Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2009:1233-1
Type: Security Advisory
Severity: Important
Issued on: 2009-08-27
Last updated on: 2009-08-27
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2009-2692
CVE-2009-2698

Details

Updated kernel packages that fix two security issues are now available for
Red Hat Enterprise Linux 3.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

* a flaw was found in the SOCKOPS_WRAP macro in the Linux kernel. This
macro did not initialize the sendpage operation in the proto_ops structure
correctly. A local, unprivileged user could use this flaw to cause a local
denial of service or escalate their privileges. (CVE-2009-2692, Important)

* a flaw was found in the udp_sendmsg() implementation in the Linux kernel
when using the MSG_MORE flag on UDP sockets. A local, unprivileged user
could use this flaw to cause a local denial of service or escalate their
privileges. (CVE-2009-2698, Important)

Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google
Security Team for responsibly reporting these flaws.

All Red Hat Enterprise Linux 3 users should upgrade to these updated
packages, which contain backported patches to resolve these issues. The
system must be rebooted for this update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
kernel-2.4.21-60.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e656450983fe6b570a4ece0b4b6f7be8
 
IA-32:
kernel-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8a3e81bf3e07993eccb59549a32b479a
kernel-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a113560e01219e65a7a5e991f324d6e8
kernel-BOOT-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 16830a07ceded93b2ec3e115e9f1c97d
kernel-doc-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 54ded3f42c58bbb0bf57718c5aa09d1b
kernel-hugemem-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 67ebb204db960ca0065c99afac86b40d
kernel-hugemem-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 5b278d0add2f2854b8167779a94a0485
kernel-smp-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 649060c27ab509a6721845fffa54859d
kernel-smp-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4d9e7b01ae8f0c8d425f6f870ed59caf
kernel-smp-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: c4d133557cbe219c9526294cab3b5c4c
kernel-smp-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: f6aed073c438e68fe3a0cad972217396
kernel-source-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0bf71e3e1fb81e68e55d60c0d3805103
kernel-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: ab9acc56951b3c94f099ad7a62cd3922
kernel-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4f6cc840d05bd73e99831e8f5c5d32f1
 
x86_64:
kernel-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: a6aa197cdbb8a972df8d947ed1503c08
kernel-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1ea0319c914f6f6b221256468a42432f
kernel-doc-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: aa75c1feefc213556cf1c45653779225
kernel-smp-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 00f29564d45de83b6d80d4a86502835a
kernel-smp-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: b437abd63cf5b745d666fca11fecab4e
kernel-source-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 32f47b9df96f08fb4f365fec70fb95ee
kernel-unsupported-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8c74dc90a0dd8ed1f50a94ea72cc207c
kernel-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0851a2b2c67a605ee751e3dfc1a98e77
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
kernel-2.4.21-60.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e656450983fe6b570a4ece0b4b6f7be8
 
IA-32:
kernel-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8a3e81bf3e07993eccb59549a32b479a
kernel-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a113560e01219e65a7a5e991f324d6e8
kernel-BOOT-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 16830a07ceded93b2ec3e115e9f1c97d
kernel-doc-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 54ded3f42c58bbb0bf57718c5aa09d1b
kernel-hugemem-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 67ebb204db960ca0065c99afac86b40d
kernel-hugemem-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 5b278d0add2f2854b8167779a94a0485
kernel-smp-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 649060c27ab509a6721845fffa54859d
kernel-smp-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4d9e7b01ae8f0c8d425f6f870ed59caf
kernel-smp-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: c4d133557cbe219c9526294cab3b5c4c
kernel-smp-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: f6aed073c438e68fe3a0cad972217396
kernel-source-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0bf71e3e1fb81e68e55d60c0d3805103
kernel-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: ab9acc56951b3c94f099ad7a62cd3922
kernel-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4f6cc840d05bd73e99831e8f5c5d32f1
 
IA-64:
kernel-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: e632dc9756fdc19dba6811972774743d
kernel-doc-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 670f358bd9afd472ac3eab7c18b22837
kernel-source-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: a4bee7734bd923f244db7465e1172894
kernel-unsupported-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4b94a4b7bff27e89dd2a7c0d2ea905d6
 
PPC:
kernel-2.4.21-60.EL.ppc64iseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: d289529b1480c9dcd4157e36f9384d91
kernel-2.4.21-60.EL.ppc64pseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: 94de656f07650057d5485a611fad4712
kernel-doc-2.4.21-60.EL.ppc64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 52a9e96267dece8cfd7bc4b3100bd382
kernel-source-2.4.21-60.EL.ppc64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 39988dbf22167e824c6021d23b4e51e3
kernel-unsupported-2.4.21-60.EL.ppc64iseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: cfb34426b557cccfefe6d7c9b8386509
kernel-unsupported-2.4.21-60.EL.ppc64pseries.rpm
File outdated by:  RHSA-2009:1550
    MD5: aaa406184c2b2f236e376ad7426f3b94
 
s390:
kernel-2.4.21-60.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: ffbcfb1650c1fa572ceb326721491ed8
kernel-doc-2.4.21-60.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: cbf28e267cacecb227fae8088b9cacd9
kernel-source-2.4.21-60.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: b2dd553f46f0d79ff8d9983816dbb5b3
kernel-unsupported-2.4.21-60.EL.s390.rpm
File outdated by:  RHSA-2009:1550
    MD5: ee41999cd764c9f1f550df081e0b9ebb
 
s390x:
kernel-2.4.21-60.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: 2e0c52a719732450a4eb9a028d2164df
kernel-doc-2.4.21-60.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: e349e0e6c9f7bea2e4b91b7af87e231f
kernel-source-2.4.21-60.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: 21adfea3aa4360b76d779b8b27cb60c3
kernel-unsupported-2.4.21-60.EL.s390x.rpm
File outdated by:  RHSA-2009:1550
    MD5: 5bb44cb3f599fe5ef74553afa613cc7a
 
x86_64:
kernel-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: a6aa197cdbb8a972df8d947ed1503c08
kernel-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1ea0319c914f6f6b221256468a42432f
kernel-doc-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: aa75c1feefc213556cf1c45653779225
kernel-smp-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 00f29564d45de83b6d80d4a86502835a
kernel-smp-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: b437abd63cf5b745d666fca11fecab4e
kernel-source-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 32f47b9df96f08fb4f365fec70fb95ee
kernel-unsupported-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8c74dc90a0dd8ed1f50a94ea72cc207c
kernel-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0851a2b2c67a605ee751e3dfc1a98e77
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
kernel-2.4.21-60.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e656450983fe6b570a4ece0b4b6f7be8
 
IA-32:
kernel-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8a3e81bf3e07993eccb59549a32b479a
kernel-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a113560e01219e65a7a5e991f324d6e8
kernel-BOOT-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 16830a07ceded93b2ec3e115e9f1c97d
kernel-doc-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 54ded3f42c58bbb0bf57718c5aa09d1b
kernel-hugemem-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 67ebb204db960ca0065c99afac86b40d
kernel-hugemem-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 5b278d0add2f2854b8167779a94a0485
kernel-smp-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 649060c27ab509a6721845fffa54859d
kernel-smp-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4d9e7b01ae8f0c8d425f6f870ed59caf
kernel-smp-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: c4d133557cbe219c9526294cab3b5c4c
kernel-smp-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: f6aed073c438e68fe3a0cad972217396
kernel-source-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0bf71e3e1fb81e68e55d60c0d3805103
kernel-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: ab9acc56951b3c94f099ad7a62cd3922
kernel-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4f6cc840d05bd73e99831e8f5c5d32f1
 
IA-64:
kernel-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: e632dc9756fdc19dba6811972774743d
kernel-doc-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 670f358bd9afd472ac3eab7c18b22837
kernel-source-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: a4bee7734bd923f244db7465e1172894
kernel-unsupported-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4b94a4b7bff27e89dd2a7c0d2ea905d6
 
x86_64:
kernel-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: a6aa197cdbb8a972df8d947ed1503c08
kernel-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1ea0319c914f6f6b221256468a42432f
kernel-doc-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: aa75c1feefc213556cf1c45653779225
kernel-smp-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 00f29564d45de83b6d80d4a86502835a
kernel-smp-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: b437abd63cf5b745d666fca11fecab4e
kernel-source-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 32f47b9df96f08fb4f365fec70fb95ee
kernel-unsupported-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8c74dc90a0dd8ed1f50a94ea72cc207c
kernel-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0851a2b2c67a605ee751e3dfc1a98e77
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
kernel-2.4.21-60.EL.src.rpm
File outdated by:  RHSA-2009:1550
    MD5: e656450983fe6b570a4ece0b4b6f7be8
 
IA-32:
kernel-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8a3e81bf3e07993eccb59549a32b479a
kernel-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: a113560e01219e65a7a5e991f324d6e8
kernel-BOOT-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 16830a07ceded93b2ec3e115e9f1c97d
kernel-doc-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 54ded3f42c58bbb0bf57718c5aa09d1b
kernel-hugemem-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 67ebb204db960ca0065c99afac86b40d
kernel-hugemem-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 5b278d0add2f2854b8167779a94a0485
kernel-smp-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: 649060c27ab509a6721845fffa54859d
kernel-smp-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4d9e7b01ae8f0c8d425f6f870ed59caf
kernel-smp-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: c4d133557cbe219c9526294cab3b5c4c
kernel-smp-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: f6aed073c438e68fe3a0cad972217396
kernel-source-2.4.21-60.EL.i386.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0bf71e3e1fb81e68e55d60c0d3805103
kernel-unsupported-2.4.21-60.EL.athlon.rpm
File outdated by:  RHSA-2009:1550
    MD5: ab9acc56951b3c94f099ad7a62cd3922
kernel-unsupported-2.4.21-60.EL.i686.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4f6cc840d05bd73e99831e8f5c5d32f1
 
IA-64:
kernel-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: e632dc9756fdc19dba6811972774743d
kernel-doc-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 670f358bd9afd472ac3eab7c18b22837
kernel-source-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: a4bee7734bd923f244db7465e1172894
kernel-unsupported-2.4.21-60.EL.ia64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 4b94a4b7bff27e89dd2a7c0d2ea905d6
 
x86_64:
kernel-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: a6aa197cdbb8a972df8d947ed1503c08
kernel-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 1ea0319c914f6f6b221256468a42432f
kernel-doc-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: aa75c1feefc213556cf1c45653779225
kernel-smp-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 00f29564d45de83b6d80d4a86502835a
kernel-smp-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: b437abd63cf5b745d666fca11fecab4e
kernel-source-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 32f47b9df96f08fb4f365fec70fb95ee
kernel-unsupported-2.4.21-60.EL.ia32e.rpm
File outdated by:  RHSA-2009:1550
    MD5: 8c74dc90a0dd8ed1f50a94ea72cc207c
kernel-unsupported-2.4.21-60.EL.x86_64.rpm
File outdated by:  RHSA-2009:1550
    MD5: 0851a2b2c67a605ee751e3dfc1a98e77
 

Bugs fixed (see bugzilla for more information)

516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
518034 - CVE-2009-2698 kernel: udp socket NULL ptr dereference


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/