Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2008:0607-4
Type: Security Advisory
Severity: Important
Issued on: 2008-07-23
Last updated on: 2008-07-23
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20080607.xml
CVEs (cve.mitre.org): CVE-2008-2136

Details

Updated kernel packages that fix a security issue and several bugs are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issue:

* a possible kernel memory leak was found in the Linux kernel Simple
Internet Transition (SIT) INET6 implementation. This could allow a local
unprivileged user to cause a denial of service. (CVE-2008-2136, Important)

As well, these updated packages fix the following bugs:

* a possible kernel hang on hugemem systems, due to a bug in NFS, which may
have caused systems to become unresponsive, has been resolved.

* an inappropriate exit condition occurred in the architecture-specific
"mmap()" realization, which fell into an infinite loop under certain
conditions. On 64-bit systems, this issue may have manifested itself to
users as a soft lockup, or process hangs.

* due to a bug in hardware initialization in the "ohci_hcd" kernel module,
the kernel may have failed with a NULL pointer dereference. On 64-bit
PowerPC systems, this may have caused booting to fail, and drop to xmon. On
other platforms, a kernel oops occurred.

* due to insufficient locks in task termination code, a panic may have
occurred in the "sys_times()" system call on SMP machines.

Red Hat Enterprise Linux 4 users are advised to upgrade to these updated
packages, which contain backported patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
kernel-2.6.9-67.0.22.EL.src.rpm
File outdated by:  RHSA-2008:0972		     ac14777a6f2a34cbef8c57b21ed914d7
 
IA-32:
kernel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e855665a701bad4ba394963034647bea
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f1aceae1efd42cbe51cc81b221bcea4c
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     b3ab80251b230a2ae975de762d593d81
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     ea2177325968f0d6c662417756f969d8
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     6a55c9eb3f7f6eb54a87a6817945e2ab
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     0eaa8cc3c5b2feac2ea7fbc8431fa729
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f56b67d3a7217be9dda3a891f6ffe7c9
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e77b658e95547b9f050e44c4443b9788
 
x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     903cb2c54484657c2526af1d047a28c2
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     da521f12f537654f181a9742ee4a3e13
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     0131c396e4b4d66a52f8fcc22c8708f9
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     4810e252bd33d0111de2c358b3f14122
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     b3cf42fc78c0278f031597bbf7cf5b8d
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     1c8ba58f0e21b0b8e28bda7840547bd3
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     3755bd118e8d5d936c408595c5bf7ad7
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     821b89382fea380729c283e6adecb223
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
kernel-2.6.9-67.0.22.EL.src.rpm
File outdated by:  RHSA-2008:0972		     ac14777a6f2a34cbef8c57b21ed914d7
 
IA-32:
kernel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e855665a701bad4ba394963034647bea
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f1aceae1efd42cbe51cc81b221bcea4c
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     b3ab80251b230a2ae975de762d593d81
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     ea2177325968f0d6c662417756f969d8
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     6a55c9eb3f7f6eb54a87a6817945e2ab
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     0eaa8cc3c5b2feac2ea7fbc8431fa729
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f56b67d3a7217be9dda3a891f6ffe7c9
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e77b658e95547b9f050e44c4443b9788
 
IA-64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     6a9bd6500a4175d74fb22178bb39a233
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     0676eb9a903e50ce3bd57941219171a0
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     ea6455da46094b3bc83025edceb45535
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     baaf360e76a34c7e5abc5a85f38382d2
 
PPC:
kernel-2.6.9-67.0.22.EL.ppc64.rpm
File outdated by:  RHSA-2008:0972		     54759d3393de9a34bcd07498b3b78021
kernel-2.6.9-67.0.22.EL.ppc64iseries.rpm
File outdated by:  RHSA-2008:0972		     3093cf64bdc452a8ce8c7489674f32e4
kernel-devel-2.6.9-67.0.22.EL.ppc64.rpm
File outdated by:  RHSA-2008:0972		     cb1049cc127ea3e2a060da7e4c6fae43
kernel-devel-2.6.9-67.0.22.EL.ppc64iseries.rpm
File outdated by:  RHSA-2008:0972		     574a38be8641e330efcaabeef51c9904
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.ppc64.rpm
File outdated by:  RHSA-2008:0972		     e652f2118a744019cddb7f798ad47dad
kernel-largesmp-devel-2.6.9-67.0.22.EL.ppc64.rpm
File outdated by:  RHSA-2008:0972		     2be80e186ac3ab14930c56ac38eb497e
 
s390:
kernel-2.6.9-67.0.22.EL.s390.rpm
File outdated by:  RHSA-2008:0972		     39507ca93b12e1a6ac3805ede3708e55
kernel-devel-2.6.9-67.0.22.EL.s390.rpm
File outdated by:  RHSA-2008:0972		     e03847093b3d156f662b9fae45e83088
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
 
s390x:
kernel-2.6.9-67.0.22.EL.s390x.rpm
File outdated by:  RHSA-2008:0972		     b1797d490a5f6c7ae78b2f5b640b1be6
kernel-devel-2.6.9-67.0.22.EL.s390x.rpm
File outdated by:  RHSA-2008:0972		     30d4c0bb2285a00f001b1966acf70db4
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
 
x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     903cb2c54484657c2526af1d047a28c2
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     da521f12f537654f181a9742ee4a3e13
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     0131c396e4b4d66a52f8fcc22c8708f9
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     4810e252bd33d0111de2c358b3f14122
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     b3cf42fc78c0278f031597bbf7cf5b8d
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     1c8ba58f0e21b0b8e28bda7840547bd3
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     3755bd118e8d5d936c408595c5bf7ad7
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     821b89382fea380729c283e6adecb223
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
kernel-2.6.9-67.0.22.EL.src.rpm
File outdated by:  RHSA-2008:0972		     ac14777a6f2a34cbef8c57b21ed914d7
 
IA-32:
kernel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e855665a701bad4ba394963034647bea
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f1aceae1efd42cbe51cc81b221bcea4c
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     b3ab80251b230a2ae975de762d593d81
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     ea2177325968f0d6c662417756f969d8
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     6a55c9eb3f7f6eb54a87a6817945e2ab
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     0eaa8cc3c5b2feac2ea7fbc8431fa729
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f56b67d3a7217be9dda3a891f6ffe7c9
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e77b658e95547b9f050e44c4443b9788
 
IA-64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     6a9bd6500a4175d74fb22178bb39a233
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     0676eb9a903e50ce3bd57941219171a0
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     ea6455da46094b3bc83025edceb45535
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     baaf360e76a34c7e5abc5a85f38382d2
 
x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     903cb2c54484657c2526af1d047a28c2
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     da521f12f537654f181a9742ee4a3e13
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     0131c396e4b4d66a52f8fcc22c8708f9
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     4810e252bd33d0111de2c358b3f14122
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     b3cf42fc78c0278f031597bbf7cf5b8d
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     1c8ba58f0e21b0b8e28bda7840547bd3
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     3755bd118e8d5d936c408595c5bf7ad7
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     821b89382fea380729c283e6adecb223
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
kernel-2.6.9-67.0.22.EL.src.rpm
File outdated by:  RHSA-2008:0972		     ac14777a6f2a34cbef8c57b21ed914d7
 
IA-32:
kernel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e855665a701bad4ba394963034647bea
kernel-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f1aceae1efd42cbe51cc81b221bcea4c
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-hugemem-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     b3ab80251b230a2ae975de762d593d81
kernel-hugemem-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     ea2177325968f0d6c662417756f969d8
kernel-smp-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     6a55c9eb3f7f6eb54a87a6817945e2ab
kernel-smp-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     0eaa8cc3c5b2feac2ea7fbc8431fa729
kernel-xenU-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     f56b67d3a7217be9dda3a891f6ffe7c9
kernel-xenU-devel-2.6.9-67.0.22.EL.i686.rpm
File outdated by:  RHSA-2008:0972		     e77b658e95547b9f050e44c4443b9788
 
IA-64:
kernel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     6a9bd6500a4175d74fb22178bb39a233
kernel-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     0676eb9a903e50ce3bd57941219171a0
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     ea6455da46094b3bc83025edceb45535
kernel-largesmp-devel-2.6.9-67.0.22.EL.ia64.rpm
File outdated by:  RHSA-2008:0972		     baaf360e76a34c7e5abc5a85f38382d2
 
x86_64:
kernel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     903cb2c54484657c2526af1d047a28c2
kernel-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     da521f12f537654f181a9742ee4a3e13
kernel-doc-2.6.9-67.0.22.EL.noarch.rpm
File outdated by:  RHSA-2008:0972		     732335378804f23fbff0768310b8b26d
kernel-largesmp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     0131c396e4b4d66a52f8fcc22c8708f9
kernel-largesmp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     4810e252bd33d0111de2c358b3f14122
kernel-smp-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     b3cf42fc78c0278f031597bbf7cf5b8d
kernel-smp-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     1c8ba58f0e21b0b8e28bda7840547bd3
kernel-xenU-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     3755bd118e8d5d936c408595c5bf7ad7
kernel-xenU-devel-2.6.9-67.0.22.EL.x86_64.rpm
File outdated by:  RHSA-2008:0972		     821b89382fea380729c283e6adecb223
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

446031 - CVE-2008-2136 kernel: sit memory leak
450185 - [RHEL 4] cffimtgsaslx08 hung
450760 - Patch for bug 360281 "Odd behaviour in mmap" introduces regression
450865 - kernel failed to boot and dropped to xmon
455072 - kernel panic with kernel version 2.6.9-67.0.20.EL


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2136
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/