Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2010:0677-1
Type: Security Advisory
Severity: Important
Issued on: 2010-09-07
Last updated on: 2010-09-07
Affected Products: Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4.7.z)
CVEs (cve.mitre.org): CVE-2010-2240

Details

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.7 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* When an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code,
possibly leading to privilege escalation. It is known that the X Window
System server can be used to trigger this flaw. (CVE-2010-2240, Important)

Red Hat would like to thank the X.Org security team for reporting this
issue. Upstream acknowledges Rafal Wojtczuk as the original reporter.

Users should upgrade to these updated packages, which contain backported
patches to correct this issue. The system must be rebooted for this update
to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
kernel-2.6.9-78.0.32.EL.src.rpm
File outdated by:  RHBA-2010:0887		     MD5: 86f34953ede129ea60dbf19520e7d224
SHA-256: 35f73b8670ce7292543e762f975bf45616440776b6c9fcd30dce9931b6735fb1
 
IA-32:
kernel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 1656c914fbdc8ac20d63c66c826a5fc5
SHA-256: 17c68518296e7cb2c4be819e466b362b6a600d966af8a0bbe3102e0d77450e9c
kernel-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 50d13ca1a45561333723ed04bf105da4
SHA-256: 25255b610437b6a541bdcc945ce5fa82eac789594fdeaf2673a458e13a09470d
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-hugemem-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 4bb045afc31bc5de0addc5baa367d10f
SHA-256: cb967a0457aa02577a27ef270e86fe23c9844aeb7ee4dd7b4f547bcfcef322a6
kernel-hugemem-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 92ac48c75e68fb8c06eff0529d0716c0
SHA-256: eddd03541cc1bdc2c44df3401a02f4875ad2e2327bfa5f6be5a905a887ce6fc5
kernel-smp-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 5fa6fbe541d14da5735d8f5ff8ddeaab
SHA-256: 02692b777136cf10c5baa313e227d3397fbcc4633008c87baaedb07eba89e363
kernel-smp-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 436dcdebecf18463569bb0530f5864cb
SHA-256: 6a4e8e6b350f75b786441a04ad1a344282cbb5810dc58e8cdafeeaa77200339d
kernel-xenU-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3427e6f453ab930cedaefdf4eb5d6cbf
SHA-256: 14352732e152fbc6d6887cdc16bae51a7644b306f8a8d951b39524d79010143a
kernel-xenU-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 827540507c5bdd9a27a6afce4ca7f912
SHA-256: 402b934053e9502e028701682a6581edc0a4f888b3061285e293ba799cc89a01
 
IA-64:
kernel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 971e25c9f7407daaa321cbe5876c03c6
SHA-256: 35d2dc0b5fcd9876ea91b464b28d7c429beae0ab84ce7379f0c2f1ad51177f09
kernel-devel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 00077963470aaced83486cfe706fb505
SHA-256: a817a6f5a68ef474560c9cfe7b524c4ebabbc117fa4746a06cd8345571711b7a
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: ef5e02351c3b4c25ec457900f7f4fe2d
SHA-256: 50c53913bbc04a45db7a55d1620b1b26d5c9085b3c839e68e939786ab938758d
kernel-largesmp-devel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: e1d97e6dffd56d3d6dc82c5e6528481e
SHA-256: f944730d73220bb39669634d6de6cbc6679b5a442b2d742779ddc09f043364f4
 
PPC:
kernel-2.6.9-78.0.32.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: be5f7adb50cb711f2090b5240fe51777
SHA-256: 04c71d0cfcea56b76d5af1e2518fe90453cd2b1069d9c12ba338adf75e524d4c
kernel-2.6.9-78.0.32.EL.ppc64iseries.rpm
File outdated by:  RHBA-2010:0887		     MD5: aefe8d7b01caa6fbe6aaa9682f6c50df
SHA-256: 6fccae1b5862c2b4e2eb855a488dc887141503c8768f02b7cf98e6e05ac6a328
kernel-devel-2.6.9-78.0.32.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 596de77c10956ce5ff44e5483a2f997f
SHA-256: 024511bc18e95aaab9bdd4e94717acf387478f60446f7dfd16afeceecfe338b9
kernel-devel-2.6.9-78.0.32.EL.ppc64iseries.rpm
File outdated by:  RHBA-2010:0887		     MD5: d008b67e55653b5c7ca8802c110e4fdd
SHA-256: 8d75ca13e7b1d0b11830adb91ff8b6a559a78674b91d410911fc1d2e2c0d82bf
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: a6b814b059d72064b09b42d1df5f8b3b
SHA-256: 46ea0b5d446db2b404c44f630803713afbcf60049217debafe630b2ac5d94c13
kernel-largesmp-devel-2.6.9-78.0.32.EL.ppc64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 2325f08446f37ed4836142516b826a2b
SHA-256: 725209bfb401938ddf48e75a5f953b9c467922ac4cd589238b94265cfcf6aa71
 
s390:
kernel-2.6.9-78.0.32.EL.s390.rpm
File outdated by:  RHBA-2010:0887		     MD5: 938ef8a918b0f2d725baa650a1544345
SHA-256: a74e3864a328d7c7741213b60d26decb005ff26169136fbd6e2b19439ae28bca
kernel-devel-2.6.9-78.0.32.EL.s390.rpm
File outdated by:  RHBA-2010:0887		     MD5: 1c98ee3ffe8ffe215d7fb53f372e025a
SHA-256: 57cbd55838ac65534b009ca29b7e4f4a637c9f98f1f77e17d7b208b41dd5141a
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
 
s390x:
kernel-2.6.9-78.0.32.EL.s390x.rpm
File outdated by:  RHBA-2010:0887		     MD5: b9a894dacf65a855b4196874d45695ef
SHA-256: b064f18d3f07c7162a2d6765a3b22783e9623a4c9592a455faf074ee14e7732a
kernel-devel-2.6.9-78.0.32.EL.s390x.rpm
File outdated by:  RHBA-2010:0887		     MD5: 7860b312f6987977491583055423709e
SHA-256: 61582a46143825cd2ab2412cc678d5a27a5402b1574c50e6d8599ea4d361b4f4
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
 
x86_64:
kernel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: accc55d0ced1a59757bacbbb67a3c0e7
SHA-256: 38021e7b292494278c09c4851ea60e48ef3fa1c8d7e346dfeb838429d13ce1b2
kernel-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3eb072142df1b1309d55c952ee03818f
SHA-256: e83c73f154ece8936690b24285c3c2659bb86653b996fe6bda990da75fa25523
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 22522998a8279702eb841674c51c8e7c
SHA-256: fc7c5b10a2832a3039df5efa56140836f0ee7d2d4810bc5248ca315998f738cb
kernel-largesmp-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: d9c7f6bda018094cc11d903590327924
SHA-256: 4791f38a5ef6f2c7660cf1396b83c9479b2441d5988a3e46418da8b648ec4788
kernel-smp-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 228142cd70659f889301d941dccbcb9a
SHA-256: b5c01112fa4712ba0c67c626d589ee6e3d3ae345f7544ffff0e74ac4beb32428
kernel-smp-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 510c9affee945f954852a79d67735ba6
SHA-256: 9b203095eb4f4571db277f4a4ffbaea8b9e388e3fcd66e850629ba5ed116118c
kernel-xenU-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: b6f254b92b14df6359ca61b653076721
SHA-256: 1b294f155e3428e30cd656dcf12e1aa093e5bc5a7b08063aa634507d3a481d91
kernel-xenU-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 51ab9ca72ae128b1f2b297b6706974bc
SHA-256: 090858e148a88840bf068892efc9401c6554d1ca2db6c7b9995714057084b7ba
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
kernel-2.6.9-78.0.32.EL.src.rpm
File outdated by:  RHBA-2010:0887		     MD5: 86f34953ede129ea60dbf19520e7d224
SHA-256: 35f73b8670ce7292543e762f975bf45616440776b6c9fcd30dce9931b6735fb1
 
IA-32:
kernel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 1656c914fbdc8ac20d63c66c826a5fc5
SHA-256: 17c68518296e7cb2c4be819e466b362b6a600d966af8a0bbe3102e0d77450e9c
kernel-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 50d13ca1a45561333723ed04bf105da4
SHA-256: 25255b610437b6a541bdcc945ce5fa82eac789594fdeaf2673a458e13a09470d
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-hugemem-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 4bb045afc31bc5de0addc5baa367d10f
SHA-256: cb967a0457aa02577a27ef270e86fe23c9844aeb7ee4dd7b4f547bcfcef322a6
kernel-hugemem-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 92ac48c75e68fb8c06eff0529d0716c0
SHA-256: eddd03541cc1bdc2c44df3401a02f4875ad2e2327bfa5f6be5a905a887ce6fc5
kernel-smp-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 5fa6fbe541d14da5735d8f5ff8ddeaab
SHA-256: 02692b777136cf10c5baa313e227d3397fbcc4633008c87baaedb07eba89e363
kernel-smp-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 436dcdebecf18463569bb0530f5864cb
SHA-256: 6a4e8e6b350f75b786441a04ad1a344282cbb5810dc58e8cdafeeaa77200339d
kernel-xenU-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3427e6f453ab930cedaefdf4eb5d6cbf
SHA-256: 14352732e152fbc6d6887cdc16bae51a7644b306f8a8d951b39524d79010143a
kernel-xenU-devel-2.6.9-78.0.32.EL.i686.rpm
File outdated by:  RHBA-2010:0887		     MD5: 827540507c5bdd9a27a6afce4ca7f912
SHA-256: 402b934053e9502e028701682a6581edc0a4f888b3061285e293ba799cc89a01
 
IA-64:
kernel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 971e25c9f7407daaa321cbe5876c03c6
SHA-256: 35d2dc0b5fcd9876ea91b464b28d7c429beae0ab84ce7379f0c2f1ad51177f09
kernel-devel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 00077963470aaced83486cfe706fb505
SHA-256: a817a6f5a68ef474560c9cfe7b524c4ebabbc117fa4746a06cd8345571711b7a
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: ef5e02351c3b4c25ec457900f7f4fe2d
SHA-256: 50c53913bbc04a45db7a55d1620b1b26d5c9085b3c839e68e939786ab938758d
kernel-largesmp-devel-2.6.9-78.0.32.EL.ia64.rpm
File outdated by:  RHBA-2010:0887		     MD5: e1d97e6dffd56d3d6dc82c5e6528481e
SHA-256: f944730d73220bb39669634d6de6cbc6679b5a442b2d742779ddc09f043364f4
 
x86_64:
kernel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: accc55d0ced1a59757bacbbb67a3c0e7
SHA-256: 38021e7b292494278c09c4851ea60e48ef3fa1c8d7e346dfeb838429d13ce1b2
kernel-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3eb072142df1b1309d55c952ee03818f
SHA-256: e83c73f154ece8936690b24285c3c2659bb86653b996fe6bda990da75fa25523
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm
File outdated by:  RHBA-2010:0887		     MD5: 3ab3dd2a92e4842b677db88d5d688690
SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 22522998a8279702eb841674c51c8e7c
SHA-256: fc7c5b10a2832a3039df5efa56140836f0ee7d2d4810bc5248ca315998f738cb
kernel-largesmp-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: d9c7f6bda018094cc11d903590327924
SHA-256: 4791f38a5ef6f2c7660cf1396b83c9479b2441d5988a3e46418da8b648ec4788
kernel-smp-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 228142cd70659f889301d941dccbcb9a
SHA-256: b5c01112fa4712ba0c67c626d589ee6e3d3ae345f7544ffff0e74ac4beb32428
kernel-smp-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 510c9affee945f954852a79d67735ba6
SHA-256: 9b203095eb4f4571db277f4a4ffbaea8b9e388e3fcd66e850629ba5ed116118c
kernel-xenU-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: b6f254b92b14df6359ca61b653076721
SHA-256: 1b294f155e3428e30cd656dcf12e1aa093e5bc5a7b08063aa634507d3a481d91
kernel-xenU-devel-2.6.9-78.0.32.EL.x86_64.rpm
File outdated by:  RHBA-2010:0887		     MD5: 51ab9ca72ae128b1f2b297b6706974bc
SHA-256: 090858e148a88840bf068892efc9401c6554d1ca2db6c7b9995714057084b7ba
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment


References

https://www.redhat.com/security/data/cve/CVE-2010-2240.html
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/