Skip to navigation

Security Advisory Important: kernel security update

Advisory: RHSA-2010:0711-1
Type: Security Advisory
Severity: Important
Issued on: 2010-09-22
Last updated on: 2010-09-22
Affected Products: Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux Long Life (v. 5.3 server)
CVEs (cve.mitre.org): CVE-2010-3081

Details

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.3 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* The compat_alloc_user_space() function in the Linux kernel 32/64-bit
compatibility layer implementation was missing sanity checks. This function
could be abused in other areas of the Linux kernel if its length argument
can be controlled from user-space. On 64-bit systems, a local, unprivileged
user could use this flaw to escalate their privileges. (CVE-2010-3081,
Important)

Red Hat would like to thank Ben Hawkes for reporting this issue.

Red Hat is aware that a public exploit for this issue is available. Refer
to Knowledgebase article DOC-40265 for further details:
https://access.redhat.com/kb/docs/DOC-40265

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux EUS (v. 5.3.z server)

SRPMS:
kernel-2.6.18-128.23.2.el5.src.rpm
File outdated by:  RHBA-2012:1356
    MD5: e364a1b34af4e447a9ab9d1169eaf649
SHA-256: 04e491c8098b551ec94b1876c93abdffa7cd20430afef8e6e2a22c6f6d2c052b
 
IA-32:
kernel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: 0553e641f3b2ffbb5699c9f0ac9dbee2
SHA-256: 53db5fa0b774bb396b93b00fded493f176c1328b5df08d20d9d843d10c69f3ad
kernel-PAE-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: 282354c02f87727072ed0541be132f24
SHA-256: 6fd229f7ce0ec92c67818da67e3e6ea2093a8bdc28f8f4df038a0a94a701cb46
kernel-PAE-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: d302b9d8056ace06ad24485753d6f406
SHA-256: 51994fd6ef18d67633a18729bfe60640b15969b020ae5778e2e080bc93a3f39a
kernel-debug-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: b596283eb7257dd0e603c93dbd28974c
SHA-256: 34872dafbb5056f7426a27e2433a0bf378274c6b25470b74dc587014c63573e6
kernel-debug-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: 5981c070376dc264cdb1ab8c82b47dce
SHA-256: 470e682b65f4056b58a5257b63041771709c7cdac760d6f2719ff70a4810a412
kernel-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: e32c544c0db4079c92457e6c68e25936
SHA-256: cb7ab0efc9e657788c667267338872297687db333f35ff77ed7012fa348a97bb
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2010:0996
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.i386.rpm
File outdated by:  RHBA-2010:0996
    MD5: 6f4f835ede260340c4fbbae26235ce35
SHA-256: 27847baa2e48c3daed0d647b253e26ae5ae306cea8168cd51f0f6fca0a3c9d52
kernel-xen-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: 7dcebfe229dbaad8506a828d2143f817
SHA-256: 89320d424fd7b33efaac69c84690d49b11a115d87f10ffc62ae73aa6b1fd75ad
kernel-xen-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2010:0996
    MD5: b9bf34575db80f2aa4fd937ba8ef1091
SHA-256: 0e53687e164763287f20a7c71be2de9aa51302535a55c6733f3c3e8048691834
 
IA-64:
kernel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 67490eccb9b2a52e745bc73620764d28
SHA-256: 39149fd2b2287579587de1ff15a549d7c2b3ac87efc986fe9ccb2ea1718bf748
kernel-debug-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 02a3baf4d4ac0a91fd2b0602474f953c
SHA-256: 44a7e2c7f3a49f5cadff166534298ae47ca830078a9a42ad47ac0d6ebc9aeee9
kernel-debug-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 7dd4133d2d8b1ee3e251e336e28559b9
SHA-256: 889efc3a5b1b6812d2b6fea6ee2bc7b5dcb446e0903d077121633ba63e71657c
kernel-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 4f8b33e1aec7fa47e1620e932d6fb705
SHA-256: b3438a5c9b426d4a4684a86d64fc6d951285914804b2934fed57e73c2ff5c78a
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2010:0996
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: ee2810793951c603ca5431562a7452cd
SHA-256: 293e3455f3a3624d736ed3e3ad8a3b98e869b128e44bd63bf4d0caaac90eadbc
kernel-xen-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: b53645fc225557ff6ac6d24321a54347
SHA-256: 8ee66f3153c220e917335a40d966ccab1d57bb2e8bd69c1329a40982795dd9d2
kernel-xen-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2010:0996
    MD5: d5fce55a47a986f652f2a504229833d4
SHA-256: 6a13c956964974ae86a2750b79e8cf26c7699db74360e6cd438e69e48df65b50
 
PPC:
kernel-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 6ad2c1384a52b6775babb3a20b4252e8
SHA-256: b88dd1b66be962caadb3c7cc5a3786eeb52f8c2b17f7789d30359b52a4bdd9b7
kernel-debug-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: fd444a43604e3582fbed607cfe748830
SHA-256: 8709905b62b7cc16cb01c90f3ca844a207b3b4538fab4b74308c79ebad4fcaa6
kernel-debug-devel-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: ea0d81f2ec338f7646085810ee44444e
SHA-256: cb2f066c67ea3107e4c7283957a5091e0058130bb3f892e6f918c2443d1cba95
kernel-devel-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 8e6fbfcf837b53694d30bc41f31f25cc
SHA-256: 4c2211f5228704b70d86e71b2bd38cc4d54c095cdda20390af191f9374fb578f
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2010:0996
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.ppc.rpm
File outdated by:  RHBA-2010:0996
    MD5: 28c81d5941b3305a720176757dcc501b
SHA-256: 84ca1846ed7a93dc42be173d04531b86536cc6f3201c87b7f923594cfc80694d
kernel-headers-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 7c331955c19b59043b28c7061f7c876e
SHA-256: ca9d66842e3d4c44c24a6300db6046bd8e05fb3815794686a96366db79ce0da8
kernel-kdump-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: e1a9d7d523f245c88cb5bcc7d6cac5cf
SHA-256: a4ceeb9a2ca38cbacc8c62ffb14fea77e13940d0230df027df6684925c4e113b
kernel-kdump-devel-2.6.18-128.23.2.el5.ppc64.rpm
File outdated by:  RHBA-2010:0996
    MD5: bdaaf60d8dc27dfd9362495564ee33b7
SHA-256: 86e3fca0011adbe31fcb3c2e793a73e49ce59cfa44618e1ea436d8c632b4f9c4
 
s390x:
kernel-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: 9a863d9c2beb1fd8964516ec538adfce
SHA-256: 812f152ca1a57a1f596130715b27002c6d9d825c2e167ae646b787bd5da8141b
kernel-debug-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: 51030bbe279943e371f49fd9e11d6171
SHA-256: 402b45436d0537a429179cec6bc32f722175f01fd1f7c38722a606fb7050642e
kernel-debug-devel-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: dcbae9dc0c6cfe5f01ebea50df04c6a4
SHA-256: ed77f01776291040bee04d1c8d962f3313e6a2e2abbd5c5ddc85a86c79abb568
kernel-devel-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: f63a229cc76e7a1f928d667bf37c974b
SHA-256: 7012af4361f6049ea03d42335f67115549a947e6a77c47df4457b3b54053b38e
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2010:0996
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: a3ff256f776c8753c2fc63c993e356c1
SHA-256: 9174051af34361ead515d4d19660c9303e8fc674b1c3db7efe67a0bdc839b73b
kernel-kdump-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: f0993eca76fabb983b8f27243a58a70c
SHA-256: 33e5078b696c03202b4c253c32c34a6c2f03be9d72975d4781085c471efd1592
kernel-kdump-devel-2.6.18-128.23.2.el5.s390x.rpm
File outdated by:  RHBA-2010:0996
    MD5: 3845e7475753e605bf0d3c38f1fd9fd0
SHA-256: 5d4ad60c2170d9911e0cd2575dc1990f78076187d87bc6858ee75be2feda1c44
 
x86_64:
kernel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 763e2985555581f8282d33cc479ba9e7
SHA-256: 00ff268edf54f92633de4078baf730f313a618d513c36f916f841de15e54df33
kernel-debug-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: ddaf7cb276f43ef02ef02fdf323f2b9f
SHA-256: 4d23c655bf0ed12ee2e6be92ee2d3a4b259e3159391d91b1f5a25b00b06fbbf4
kernel-debug-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: f0cc12334f2f85f46d1fb38fbf0d05d4
SHA-256: 5c02784abfca51bc4ac4b27ddebd30390ad37d5e7304e75f0c332eca001caabb
kernel-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: fdfc3209b79db6e27dd4fee141139fdd
SHA-256: 8a9986b718a6b728a014c861afee5c4ccc88bd28b40eeeb5f43168576e8648d8
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2010:0996
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 1137ef4cc0fc4d4ebc7dc07d3a5c5276
SHA-256: fd6a2946317e4ca57a2bd84b324751b3d79e2eaf79688cfa4dae4a46cbe577a0
kernel-xen-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 7f8862a002ec57ced602ff70469141ab
SHA-256: 0e55da982d641963474fc88245370014e10dfaf5a5d89ae156097c4c4dd8125f
kernel-xen-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2010:0996
    MD5: 52a086178f4770104ccae58958f71fee
SHA-256: 38f385c572ae8c5552459c5a6bec18b86ba72d94a91fe6e399426eb9ea5c0298
 
Red Hat Enterprise Linux Long Life (v. 5.3 server)

SRPMS:
kernel-2.6.18-128.23.2.el5.src.rpm
File outdated by:  RHBA-2012:1356
    MD5: e364a1b34af4e447a9ab9d1169eaf649
SHA-256: 04e491c8098b551ec94b1876c93abdffa7cd20430afef8e6e2a22c6f6d2c052b
 
IA-32:
kernel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: 0553e641f3b2ffbb5699c9f0ac9dbee2
SHA-256: 53db5fa0b774bb396b93b00fded493f176c1328b5df08d20d9d843d10c69f3ad
kernel-PAE-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: 282354c02f87727072ed0541be132f24
SHA-256: 6fd229f7ce0ec92c67818da67e3e6ea2093a8bdc28f8f4df038a0a94a701cb46
kernel-PAE-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: d302b9d8056ace06ad24485753d6f406
SHA-256: 51994fd6ef18d67633a18729bfe60640b15969b020ae5778e2e080bc93a3f39a
kernel-debug-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: b596283eb7257dd0e603c93dbd28974c
SHA-256: 34872dafbb5056f7426a27e2433a0bf378274c6b25470b74dc587014c63573e6
kernel-debug-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: 5981c070376dc264cdb1ab8c82b47dce
SHA-256: 470e682b65f4056b58a5257b63041771709c7cdac760d6f2719ff70a4810a412
kernel-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: e32c544c0db4079c92457e6c68e25936
SHA-256: cb7ab0efc9e657788c667267338872297687db333f35ff77ed7012fa348a97bb
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2012:1356
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.i386.rpm
File outdated by:  RHBA-2012:1356
    MD5: 6f4f835ede260340c4fbbae26235ce35
SHA-256: 27847baa2e48c3daed0d647b253e26ae5ae306cea8168cd51f0f6fca0a3c9d52
kernel-xen-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: 7dcebfe229dbaad8506a828d2143f817
SHA-256: 89320d424fd7b33efaac69c84690d49b11a115d87f10ffc62ae73aa6b1fd75ad
kernel-xen-devel-2.6.18-128.23.2.el5.i686.rpm
File outdated by:  RHBA-2012:1356
    MD5: b9bf34575db80f2aa4fd937ba8ef1091
SHA-256: 0e53687e164763287f20a7c71be2de9aa51302535a55c6733f3c3e8048691834
 
IA-64:
kernel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 67490eccb9b2a52e745bc73620764d28
SHA-256: 39149fd2b2287579587de1ff15a549d7c2b3ac87efc986fe9ccb2ea1718bf748
kernel-debug-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 02a3baf4d4ac0a91fd2b0602474f953c
SHA-256: 44a7e2c7f3a49f5cadff166534298ae47ca830078a9a42ad47ac0d6ebc9aeee9
kernel-debug-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 7dd4133d2d8b1ee3e251e336e28559b9
SHA-256: 889efc3a5b1b6812d2b6fea6ee2bc7b5dcb446e0903d077121633ba63e71657c
kernel-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 4f8b33e1aec7fa47e1620e932d6fb705
SHA-256: b3438a5c9b426d4a4684a86d64fc6d951285914804b2934fed57e73c2ff5c78a
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2012:1356
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: ee2810793951c603ca5431562a7452cd
SHA-256: 293e3455f3a3624d736ed3e3ad8a3b98e869b128e44bd63bf4d0caaac90eadbc
kernel-xen-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: b53645fc225557ff6ac6d24321a54347
SHA-256: 8ee66f3153c220e917335a40d966ccab1d57bb2e8bd69c1329a40982795dd9d2
kernel-xen-devel-2.6.18-128.23.2.el5.ia64.rpm
File outdated by:  RHBA-2012:1356
    MD5: d5fce55a47a986f652f2a504229833d4
SHA-256: 6a13c956964974ae86a2750b79e8cf26c7699db74360e6cd438e69e48df65b50
 
x86_64:
kernel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 763e2985555581f8282d33cc479ba9e7
SHA-256: 00ff268edf54f92633de4078baf730f313a618d513c36f916f841de15e54df33
kernel-debug-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: ddaf7cb276f43ef02ef02fdf323f2b9f
SHA-256: 4d23c655bf0ed12ee2e6be92ee2d3a4b259e3159391d91b1f5a25b00b06fbbf4
kernel-debug-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: f0cc12334f2f85f46d1fb38fbf0d05d4
SHA-256: 5c02784abfca51bc4ac4b27ddebd30390ad37d5e7304e75f0c332eca001caabb
kernel-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: fdfc3209b79db6e27dd4fee141139fdd
SHA-256: 8a9986b718a6b728a014c861afee5c4ccc88bd28b40eeeb5f43168576e8648d8
kernel-doc-2.6.18-128.23.2.el5.noarch.rpm
File outdated by:  RHBA-2012:1356
    MD5: b1dc19ef70f0b7dac01d86d1c54c1a83
SHA-256: dd76a38ba4cbb6158aab780c5c0a53fc1934e609d2e892a783193b2749a690cc
kernel-headers-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 1137ef4cc0fc4d4ebc7dc07d3a5c5276
SHA-256: fd6a2946317e4ca57a2bd84b324751b3d79e2eaf79688cfa4dae4a46cbe577a0
kernel-xen-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 7f8862a002ec57ced602ff70469141ab
SHA-256: 0e55da982d641963474fc88245370014e10dfaf5a5d89ae156097c4c4dd8125f
kernel-xen-devel-2.6.18-128.23.2.el5.x86_64.rpm
File outdated by:  RHBA-2012:1356
    MD5: 52a086178f4770104ccae58958f71fee
SHA-256: 38f385c572ae8c5552459c5a6bec18b86ba72d94a91fe6e399426eb9ea5c0298
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

634457 - CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/