibm_rtl kernel module now performs more exhaustive checking to ensure
  it only loads on correct IBM hardware. (BZ#612275)

• The realtime Linux kernel has been upgraded to upstream version
  2.6.33.7-rt29, which provides a number of bug fixes and enhancements for
  Red Hat Enterprise MRG 1.3. (BZ#638672)

Users should upgrade to these updated packages, which upgrade the kernel-rt
kernel to version 2.6.33.7-rt29 to correct these issues. The system must be
rebooted for this update to take effect.