Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2009:1457-1
Type: Security Advisory
Severity: Important
Issued on: 2009-09-22
Last updated on: 2009-09-22
Affected Products: Red Hat Enterprise Linux EUS (v. 5.2.z server)
CVEs (cve.mitre.org): CVE-2009-1389
CVE-2009-2692
CVE-2009-2698

Details

Updated kernel packages that fix several security issues are now available
for Red Hat Enterprise Linux 5.2 Extended Update Support.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in
the Linux kernel. This driver allowed interfaces using this driver to
receive frames larger than what could be handled. This could lead to a
remote denial of service or code execution. (CVE-2009-1389, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the SOCKOPS_WRAP macro in the Linux kernel. This macro did not
initialize the sendpage operation in the proto_ops structure correctly. A
local, unprivileged user could use this flaw to cause a local denial of
service or escalate their privileges. (CVE-2009-2692, Important)

* Tavis Ormandy and Julien Tinnes of the Google Security Team reported a
flaw in the udp_sendmsg() implementation in the Linux kernel when using the
MSG_MORE flag on UDP sockets. A local, unprivileged user could use this
flaw to cause a local denial of service or escalate their privileges.
(CVE-2009-2698, Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux EUS (v. 5.2.z server)

SRPMS:
kernel-2.6.18-92.1.28.el5.src.rpm
File outdated by:  RHSA-2010:0148
    MD5: d006e5a580e5feb57eb5f01fd671c99d
 
IA-32:
kernel-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 62bc250affcab6e5684266591cfdda88
kernel-PAE-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 1c5d35946e03cb5cafd133c65083053f
kernel-PAE-devel-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 7cb530f6261f3db83712ee77686c6927
kernel-debug-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 41273917579d9adaa5f63d06b160a3c2
kernel-debug-devel-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 0228aeccf50f41aba8a5392360323eb0
kernel-devel-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: a71be4404aee5befc8a26bed482e5856
kernel-doc-2.6.18-92.1.28.el5.noarch.rpm
File outdated by:  RHSA-2010:0148
    MD5: 87b9d041a703e674c6bbaf052d740990
kernel-headers-2.6.18-92.1.28.el5.i386.rpm
File outdated by:  RHSA-2010:0148
    MD5: 49f58bf5ad858d3f96a997e22e96a99b
kernel-xen-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: 0e927bb3c43a99f775d64e7f852ab127
kernel-xen-devel-2.6.18-92.1.28.el5.i686.rpm
File outdated by:  RHSA-2010:0148
    MD5: ff19180413af00ff61c6df772aa2e13d
 
IA-64:
kernel-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 93f04d4a3eed65f9176d7eb1b6505f1c
kernel-debug-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 405adf4c0829dbf9db85371b32c24e21
kernel-debug-devel-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 43d15e29511d1f928768ccfa6591c920
kernel-devel-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: d16280af7b6e19c2bcbacda291478772
kernel-doc-2.6.18-92.1.28.el5.noarch.rpm
File outdated by:  RHSA-2010:0148
    MD5: 87b9d041a703e674c6bbaf052d740990
kernel-headers-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 4f0c27e1b1f2b2bb476ab298fb3a5e21
kernel-xen-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 54f27b4a59e7efa042c8a0ea69770b2f
kernel-xen-devel-2.6.18-92.1.28.el5.ia64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 2d4ca350b7cf819347b4215f696381b1
 
PPC:
kernel-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 980a0c98b19dc3a5b6384f08664b0e0b
kernel-debug-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 89dc1d11a3ad53afd842eb7923392d0b
kernel-debug-devel-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 80539375bfaee953265daf7d40475ef1
kernel-devel-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 479f8ccf8dbe7c68d73e6640489fc795
kernel-doc-2.6.18-92.1.28.el5.noarch.rpm
File outdated by:  RHSA-2010:0148
    MD5: 87b9d041a703e674c6bbaf052d740990
kernel-headers-2.6.18-92.1.28.el5.ppc.rpm
File outdated by:  RHSA-2010:0148
    MD5: 89a919d23d086897251f7651b8b3c12c
kernel-headers-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 3b8a6ed5d505c7d287d796fa8a50c1aa
kernel-kdump-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 93fba8e201e2d76f8f6967709a563c17
kernel-kdump-devel-2.6.18-92.1.28.el5.ppc64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 7d7ce6bd97cfcf45a0c8e7e359baabdd
 
s390x:
kernel-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: fba76ab63b9fd50a9103102f54901b7d
kernel-debug-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: 84d46f54c03f1f98760bd513ea61da44
kernel-debug-devel-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: 49631b8ab7abcbd81177a21cfde684b7
kernel-devel-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: 240862c959df67c32561249cdfef5487
kernel-doc-2.6.18-92.1.28.el5.noarch.rpm
File outdated by:  RHSA-2010:0148
    MD5: 87b9d041a703e674c6bbaf052d740990
kernel-headers-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: c37f2e7504603d4d15cdcaab0cc36bc9
kernel-kdump-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: 613a549efb70d51b414f24d097ca54d5
kernel-kdump-devel-2.6.18-92.1.28.el5.s390x.rpm
File outdated by:  RHSA-2010:0148
    MD5: 9a6eb8c47438772e86d1f8b1b429047c
 
x86_64:
kernel-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: fffa17137827e2af87cbb5d9538c1ebf
kernel-debug-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: e960f15f229eee6c31e31db970cf17bb
kernel-debug-devel-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: ba0e742444e1bbc7872bdd6be2b692b6
kernel-devel-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 2abb207ab332c8206378100532619b23
kernel-doc-2.6.18-92.1.28.el5.noarch.rpm
File outdated by:  RHSA-2010:0148
    MD5: 87b9d041a703e674c6bbaf052d740990
kernel-headers-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 3d9b39e68388cc88400752aa3d2aa1c2
kernel-xen-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 515ef83a1611ab5b2a5c7e960c730d09
kernel-xen-devel-2.6.18-92.1.28.el5.x86_64.rpm
File outdated by:  RHSA-2010:0148
    MD5: 5916980caf8c0dceb1485633fe7055be
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

504726 - CVE-2009-1389 kernel: r8169: fix crash when large packets are received
516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
518034 - CVE-2009-2698 kernel: udp socket NULL ptr dereference


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/