Skip to navigation

Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2010:0670-1
Type: Security Advisory
Severity: Important
Issued on: 2010-09-02
Last updated on: 2010-09-02
Affected Products: Red Hat Enterprise Linux EUS (v. 5.4.z server)
CVEs (cve.mitre.org): CVE-2010-2240
CVE-2010-2798

Details

Updated kernel packages that fix two security issues and three bugs are now
available for Red Hat Enterprise Linux 5.4 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* When an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code,
possibly leading to privilege escalation. It is known that the X Window
System server can be used to trigger this flaw. (CVE-2010-2240, Important)

* A miscalculation of the size of the free space of the initial directory
entry in a directory leaf block was found in the Linux kernel Global File
System 2 (GFS2) implementation. A local, unprivileged user with write
access to a GFS2-mounted file system could perform a rename operation on
that file system to trigger a NULL pointer dereference, possibly resulting
in a denial of service or privilege escalation. (CVE-2010-2798, Important)

Red Hat would like to thank the X.Org security team for reporting
CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as the original
reporter; and Grant Diffey of CenITex for reporting CVE-2010-2798.

This update also fixes the following bugs:

* Problems receiving network traffic correctly via a non-standard layer 3
protocol when using the ixgbe driver. This update corrects this issue.
(BZ#618275)

* A bug was found in the way the megaraid_sas driver (for SAS based RAID
controllers) handled physical disks and management IOCTLs. All physical
disks were exported to the disk layer, allowing an oops in
megasas_complete_cmd_dpc() when completing the IOCTL command if a timeout
occurred. One possible trigger for this bug was running "mkfs". This update
resolves this issue by updating the megaraid_sas driver to version 4.31.
(BZ#619363)

* Previously, Message Signaled Interrupts (MSI) resulted in PCI bus writes
to mask and unmask the MSI IRQ for a PCI device. These unnecessary PCI bus
writes resulted in the serialization of MSIs, leading to poor performance
on systems with high MSI load. This update adds a new kernel boot
parameter, msi_nolock, which forgoes the PCI bus writes and allows for
better simultaneous processing of MSIs. (BZ#621939)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
kernel-2.6.18-164.25.1.el5.src.rpm
File outdated by:  RHBA-2011:0956
    MD5: 02402afa9537accf90116726420d834c
SHA-256: 90f87fb436737dc961b3d7cbc94e3ba7c124cd8727dbeac9ac0cc515ddea2f23
 
IA-32:
kernel-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: d48ea75c66a7327decde5dbd94d84109
SHA-256: 711389d610d08a25894b35471b3b3d5883427da4156abfa0549452410b0871a7
kernel-PAE-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: a4c8e1d1041726259f74e6dea46eea3e
SHA-256: 32fe706498eae856676c73c036f3e1feeb79ee7e45c566b6452e81f70a474966
kernel-PAE-devel-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: 88e83d64f57f1049616176a9d7f31467
SHA-256: a7e36580ab9ce85743823032c88b3638cea5c9a3d4c6be76850f4ec09b397d93
kernel-debug-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: 39893b0343c30b6d41717b6a7466a0cf
SHA-256: 374843c0fbbd4acd1ee54dd790ecdce6d7b72de746b7de6ed76f148d2eb33d6a
kernel-debug-devel-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: 7c50ac1e5bfa1ec5b2e99855b3f6efa6
SHA-256: d1e1fd87dd343b848cd020002b2533bee5a24d2190de11b2c4c57662da7420d7
kernel-devel-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: ad54ddd6de14b0d7e9166157cad5e788
SHA-256: 0923ad5920bf9a1cd83583d0739162880091aa46da523f21f0631ef07ef8e8d9
kernel-doc-2.6.18-164.25.1.el5.noarch.rpm
File outdated by:  RHBA-2011:0956
    MD5: 921bed0b74d9dc8137e10abcf32175e8
SHA-256: 89bb3c4449958c015ce77ecc46f3f3a2d539282c6b49a5d6b69aef7769146042
kernel-headers-2.6.18-164.25.1.el5.i386.rpm
File outdated by:  RHBA-2011:0956
    MD5: fbc8a6e7efbc6ab5fba781db4434053d
SHA-256: 4a7eeeb469985ea8e87f81a97dc867a10d0f716d802a01e21bb2867c9195979a
kernel-xen-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: c6ad953e36f4a6a7257a8c9fdb46b5d0
SHA-256: 2b5a12079a28b6646cc77d3f127b9710639a6a025e3809db3d4732d0c415e38c
kernel-xen-devel-2.6.18-164.25.1.el5.i686.rpm
File outdated by:  RHBA-2011:0956
    MD5: cbcc61cc2965e436d180e9f864832c88
SHA-256: 7f31f4c4480b2d16b9b28f6c35258823359598ad892c3a9a3986780294d97602
 
IA-64:
kernel-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 49197e4ccb31494022f1300223d5883e
SHA-256: 7cf7ca9497a9da0b6d919304d7fc6c26a47fe0a8376a64f4306d44da30b7a0ac
kernel-debug-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: bf25fdf1564d05abbb9e2a7ea5f3b596
SHA-256: ec9947b49665017b5b97f70afbf125da18518b506776089d3dcfa540048fa774
kernel-debug-devel-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 2beb09744c8170053ff9a81d76760990
SHA-256: e10153820f1634d07b898e90cf841db69794cfc5128bce99035ce2c13d303463
kernel-devel-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: c7675951e473621a62b3f42d8f6917ee
SHA-256: 9de3db64b425fcc134ddb9a82da0e04c883993b15ac8af9e840e6542c2c62a3e
kernel-doc-2.6.18-164.25.1.el5.noarch.rpm
File outdated by:  RHBA-2011:0956
    MD5: 921bed0b74d9dc8137e10abcf32175e8
SHA-256: 89bb3c4449958c015ce77ecc46f3f3a2d539282c6b49a5d6b69aef7769146042
kernel-headers-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 9f91765207731303d3cc0ff95372aa25
SHA-256: 7f89bcfa265718ffe6d1327660f63c6a55e37efd20c15783819061326176af82
kernel-xen-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 82c7233785dbbee406d9d9e703fb0c63
SHA-256: 04544425626c0ce801d79285b84b7dec4f5c3cbcba1eaf745016a9fd82ab1a58
kernel-xen-devel-2.6.18-164.25.1.el5.ia64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 18e356ed5501db7839603a6aa67398fd
SHA-256: 043ee70390411f0fc633c1afe970fac4e1a1846c0d6ac8bad82b878f8b775ea4
 
PPC:
kernel-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 96d75ce4abafe4a7d57650fa1dde316f
SHA-256: 2b752f7b93b6c351f1d36e77a18d101db1262219899f15e23255ef25a8bf8788
kernel-debug-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 503f3b59a80190c1abd6d56a2dd55213
SHA-256: 442f901913c1c07377016c10a5a10e22b2226cbc75ba1cc5398afdbec6561942
kernel-debug-devel-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 50c8af117909ea455603bd31050ce6da
SHA-256: c2db9a9d2a12e1e6eb299fe99ea37526feabd8e0ed1684fb2cce9eb1026f31d8
kernel-devel-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: f79f36697799229aa942b2e237f4cb87
SHA-256: d7c2270715b79674cf9e8d966d5a1d4f4d633b00fbcec60bb87f9b3230251034
kernel-doc-2.6.18-164.25.1.el5.noarch.rpm
File outdated by:  RHBA-2011:0956
    MD5: 921bed0b74d9dc8137e10abcf32175e8
SHA-256: 89bb3c4449958c015ce77ecc46f3f3a2d539282c6b49a5d6b69aef7769146042
kernel-headers-2.6.18-164.25.1.el5.ppc.rpm
File outdated by:  RHBA-2011:0956
    MD5: 97416f5d18d070c786db0ca8d5cffd94
SHA-256: 87e93d53b054873a51cb1a0c289bd21fd0e56164dfa9a6c21f91e877a15e4d8d
kernel-headers-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 1178ac84b483d41da193dc9aba7e3925
SHA-256: 46ea06ea88e364c232990459c91c34a685cf413e9cd91da2f54f89fc672689b5
kernel-kdump-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 203a31bd3b382574b811c2669a27feab
SHA-256: 19dacb1f191aed0f2801bf95496909ddba212d4ddfa2f38d0ad9623de9e27743
kernel-kdump-devel-2.6.18-164.25.1.el5.ppc64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 591238e6eb51422ca97a470287f4badc
SHA-256: 99c4f0decac909c9b7053f9d503c6254b11d33e24d5f41d66c1c1825fc816bd0
 
s390x:
kernel-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: 7857c29e11a5935d92265eac2c3c2e7d
SHA-256: 332cbd778b5a23deaa2cb2c295ba6977c6de7cc8ee7ba7cbdf5009ead9812aca
kernel-debug-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: 9130588c94e6403ec42cbe0ab39ec8b2
SHA-256: a02a3d08f34893c55f93650f160dbd75c98bc929f61f166986db0b8b77d0f47f
kernel-debug-devel-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: c41a82a0885cc63014283ab2ac64f3be
SHA-256: fb0f7a7f61b0c11f9716f9336b3c842804156183ab308ef1e6407480f86a6371
kernel-devel-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: 05594dd14605552f1e332f573f5f5046
SHA-256: a6770ae989f0923e132aa6443ad213f199d5d0df3a38ca8cb0f58388f0a3af57
kernel-doc-2.6.18-164.25.1.el5.noarch.rpm
File outdated by:  RHBA-2011:0956
    MD5: 921bed0b74d9dc8137e10abcf32175e8
SHA-256: 89bb3c4449958c015ce77ecc46f3f3a2d539282c6b49a5d6b69aef7769146042
kernel-headers-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: f793a7783a3b7757a974696475e879af
SHA-256: b39308151c1b18d3bf2c42c370697d968a1b6648d611b5b236f54fd78cefc48e
kernel-kdump-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: 6f35949b234af8526b25bb606df78368
SHA-256: e290318507e4be918fa3386b55df26224bce5a1368d009b629e40bdf85a9b448
kernel-kdump-devel-2.6.18-164.25.1.el5.s390x.rpm
File outdated by:  RHBA-2011:0956
    MD5: e371900c0441ea44c97cc881243f8901
SHA-256: 1d55aa17f59515cc21632eb36a4d5ba2ef2390f3960ce45f56c76d7ddd11c8f2
 
x86_64:
kernel-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 808daf2526c66b9d38a03cd206f2e573
SHA-256: 9267d83cce2f77f3ae92c06fe3deb01d4155ef13b92dcdd3394d566a6d64aa9a
kernel-debug-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: c12d8a4cdc10ae9de6ab81207d0070d0
SHA-256: d9735bb72c00764279baaab57d6cc78aa6258f0a4300c75ab5c6b3a8cbab6d8f
kernel-debug-devel-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 97821256cdb251592f1ea476c886229b
SHA-256: 88279ae2e35154013d80049cb19800008e5f2d6a9a9995c385bad04087bbd432
kernel-devel-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: fbe88a152ae1044de6ab802e4a78c413
SHA-256: 834c3c51ebbdeef23311b5ec44824f250bdacfd9fe22608e3cc78a8c0a76b766
kernel-doc-2.6.18-164.25.1.el5.noarch.rpm
File outdated by:  RHBA-2011:0956
    MD5: 921bed0b74d9dc8137e10abcf32175e8
SHA-256: 89bb3c4449958c015ce77ecc46f3f3a2d539282c6b49a5d6b69aef7769146042
kernel-headers-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 9b55908f0e845542ba3a25112ae71f4d
SHA-256: edec81dd1c2615cba7ea4eebf76de6b93c9938791c530556dd3e5f6b3a3844d3
kernel-xen-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: 5dcbb08ad1078ee9fd1c6c61ace5b1a4
SHA-256: 23598203a7d5056624e16e02a895d61905f5e63f4cbb7bb6eeaaaddaaf035c2a
kernel-xen-devel-2.6.18-164.25.1.el5.x86_64.rpm
File outdated by:  RHBA-2011:0956
    MD5: c6a1c872588c343003551d23a916163b
SHA-256: 985d2a203334e5ce9fe986837312581d0dcdbf13c80f4b4bd087c2b1de0c69cd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment
618275 - Received data corrupts when non standards L3 protocols are used on ixgbe [rhel-5.4.z]
619363 - [LSI 5.6 feat] update megaraid_sas to version 4.31 [rhel-5.4.z]
620300 - CVE-2010-2798 kernel: gfs2: rename causes kernel panic
621939 - Significant MSI performance issue due to redundant interrupt masking [rhel-5.4.z]


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/