Important: kernel security update
| Advisory: | RHSA-2010:0792-1 |
|---|---|
| Type: | Security Advisory |
| Severity: | Important |
| Issued on: | 2010-10-25 |
| Last updated on: | 2010-10-25 |
| Affected Products: | Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
| CVEs (cve.mitre.org): |
CVE-2010-3904 |
Details
Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
* The rds_page_copy_user() function in the Linux kernel Reliable Datagram
Sockets (RDS) protocol implementation was missing sanity checks. A local,
unprivileged user could use this flaw to escalate their privileges.
(CVE-2010-3904, Important)
Red Hat would like to thank Dan Rosenberg of Virtual Security Research for
reporting this issue.
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.
Updated packages
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| kernel-2.6.18-194.17.4.el5.src.rpm File outdated by: RHSA-2013:0847 |
MD5: 63cbe99f2acb4f106e536e029924a7e0 SHA-256: a20bccdad9d454b19fc5c5701b099a60fbaa363f4823ee167c01402f4cac0d73 |
| IA-32: | |
| kernel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: addb5efd71812e7736fbd3e0568e5b3e SHA-256: f0a41dc1941f1ba03cb01ab877697c2abd259175133270380957eaa47abfef00 |
| kernel-PAE-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 6db59081ff8a1f5f8fb1fef0d14366cd SHA-256: 1bc7efdfe4596db8a13fc67658326f9196070821b4f354bf5a85a2494318f547 |
| kernel-PAE-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: e5f42a55c37a936612a9e3cb67ee4df4 SHA-256: f34350bf415e31bd8b3785f5123c2c430da4863c224ac2ac746e73ca505be187 |
| kernel-debug-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 4b97c47ebb342337bebca09d25454357 SHA-256: 503ef9bacfb85ca2ce4552338bac91c32721a40517c165114d6aeecf05d06c01 |
| kernel-debug-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 2ee331f287bd140fbeced6f02db9f31e SHA-256: 0f4ffc6d19d0e937b39918d5f86a1039724482e207799d2871d54996a9beab82 |
| kernel-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: b6837d3b8646d535707e13527f67a076 SHA-256: 546dcab040cef7637274cd609f1084064977d90be946d801ff2ec51b1988857c |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.i386.rpm File outdated by: RHSA-2013:0847 |
MD5: 13162edae3e38489a7f662a3937f198a SHA-256: 52f62770580cff254409a3ffb1561dd86c11e497a0b246a4b8452400d1a2e60e |
| kernel-xen-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 585e05b5fc43942f82271dad22c13828 SHA-256: a2a2de41c4966d17e8daa85cc69a19355fd2d121d76ab916ebbaf505d5a326a4 |
| kernel-xen-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: f4e124251076ee57fc353b8cc5fb74f9 SHA-256: 1ddbc1376d7a694b948a7ec08a3e1055f0f0ef59393f4d72e3847e81588e547c |
| IA-64: | |
| kernel-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 45bf30a7c17a49c404a5420376f1412b SHA-256: d1fb9076e171f9e8bb20c797b68ff7ef4a3bf73afe0c8c00b3d2d410db39e111 |
| kernel-debug-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: a90498c7941ff876779dc79fd0f80cbe SHA-256: 65f21f94ea24049857bef299904b8c6edee7b92087a0dd701951789d3d0b0a96 |
| kernel-debug-devel-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 8db22b5adfbd47cae991dff4c30d67a7 SHA-256: a17eda0804a903d1a7b5ef3d34dd6cf9a8e2e1b3425bcd902aa3d7f0576df428 |
| kernel-devel-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 2115938e8142c59af1c32585be72f012 SHA-256: 27cedd1e1d7830751242a77becb249be33a82162b9673642e120bb577bc65ff3 |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 1e0ce982548fa518bacead7a73cecb01 SHA-256: 1a1685a630af6193ed3ecd81b114160f2e9135350cc663137d0697d41461417e |
| kernel-xen-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 473f5129899c3750f42e7245984ddb22 SHA-256: a79eca6136c91fb70df84a5a29d2153c79d48f8a2df61faf513730745fa49f27 |
| kernel-xen-devel-2.6.18-194.17.4.el5.ia64.rpm File outdated by: RHSA-2013:0847 |
MD5: 0341b7ea78844c2f4612518ea2fecaea SHA-256: a5cdafd0fa434fe60089eb597725c972c26553c158b5f5659f892460b92b51ec |
| PPC: | |
| kernel-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: 11b8ea54f60cea610f867e333500f6b0 SHA-256: 5bc2a47de21d8044cf6c9d5671f27b8cd2c5b2258a818ec0ccab03bde353faec |
| kernel-debug-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: d8dff249b6dc57b1fd5ce54027b3ea35 SHA-256: d19f6fd51e05410f69a4e72b04aa7005c443408a116403b308e4d5efbee586ef |
| kernel-debug-devel-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: 8a35b49c3cec72bb32f88f9cdc5b53d8 SHA-256: 7325767183148a3686d8bd8ab319f0bd1b00c28a5c2647d1045618c5de44d2f3 |
| kernel-devel-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: 2aac24a426aa7797103f430aaae10b51 SHA-256: 8a2995694e4737e3f6df6c8ea226a764fa83995877a088e701a4949a53975bbe |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.ppc.rpm File outdated by: RHSA-2013:0847 |
MD5: 40e361925dcf7a88e7314547be6fd180 SHA-256: 24a7f710a257f7615d2252fa10348ee43665c69b72eb5ee6fe7115aacabf4306 |
| kernel-headers-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: ab14d21c7a417845069dc1b39d00569a SHA-256: 9fe641c4e4a29c6e7bfa50eccf2c19387aaa0e1e4501dc9cd50bb1e0832d2f7a |
| kernel-kdump-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: 249fd64505fed6588fe713c6a788d886 SHA-256: 0c828e14b18fb0ecdf90b620e0eca5a8bbf07bc217a24d3007563441ee1379e2 |
| kernel-kdump-devel-2.6.18-194.17.4.el5.ppc64.rpm File outdated by: RHSA-2013:0847 |
MD5: f8a34ed8e1da4da677058055f4fcd643 SHA-256: f8389ce3ae81bf2bead8b73d5d82b6d2fc5c0cca821cf39fbf8bfb5a430c9a14 |
| s390x: | |
| kernel-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: 8f12ee5332e9ad21391220bd7235c345 SHA-256: 400496c2999460f1d9d261133cbf7258f0b7bf8147a7cda73be665aa930fd857 |
| kernel-debug-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: 30cd0bfbd997548d28d7823b34648640 SHA-256: 5cebed11c76a8ce2bf49d8176c6cbe9188bc1eb3b80c14b66f0ac9d9c1351380 |
| kernel-debug-devel-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: d0b8cb33105df6fd97aa68c4c4dd68ed SHA-256: ccafb143e4db7852a4bf49d4154e45f70b41879afa610d3c88908abb7c3c1926 |
| kernel-devel-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: c0a07fb45f3206001b53bbdb39bdb849 SHA-256: 2bcad6211145f499939533021a9b25e1bf5e15cbaad08a3cb843294f11b403d5 |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: 710bc84310cffea3c65499d2ebb8190b SHA-256: 391ab69eb2e343827bf3ccfb2d6cadc0dcf09344cb4614b058e9323bbce8e843 |
| kernel-kdump-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: edfd082eabda67ef0d636ad4af0567a3 SHA-256: c240b8e59a2900f76aa9f012d8410e71fea6d7d3ab00b0a0e64f6cf2f0377d6b |
| kernel-kdump-devel-2.6.18-194.17.4.el5.s390x.rpm File outdated by: RHSA-2013:0847 |
MD5: 10c107be3f1461eeab331bb0d2034685 SHA-256: 785b7ad1fbd7d25d345f86d47175a400d0280af574e191beb60db1775023092a |
| x86_64: | |
| kernel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: adc289a7832dfc0711b90fb4798d1d7e SHA-256: d721e5a13701939ea2bda150684428c7fefa02a1df14f7104d5f8776294a441e |
| kernel-debug-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 8c65986cd2d8f373a87056e872880895 SHA-256: 7e294df1f786aca9aeb53bbde9a0d15a19649e41fa5ccc52818daaa173e709f1 |
| kernel-debug-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: bf2379f94d39e6d0ffc7febc35546cae SHA-256: 87e557a7fe29169febf6b47cd66d314b559a39c8e3e1c29638db70da4331024a |
| kernel-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: aa8c9a67803da07d522992ae9587bb3a SHA-256: fcdfe37bee426e86bca1bc7c4e5cf77650d8a1fe5183703bb7fd8fa71fad053c |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 94d7298a75b59e2d545d86585456bdca SHA-256: 9029d555e6adafce5089ab99c1d7501dd8fc9d8fd3afe3ceede4243987623166 |
| kernel-xen-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 2b1e98aabdc022a3df6ca6a46c3bcf97 SHA-256: 84c04eab4061983fe2946e1ef5d622a91c4d3d5883c5e4c9307f2ff334224734 |
| kernel-xen-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 93d8e0bdac0cc2a410871c5cbd4a3839 SHA-256: 8dfacefded18dd460d98081ff72212f043ca21833c3733089a631ae3cd24226d |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| kernel-2.6.18-194.17.4.el5.src.rpm File outdated by: RHSA-2013:0847 |
MD5: 63cbe99f2acb4f106e536e029924a7e0 SHA-256: a20bccdad9d454b19fc5c5701b099a60fbaa363f4823ee167c01402f4cac0d73 |
| IA-32: | |
| kernel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: addb5efd71812e7736fbd3e0568e5b3e SHA-256: f0a41dc1941f1ba03cb01ab877697c2abd259175133270380957eaa47abfef00 |
| kernel-PAE-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 6db59081ff8a1f5f8fb1fef0d14366cd SHA-256: 1bc7efdfe4596db8a13fc67658326f9196070821b4f354bf5a85a2494318f547 |
| kernel-PAE-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: e5f42a55c37a936612a9e3cb67ee4df4 SHA-256: f34350bf415e31bd8b3785f5123c2c430da4863c224ac2ac746e73ca505be187 |
| kernel-debug-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 4b97c47ebb342337bebca09d25454357 SHA-256: 503ef9bacfb85ca2ce4552338bac91c32721a40517c165114d6aeecf05d06c01 |
| kernel-debug-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 2ee331f287bd140fbeced6f02db9f31e SHA-256: 0f4ffc6d19d0e937b39918d5f86a1039724482e207799d2871d54996a9beab82 |
| kernel-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: b6837d3b8646d535707e13527f67a076 SHA-256: 546dcab040cef7637274cd609f1084064977d90be946d801ff2ec51b1988857c |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.i386.rpm File outdated by: RHSA-2013:0847 |
MD5: 13162edae3e38489a7f662a3937f198a SHA-256: 52f62770580cff254409a3ffb1561dd86c11e497a0b246a4b8452400d1a2e60e |
| kernel-xen-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: 585e05b5fc43942f82271dad22c13828 SHA-256: a2a2de41c4966d17e8daa85cc69a19355fd2d121d76ab916ebbaf505d5a326a4 |
| kernel-xen-devel-2.6.18-194.17.4.el5.i686.rpm File outdated by: RHSA-2013:0847 |
MD5: f4e124251076ee57fc353b8cc5fb74f9 SHA-256: 1ddbc1376d7a694b948a7ec08a3e1055f0f0ef59393f4d72e3847e81588e547c |
| x86_64: | |
| kernel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: adc289a7832dfc0711b90fb4798d1d7e SHA-256: d721e5a13701939ea2bda150684428c7fefa02a1df14f7104d5f8776294a441e |
| kernel-debug-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 8c65986cd2d8f373a87056e872880895 SHA-256: 7e294df1f786aca9aeb53bbde9a0d15a19649e41fa5ccc52818daaa173e709f1 |
| kernel-debug-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: bf2379f94d39e6d0ffc7febc35546cae SHA-256: 87e557a7fe29169febf6b47cd66d314b559a39c8e3e1c29638db70da4331024a |
| kernel-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: aa8c9a67803da07d522992ae9587bb3a SHA-256: fcdfe37bee426e86bca1bc7c4e5cf77650d8a1fe5183703bb7fd8fa71fad053c |
| kernel-doc-2.6.18-194.17.4.el5.noarch.rpm File outdated by: RHSA-2013:0847 |
MD5: f277b3bc11b86090f5f648664f8d17b8 SHA-256: 477eb172caf1aebdc8ab4f4ff1573e59ff2e5ac8372e393919f77191ed342f5e |
| kernel-headers-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 94d7298a75b59e2d545d86585456bdca SHA-256: 9029d555e6adafce5089ab99c1d7501dd8fc9d8fd3afe3ceede4243987623166 |
| kernel-xen-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 2b1e98aabdc022a3df6ca6a46c3bcf97 SHA-256: 84c04eab4061983fe2946e1ef5d622a91c4d3d5883c5e4c9307f2ff334224734 |
| kernel-xen-devel-2.6.18-194.17.4.el5.x86_64.rpm File outdated by: RHSA-2013:0847 |
MD5: 93d8e0bdac0cc2a410871c5cbd4a3839 SHA-256: 8dfacefded18dd460d98081ff72212f043ca21833c3733089a631ae3cd24226d |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
642896 - CVE-2010-3904 RDS sockets local privilege escalation
References
https://www.redhat.com/security/data/cve/CVE-2010-3904.html
http://www.redhat.com/security/updates/classification/#important
http://www.redhat.com/security/updates/classification/#important
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
