Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2009:1469-1
Type: Security Advisory
Severity: Important
Issued on: 2009-09-30
Last updated on: 2009-09-30
Affected Products: Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4.7.z)
CVEs (cve.mitre.org): CVE-2009-1389
CVE-2009-2692
CVE-2009-2698

Details

Updated kernel packages that fix several security issues are now available
for Red Hat Enterprise Linux 4.7 Extended Update Support.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in
the Linux kernel. This driver allowed interfaces using this driver to
receive frames larger than what could be handled. This could lead to a
remote denial of service or code execution. (CVE-2009-1389, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the SOCKOPS_WRAP macro in the Linux kernel. This macro did not
initialize the sendpage operation in the proto_ops structure correctly. A
local, unprivileged user could use this flaw to cause a local denial of
service or escalate their privileges. (CVE-2009-2692, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the udp_sendmsg() implementation in the Linux kernel when using the
MSG_MORE flag on UDP sockets. A local, unprivileged user could use this
flaw to cause a local denial of service or escalate their privileges.
(CVE-2009-2698, Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
kernel-2.6.9-78.0.27.EL.src.rpm
File outdated by:  RHBA-2010:0887		     MD5: 964a051bb0de8ecd640c551d3fdafcbc
 
IA-32:
kernel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: c25718952ff243adfab4072455bf9f49
kernel-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 9c2a067f9f76eeb1979f36b938a8de14
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-hugemem-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: d7e86941096de098572cea7f7cd004b9
kernel-hugemem-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 337dff65fc0502e710c83f0ad66a0418
kernel-smp-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: f6eb2298053a0f7dd99d90ee28ed82d2
kernel-smp-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 14fd755137a6822be7a0ddee48c479e1
kernel-xenU-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 0876e29ae9056208efba34733d987c4f
kernel-xenU-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 59732e805e19fba399860613fa033345
 
IA-64:
kernel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 48b117c860ee08ba1b419f16064c3f33
kernel-devel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 800277291c317839e7a694941b798886
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-largesmp-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 59de9b5da61a9e2a74144f15894ae9e7
kernel-largesmp-devel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: cbbea2749a8c146894d1766c6947a88c
 
PPC:
kernel-2.6.9-78.0.27.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 53a2ca0d29b3644cf2430153bd3037f6
kernel-2.6.9-78.0.27.EL.ppc64iseries.rpm
File outdated by:  RHBA-2010:0887		     MD5: 88fee0d6b980f2987221a031c56f8bd8
kernel-devel-2.6.9-78.0.27.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: f09a47937072a7f9f15f5403e496b618
kernel-devel-2.6.9-78.0.27.EL.ppc64iseries.rpm
File outdated by:  RHBA-2010:0887		     MD5: 9569feae1ca731aa1810a9b7cd859e6d
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-largesmp-2.6.9-78.0.27.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 2491a99203e38d7f1cff2265f873ae8b
kernel-largesmp-devel-2.6.9-78.0.27.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 9bd196e96f7be44c9a4f9becb2191eba
 
s390:
kernel-2.6.9-78.0.27.EL.s390.rpm
File outdated by:  RHBA-2010:0887		     MD5: 4cfcac7f06ffcbcf0c618524ec9fcdc0
kernel-devel-2.6.9-78.0.27.EL.s390.rpm
File outdated by:  RHBA-2010:0887		     MD5: ca94646a27f4c06495eef201a73231f5
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
 
s390x:
kernel-2.6.9-78.0.27.EL.s390x.rpm
File outdated by:  RHBA-2010:0887		     MD5: 9dd6aa188df7f59bb63b9ace80265380
kernel-devel-2.6.9-78.0.27.EL.s390x.rpm
File outdated by:  RHBA-2010:0887		     MD5: eec59d98c4f6f4eb64969f324236d0e9
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
 
x86_64:
kernel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 96ed81d2de281e3076eb897cb597c12e
kernel-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: d91a98aea83cc46517799baff56fc2e2
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-largesmp-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 2916550b2dcfc884e49cf16768546e44
kernel-largesmp-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: b8de391390f1038ac8a82c92c00c981d
kernel-smp-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 0332d9ec2283dfefe027ee0dfa1986f0
kernel-smp-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 010df805d46dc701156706844ce05e9b
kernel-xenU-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 80f24172eec986a4d3e7f5bd7f74dbf1
kernel-xenU-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 8c90bf389605aba65b3685852bbbd3c7
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
kernel-2.6.9-78.0.27.EL.src.rpm
File outdated by:  RHBA-2010:0887		     MD5: 964a051bb0de8ecd640c551d3fdafcbc
 
IA-32:
kernel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: c25718952ff243adfab4072455bf9f49
kernel-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 9c2a067f9f76eeb1979f36b938a8de14
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-hugemem-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: d7e86941096de098572cea7f7cd004b9
kernel-hugemem-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 337dff65fc0502e710c83f0ad66a0418
kernel-smp-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: f6eb2298053a0f7dd99d90ee28ed82d2
kernel-smp-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 14fd755137a6822be7a0ddee48c479e1
kernel-xenU-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 0876e29ae9056208efba34733d987c4f
kernel-xenU-devel-2.6.9-78.0.27.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 59732e805e19fba399860613fa033345
 
IA-64:
kernel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 48b117c860ee08ba1b419f16064c3f33
kernel-devel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 800277291c317839e7a694941b798886
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-largesmp-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 59de9b5da61a9e2a74144f15894ae9e7
kernel-largesmp-devel-2.6.9-78.0.27.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: cbbea2749a8c146894d1766c6947a88c
 
x86_64:
kernel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 96ed81d2de281e3076eb897cb597c12e
kernel-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: d91a98aea83cc46517799baff56fc2e2
kernel-doc-2.6.9-78.0.27.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 752e84c5b93c3337c2ddbde401c55ef4
kernel-largesmp-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 2916550b2dcfc884e49cf16768546e44
kernel-largesmp-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: b8de391390f1038ac8a82c92c00c981d
kernel-smp-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 0332d9ec2283dfefe027ee0dfa1986f0
kernel-smp-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 010df805d46dc701156706844ce05e9b
kernel-xenU-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 80f24172eec986a4d3e7f5bd7f74dbf1
kernel-xenU-devel-2.6.9-78.0.27.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 8c90bf389605aba65b3685852bbbd3c7
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

504726 - CVE-2009-1389 kernel: r8169: fix crash when large packets are received
516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
518034 - CVE-2009-2698 kernel: udp socket NULL ptr dereference


References

https://www.redhat.com/security/data/cve/CVE-2009-1389.html
https://www.redhat.com/security/data/cve/CVE-2009-2692.html
https://www.redhat.com/security/data/cve/CVE-2009-2698.html
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/