Skip to navigation

Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2012:0358-1
Type: Security Advisory
Severity: Important
Issued on: 2012-03-06
Last updated on: 2012-03-06
Affected Products: Red Hat Enterprise Linux EUS (v. 5.6.z server)
Red Hat Enterprise Linux Long Life (v. 5.6 server)
CVEs (cve.mitre.org): CVE-2011-1898
CVE-2011-2699
CVE-2011-4127
CVE-2011-4330
CVE-2012-0028

Details

Updated kernel packages that fix several security issues and various bugs
are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Using PCI passthrough without interrupt remapping support allowed Xen
hypervisor guests to generate MSI interrupts and thus potentially inject
traps. A privileged guest user could use this flaw to crash the host or
possibly escalate their privileges on the host. The fix for this issue can
prevent PCI passthrough working and guests starting. Refer to Red Hat
Bugzilla bug 715555 for details. (CVE-2011-1898, Important)

* IPv6 fragment identification value generation could allow a remote
attacker to disrupt a target system's networking, preventing legitimate
users from accessing its services. (CVE-2011-2699, Important)

* Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes
resulted in the requests being passed to the underlying block device. If a
privileged user only had access to a single partition or LVM volume, they
could use this flaw to bypass those restrictions and gain read and write
access (and be able to issue other SCSI commands) to the entire block
device. Refer to Red Hat Knowledgebase article 67869, linked to in the
References, for further details about this issue. (CVE-2011-4127,
Important)

* A flaw was found in the way the Linux kernel handled robust list pointers
of user-space held futexes across exec() calls. A local, unprivileged user
could use this flaw to cause a denial of service or, eventually, escalate
their privileges. (CVE-2012-0028, Important)

* A missing boundary check was found in the Linux kernel's HFS file system
implementation. A local attacker could use this flaw to cause a denial of
service or escalate their privileges by mounting a specially-crafted disk.
(CVE-2011-4330, Moderate)

Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699, and
Clement Lecigne for reporting CVE-2011-4330.

This update also fixes the following bugs:

* Previously, all timers for a Xen fully-virtualized domain were based on
the time stamp counter (TSC) of the underlying physical CPU. This could
cause observed time to go backwards on some hosts. This update moves all
timers except HPET to the Xen monotonic system time, which fixes the bug as
long as the HPET is removed from the configuration of the domain.
(BZ#773359)

* Previously, tests of the Microsoft Server Virtualization Validation
Program (SVVP) detected unreliability of the emulated HPET (High
Performance Event Timer) on some hosts. Now, HPET can be configured as a
per-domain configuration option; if it is disabled, the guest chooses a
more reliable timer source. Disabling HPET is suggested for Windows guests,
as well as fully-virtualized Linux guests that show occasional "time went
backwards" errors in the console. (BZ#773360)

* SG_IO ioctls were not implemented correctly in the Red Hat Enterprise
Linux 5 virtio-blk driver. Sending an SG_IO ioctl request to a virtio-blk
disk caused the sending thread to enter an uninterruptible sleep state ("D"
state). With this update, SG_IO ioctls are rejected by the virtio-blk
driver; the ioctl system call simply returns an ENOTTY ("Inappropriate
ioctl for device") error and the thread continues normally. (BZ#784658)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux EUS (v. 5.6.z server)
SRPMS:
kernel-2.6.18-238.35.1.el5.src.rpm
File outdated by:  RHSA-2013:0695		     MD5: baab862015540bde25009472af468ce6
SHA-256: 152e688b569b4e7b8ef83b9dc045c40f33b319170b21346e73fba782c3f807e3
 
IA-32:
kernel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 098ffb0fca8d2d88cb85a36c03d82558
SHA-256: 0e77782462f458d807d2a247200f9ff1343e9494bd9712cbe3a21607081309bf
kernel-PAE-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 0d4095b2e63392e16beb289771c80e07
SHA-256: 7b99366ca3a18a4916965af0cdf2e93a22a0dfd83de6980805749fe2e1495747
kernel-PAE-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c017c3a4063c11fb7d7c04a815d4b1fb
SHA-256: eb1fe466286671192c9270832ad1d243ac2a18e32b426233abe33126052894cf
kernel-debug-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6f11edec38ea3e08dfb92a5037a13f2e
SHA-256: 1fd6733921cfcb0bf4aad8ae86fc52d0e9bbd829deac365d997038228e28986b
kernel-debug-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 394a37b63010a0f6bf7992d99b2be140
SHA-256: 6cacc50d9b29bee48396b26bb9708df51e9c0e13c8b0c7b07b0d477d8ddf6142
kernel-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c698ce546f21fee2aead2ad34c48f7c8
SHA-256: c5687e84f021514b93e972f00fd0a8d9b1e3b8d0d564075740a98484c6b9e441
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.i386.rpm
File outdated by:  RHSA-2013:0695		     MD5: d4be3eeb375d7a3423c64f1807a55c51
SHA-256: 99fef6c57c24f27eaa0cc425645a3e952efcbe878c89f7b86f223d3fcf39a140
kernel-xen-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 13959ae08ce085a5c6aa76a8f693f2ce
SHA-256: 65822e349fb66f7a1b136957f15044a5aed657b7b16344800bcbbf6688dd36f2
kernel-xen-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c5719921e7361ccb0d69b4b285e4701f
SHA-256: 1b2aa57763a26896170973a087755c70c7203b0d0375b0cbbc00df47bede1139
 
IA-64:
kernel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6fd4ef56d80150b486a4fe9dc9403543
SHA-256: 5b664ec64666486aeefcf529d91b2d97cad5609bf94f874942e38362105cb627
kernel-debug-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4a5dd9b55320e93e52307c50503f9bc3
SHA-256: ab3303400977a41dd7b34738c5efb6fee538a4b83fc6c1d639a2efdc316d9515
kernel-debug-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: edde034db35e34f9b40d9d92341da81a
SHA-256: 2d3cb6cf87f66627fa169fe770bb634b23fff8e7167d8e95f407be72fa9f4cd7
kernel-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 7ccdc117c93f980c0105f4b9fa4ad9e3
SHA-256: 4a2affe351c0efff899e3c03f3a77b48c5ec9b30f8c5a85f621153630c5d2b6f
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4f8a548da6174802379778e25083b906
SHA-256: a65d25db41960001e16f1b20760b756d7302fa2ae2cb721be26f70765a11a854
kernel-xen-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: b05639b21100b6884ef5dc2c3d04ef1b
SHA-256: ea6922b91b21244493d35950e7b3f500d4b66ae192837b2c538d1e3c9210bc49
kernel-xen-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: ea0068660cb5b2bd4218af563af325e6
SHA-256: 78d5d485b7d0f806fdcfb5bf5f25422d39e6f58a44d327a16662d9c72e0b73a6
 
PPC:
kernel-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 580de2921749236c823881a665c234b0
SHA-256: 8df0e69d429a5e66dc83fb9fdf704ab75e100d01ff4caef3b483bf536e9af8eb
kernel-debug-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 8d8458ce3a1d716f47309881360faf67
SHA-256: f94a6e69bc54ecc09f0c8a2650859ba525f2f4adb9eca462bc0eb9f9dd7c8598
kernel-debug-devel-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: bf09ec9a632b8efc8119e3675b207542
SHA-256: 0eae25cae31b990db6856adedc6df8499ce8e92b85469e2e4be03b704d5cefe8
kernel-devel-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 79c18d1278abc96389992cf46ccf2956
SHA-256: 7a37d69ecb3afdb9d0aa14fa029b746d6fc89675601a204b554e599ed33eb509
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.ppc.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4efad8ee825a55f373dc14d3acc1314b
SHA-256: 0198b26719c0fbe7055c37664726efc810630222510df4ef88ddfc93404298fc
kernel-headers-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: e50b4b74e39ad44fc056ac7f4077463f
SHA-256: 83bcc5c50f9bd0ccad9f39f07bc1cab810e45c36d387b7b2b6b3eb2fbe0b5330
kernel-kdump-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6622dc9c86fc95893e0002ceedb0e014
SHA-256: d60e8412c31c823e91a32651af7c14f1875791a2015e22f94092c255994b0d13
kernel-kdump-devel-2.6.18-238.35.1.el5.ppc64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 0ad7ada5cb82fb902ceb1c71d71d053b
SHA-256: 7136792a8cf90035da39efd95bb2c04bf76d6a481d57d3911aa81640ee59b2cb
 
s390x:
kernel-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6f430583666767188105e02e8aedef17
SHA-256: 182af9ea242e6d8c7f1a58e5a1bac9b932352b42ad2736fc64d7d464f3042904
kernel-debug-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: 1d64969f0f8bfd74c53737c9f9c8885c
SHA-256: 78a10432fefe5f2f303857463adf68c98323858b256a648897abc224d126f540
kernel-debug-devel-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: f034354deaee3ba778a5ae7fae626f6d
SHA-256: ea57506cc1c9ae97088f5eaf3c12f96a10db3cf6686f053d37e698af11cb7857
kernel-devel-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: e1a9fc31b140b547001b755ce7416180
SHA-256: 27360ca0f398e0b28ebe5e32ba20856e3f28642610c74139a4e1c392c28892df
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: 504bfa32ce0e8c340eaddf57e4ce759c
SHA-256: 7c90f33d9bfc8209db72bf4d19ea50e5bf6edb2ffce5351b5f9df85df67c96a6
kernel-kdump-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: 7f45d78a2b99964a5241fe2f5b38a0b6
SHA-256: 468304e4e6a0e9e881ac014387d1448264fe2c3d05f7ab6142c796e3f2c85859
kernel-kdump-devel-2.6.18-238.35.1.el5.s390x.rpm
File outdated by:  RHSA-2013:0695		     MD5: 3b2a5e507c4a15c7014028b46e1add5e
SHA-256: e539fe3a101e77610155327cf0f6a267000b1a02f54379c8dddc0b9181365156
 
x86_64:
kernel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6c4915e1634b1d9ed856de1c51e5d901
SHA-256: ae067c83a7459abf31660b4f1a9ef9c7ca13b683dc0344c7239ab0d30a21f0ca
kernel-debug-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4c407f2bf98361f6b82f23285b455133
SHA-256: 2b69efa69cd292dc743e5011195da886feb7801854dc3f2cb7736253513aa286
kernel-debug-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 7505bda4f95c559130435ff79afc28f5
SHA-256: 526aeff908633b1929995b9c33b54c8a1db1b6c4b3a931894ac92fa1b8cade91
kernel-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: fcb5169e826e82334fcc63548cd3fc1b
SHA-256: 1cb36337468b9bc70181d02dbced31a5de11f6833062f5b06f85fda13d2f3245
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 8424f466f1695733c281f621a3036613
SHA-256: 5fa988e6cf4b2521642b6d4364f74193e7e295966c1a759a54f9f1ffac2127c7
kernel-xen-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 98a906b34db0fcc68a29b6ac0e71502d
SHA-256: acda1e70e3243b7a57f45db0fb0679d16b9ec03e7aa22b5e2d0c0c4fd398db2b
kernel-xen-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 63bff114ef717686d2e384992c11e215
SHA-256: 5702cb04df69552431f3915a7ca449cd08d1e34c256b08e8ae05d191844e03d3
 
Red Hat Enterprise Linux Long Life (v. 5.6 server)
SRPMS:
kernel-2.6.18-238.35.1.el5.src.rpm
File outdated by:  RHSA-2013:0695		     MD5: baab862015540bde25009472af468ce6
SHA-256: 152e688b569b4e7b8ef83b9dc045c40f33b319170b21346e73fba782c3f807e3
 
IA-32:
kernel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 098ffb0fca8d2d88cb85a36c03d82558
SHA-256: 0e77782462f458d807d2a247200f9ff1343e9494bd9712cbe3a21607081309bf
kernel-PAE-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 0d4095b2e63392e16beb289771c80e07
SHA-256: 7b99366ca3a18a4916965af0cdf2e93a22a0dfd83de6980805749fe2e1495747
kernel-PAE-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c017c3a4063c11fb7d7c04a815d4b1fb
SHA-256: eb1fe466286671192c9270832ad1d243ac2a18e32b426233abe33126052894cf
kernel-debug-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6f11edec38ea3e08dfb92a5037a13f2e
SHA-256: 1fd6733921cfcb0bf4aad8ae86fc52d0e9bbd829deac365d997038228e28986b
kernel-debug-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 394a37b63010a0f6bf7992d99b2be140
SHA-256: 6cacc50d9b29bee48396b26bb9708df51e9c0e13c8b0c7b07b0d477d8ddf6142
kernel-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c698ce546f21fee2aead2ad34c48f7c8
SHA-256: c5687e84f021514b93e972f00fd0a8d9b1e3b8d0d564075740a98484c6b9e441
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.i386.rpm
File outdated by:  RHSA-2013:0695		     MD5: d4be3eeb375d7a3423c64f1807a55c51
SHA-256: 99fef6c57c24f27eaa0cc425645a3e952efcbe878c89f7b86f223d3fcf39a140
kernel-xen-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: 13959ae08ce085a5c6aa76a8f693f2ce
SHA-256: 65822e349fb66f7a1b136957f15044a5aed657b7b16344800bcbbf6688dd36f2
kernel-xen-devel-2.6.18-238.35.1.el5.i686.rpm
File outdated by:  RHSA-2013:0695		     MD5: c5719921e7361ccb0d69b4b285e4701f
SHA-256: 1b2aa57763a26896170973a087755c70c7203b0d0375b0cbbc00df47bede1139
 
IA-64:
kernel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6fd4ef56d80150b486a4fe9dc9403543
SHA-256: 5b664ec64666486aeefcf529d91b2d97cad5609bf94f874942e38362105cb627
kernel-debug-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4a5dd9b55320e93e52307c50503f9bc3
SHA-256: ab3303400977a41dd7b34738c5efb6fee538a4b83fc6c1d639a2efdc316d9515
kernel-debug-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: edde034db35e34f9b40d9d92341da81a
SHA-256: 2d3cb6cf87f66627fa169fe770bb634b23fff8e7167d8e95f407be72fa9f4cd7
kernel-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 7ccdc117c93f980c0105f4b9fa4ad9e3
SHA-256: 4a2affe351c0efff899e3c03f3a77b48c5ec9b30f8c5a85f621153630c5d2b6f
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4f8a548da6174802379778e25083b906
SHA-256: a65d25db41960001e16f1b20760b756d7302fa2ae2cb721be26f70765a11a854
kernel-xen-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: b05639b21100b6884ef5dc2c3d04ef1b
SHA-256: ea6922b91b21244493d35950e7b3f500d4b66ae192837b2c538d1e3c9210bc49
kernel-xen-devel-2.6.18-238.35.1.el5.ia64.rpm
File outdated by:  RHSA-2013:0695		     MD5: ea0068660cb5b2bd4218af563af325e6
SHA-256: 78d5d485b7d0f806fdcfb5bf5f25422d39e6f58a44d327a16662d9c72e0b73a6
 
x86_64:
kernel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 6c4915e1634b1d9ed856de1c51e5d901
SHA-256: ae067c83a7459abf31660b4f1a9ef9c7ca13b683dc0344c7239ab0d30a21f0ca
kernel-debug-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 4c407f2bf98361f6b82f23285b455133
SHA-256: 2b69efa69cd292dc743e5011195da886feb7801854dc3f2cb7736253513aa286
kernel-debug-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 7505bda4f95c559130435ff79afc28f5
SHA-256: 526aeff908633b1929995b9c33b54c8a1db1b6c4b3a931894ac92fa1b8cade91
kernel-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: fcb5169e826e82334fcc63548cd3fc1b
SHA-256: 1cb36337468b9bc70181d02dbced31a5de11f6833062f5b06f85fda13d2f3245
kernel-doc-2.6.18-238.35.1.el5.noarch.rpm
File outdated by:  RHSA-2013:0695		     MD5: cabc72e450444b8029bf1dfbf1106fca
SHA-256: 48245ee1b43982be1f1c08697d8a0b1a68032f43f902c080ed96c6dd63d3a4f6
kernel-headers-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 8424f466f1695733c281f621a3036613
SHA-256: 5fa988e6cf4b2521642b6d4364f74193e7e295966c1a759a54f9f1ffac2127c7
kernel-xen-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 98a906b34db0fcc68a29b6ac0e71502d
SHA-256: acda1e70e3243b7a57f45db0fb0679d16b9ec03e7aa22b5e2d0c0c4fd398db2b
kernel-xen-devel-2.6.18-238.35.1.el5.x86_64.rpm
File outdated by:  RHSA-2013:0695		     MD5: 63bff114ef717686d2e384992c11e215
SHA-256: 5702cb04df69552431f3915a7ca449cd08d1e34c256b08e8ae05d191844e03d3
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

715555 - CVE-2011-1898 virt: VT-d (PCI passthrough) MSI trap injection
723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable
752375 - CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl
755431 - CVE-2011-4330 kernel: hfs: add sanity check for file name length
771764 - CVE-2012-0028 kernel: futex: clear robust_list on execve
773360 - provide option to disable HPET [rhel-5.6.z]
784658 - Install RHEV-H to virtual machine cause VM kernel panic when boot [rhel-5.6.z]


References

https://www.redhat.com/security/data/cve/CVE-2011-1898.html
https://www.redhat.com/security/data/cve/CVE-2011-2699.html
https://www.redhat.com/security/data/cve/CVE-2011-4127.html
https://www.redhat.com/security/data/cve/CVE-2011-4330.html
https://www.redhat.com/security/data/cve/CVE-2012-0028.html
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/knowledge/articles/66747
https://bugzilla.redhat.com/show_bug.cgi?id=715555
https://access.redhat.com/knowledge/articles/67869

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/