Skip to navigation

Security Advisory kernel security update

Advisory: RHSA-2006:0617-15
Type: Security Advisory
Severity: Important
Issued on: 2006-08-22
Last updated on: 2006-08-22
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2004-2660
CVE-2006-1858
CVE-2006-2444
CVE-2006-2932
CVE-2006-2935
CVE-2006-2936
CVE-2006-3468
CVE-2006-3626
CVE-2006-3745

Details

Updated kernel packages that fix several security issues in the Red Hat
Enterprise Linux 4 kernel are now available.

This security advisory has been rated as having important security impact
by the Red Hat Security Response Team.

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

* a flaw in the proc file system that allowed a local user to use a
suid-wrapper for scripts to gain root privileges (CVE-2006-3626, Important)

* a flaw in the SCTP implementation that allowed a local user to cause a
denial of service (panic) or to possibly gain root privileges
(CVE-2006-3745, Important)

* a flaw in NFS exported ext2/ext3 partitions when handling invalid inodes
that allowed a remote authenticated user to cause a denial of service
(filesystem panic) (CVE-2006-3468, Important)

* a flaw in the restore_all code path of the 4/4GB split support of
non-hugemem kernels that allowed a local user to cause a denial of service
(panic) (CVE-2006-2932, Important)

* a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT
processing that allowed a remote user to cause a denial of service (crash)
or potential memory corruption (CVE-2006-2444, Moderate)

* a flaw in the DVD handling of the CDROM driver that could be used
together with a custom built USB device to gain root privileges
(CVE-2006-2935, Moderate)

* a flaw in the handling of O_DIRECT writes that allowed a local user
to cause a denial of service (memory consumption) (CVE-2004-2660, Low)

* a flaw in the SCTP chunk length handling that allowed a remote user to
cause a denial of service (crash) (CVE-2006-1858, Low)

* a flaw in the input handling of the ftdi_sio driver that allowed a local
user to cause a denial of service (memory consumption) (CVE-2006-2936, Low)

In addition a bugfix was added to enable a clean reboot for the IBM Pizzaro
machines.

Red Hat would like to thank Wei Wang of McAfee Avert Labs and Kirill
Korotaev for reporting issues fixed in this erratum.

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
kernel-2.6.9-42.0.2.EL.src.rpm
File outdated by:  RHBA-2011:1796		     MD5: 54e1895e65589da13c578594012ad0ba
 
IA-32:
kernel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 1291a2a6dc9592a76487e294917b578d
kernel-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: cc50eb8dc85ffe81e51b5671b247055d
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-hugemem-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 577b6373adda9800ad596998e36c40fa
kernel-hugemem-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ada48e3afccb1ee42e42a530eb4deeaf
kernel-smp-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: fe8ef825893ac5eadcf1586338a134f1
kernel-smp-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ead56e2d02db06b73fda433bd595cc53
 
x86_64:
kernel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 17a7f126cb4281b2b5dd8ad61707aae7
kernel-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 7e35aa5e4eec51b035aba44c6f943f63
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: e04d013bee91d91756d59d307fa9729c
kernel-largesmp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 527a75d26d8527108389aa7f169ef257
kernel-smp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 683fe326ac61ddc9ef6aa5bb54dbcb3f
kernel-smp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 12bba5dea4ee65a0410eabdf3e1ee608
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
kernel-2.6.9-42.0.2.EL.src.rpm
File outdated by:  RHBA-2011:1796		     MD5: 54e1895e65589da13c578594012ad0ba
 
IA-32:
kernel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 1291a2a6dc9592a76487e294917b578d
kernel-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: cc50eb8dc85ffe81e51b5671b247055d
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-hugemem-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 577b6373adda9800ad596998e36c40fa
kernel-hugemem-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ada48e3afccb1ee42e42a530eb4deeaf
kernel-smp-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: fe8ef825893ac5eadcf1586338a134f1
kernel-smp-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ead56e2d02db06b73fda433bd595cc53
 
IA-64:
kernel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: bb567bb51e0555b3052705ed5fe0f830
kernel-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 68cfdde76af247bc0368edd19d3e2109
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: dbe69a13ca5247468cb3c7835469b606
kernel-largesmp-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 4ea6bab2982a75b25906f1a32c9e460d
 
PPC:
kernel-2.6.9-42.0.2.EL.ppc64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 5244bb631af93bc453138e915d3e5d62
kernel-2.6.9-42.0.2.EL.ppc64iseries.rpm
File outdated by:  RHBA-2011:1796		     MD5: 1d0dc2c15b5409a6ea52be70a4f18ae2
kernel-devel-2.6.9-42.0.2.EL.ppc64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 73f49465cad104d8cc10555a5f87804b
kernel-devel-2.6.9-42.0.2.EL.ppc64iseries.rpm
File outdated by:  RHBA-2011:1796		     MD5: dc801bc32fb394a97a3c6fb4ac269395
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.ppc64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 4cb2878db54b921269d86077e34fa5e8
kernel-largesmp-devel-2.6.9-42.0.2.EL.ppc64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 79d07284ec30db2f1e779f47b533b35a
 
s390:
kernel-2.6.9-42.0.2.EL.s390.rpm
File outdated by:  RHBA-2011:1796		     MD5: 382c50bf0832812050dc3de847109aaf
kernel-devel-2.6.9-42.0.2.EL.s390.rpm
File outdated by:  RHBA-2011:1796		     MD5: 933c33891111e82f29223a2971c29a66
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
 
s390x:
kernel-2.6.9-42.0.2.EL.s390x.rpm
File outdated by:  RHBA-2011:1796		     MD5: 4a8a120fc9d01c253135fe934ca5b17a
kernel-devel-2.6.9-42.0.2.EL.s390x.rpm
File outdated by:  RHBA-2011:1796		     MD5: 65c260346e46078b8958a6b961cda8f9
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
 
x86_64:
kernel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 17a7f126cb4281b2b5dd8ad61707aae7
kernel-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 7e35aa5e4eec51b035aba44c6f943f63
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: e04d013bee91d91756d59d307fa9729c
kernel-largesmp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 527a75d26d8527108389aa7f169ef257
kernel-smp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 683fe326ac61ddc9ef6aa5bb54dbcb3f
kernel-smp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 12bba5dea4ee65a0410eabdf3e1ee608
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
kernel-2.6.9-42.0.2.EL.src.rpm
File outdated by:  RHBA-2011:1796		     MD5: 54e1895e65589da13c578594012ad0ba
 
IA-32:
kernel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 1291a2a6dc9592a76487e294917b578d
kernel-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: cc50eb8dc85ffe81e51b5671b247055d
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-hugemem-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 577b6373adda9800ad596998e36c40fa
kernel-hugemem-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ada48e3afccb1ee42e42a530eb4deeaf
kernel-smp-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: fe8ef825893ac5eadcf1586338a134f1
kernel-smp-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ead56e2d02db06b73fda433bd595cc53
 
IA-64:
kernel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: bb567bb51e0555b3052705ed5fe0f830
kernel-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 68cfdde76af247bc0368edd19d3e2109
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: dbe69a13ca5247468cb3c7835469b606
kernel-largesmp-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 4ea6bab2982a75b25906f1a32c9e460d
 
x86_64:
kernel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 17a7f126cb4281b2b5dd8ad61707aae7
kernel-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 7e35aa5e4eec51b035aba44c6f943f63
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: e04d013bee91d91756d59d307fa9729c
kernel-largesmp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 527a75d26d8527108389aa7f169ef257
kernel-smp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 683fe326ac61ddc9ef6aa5bb54dbcb3f
kernel-smp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 12bba5dea4ee65a0410eabdf3e1ee608
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
kernel-2.6.9-42.0.2.EL.src.rpm
File outdated by:  RHBA-2011:1796		     MD5: 54e1895e65589da13c578594012ad0ba
 
IA-32:
kernel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 1291a2a6dc9592a76487e294917b578d
kernel-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: cc50eb8dc85ffe81e51b5671b247055d
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-hugemem-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: 577b6373adda9800ad596998e36c40fa
kernel-hugemem-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ada48e3afccb1ee42e42a530eb4deeaf
kernel-smp-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: fe8ef825893ac5eadcf1586338a134f1
kernel-smp-devel-2.6.9-42.0.2.EL.i686.rpm
File outdated by:  RHBA-2011:1796		     MD5: ead56e2d02db06b73fda433bd595cc53
 
IA-64:
kernel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: bb567bb51e0555b3052705ed5fe0f830
kernel-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 68cfdde76af247bc0368edd19d3e2109
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: dbe69a13ca5247468cb3c7835469b606
kernel-largesmp-devel-2.6.9-42.0.2.EL.ia64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 4ea6bab2982a75b25906f1a32c9e460d
 
x86_64:
kernel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 17a7f126cb4281b2b5dd8ad61707aae7
kernel-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 7e35aa5e4eec51b035aba44c6f943f63
kernel-doc-2.6.9-42.0.2.EL.noarch.rpm
File outdated by:  RHBA-2011:1796		     MD5: e482f113556fcbe571bf28b63993b518
kernel-largesmp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: e04d013bee91d91756d59d307fa9729c
kernel-largesmp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 527a75d26d8527108389aa7f169ef257
kernel-smp-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 683fe326ac61ddc9ef6aa5bb54dbcb3f
kernel-smp-devel-2.6.9-42.0.2.EL.x86_64.rpm
File outdated by:  RHBA-2011:1796		     MD5: 12bba5dea4ee65a0410eabdf3e1ee608
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

191736 - CVE-2004-2660 O_DIRECT write sometimes leaks memory
192632 - CVE-2006-2444 SNMP NAT netfilter memory corruption
192636 - CVE-2006-1858 SCTP chunk length overflow
196280 - CVE-2006-2932 bogus %ds/%es security issue in restore_all
197610 - CVE-2006-2936 Possible DoS in write routine of ftdi_sio driver
197670 - CVE-2006-2935 Possible buffer overflow in DVD handling
198973 - CVE-2006-3626 Nasty /proc privilege escalation
199172 - CVE-2006-3468 Bogus FH in NFS request causes DoS in file system code
200111 - Can't reboot/halt on IBM Pizzaro machine
202122 - CVE-2006-3745 Local SCTP privilege escalation


References

https://www.redhat.com/security/data/cve/CVE-2004-2660.html
https://www.redhat.com/security/data/cve/CVE-2006-1858.html
https://www.redhat.com/security/data/cve/CVE-2006-2444.html
https://www.redhat.com/security/data/cve/CVE-2006-2932.html
https://www.redhat.com/security/data/cve/CVE-2006-2935.html
https://www.redhat.com/security/data/cve/CVE-2006-2936.html
https://www.redhat.com/security/data/cve/CVE-2006-3468.html
https://www.redhat.com/security/data/cve/CVE-2006-3626.html
https://www.redhat.com/security/data/cve/CVE-2006-3745.html
http://www.redhat.com/security/updates/classification/#important

Keywords

kernel, nahant, update

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/