Skip to navigation

Security Advisory Important: kernel security, bug fix, and enhancement update

Advisory: RHSA-2011:1386-1
Type: Security Advisory
Severity: Important
Issued on: 2011-10-20
Last updated on: 2011-10-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2009-4067
CVE-2011-1160
CVE-2011-1585
CVE-2011-1833
CVE-2011-2484
CVE-2011-2496
CVE-2011-2695
CVE-2011-2699
CVE-2011-2723
CVE-2011-2942
CVE-2011-3131
CVE-2011-3188
CVE-2011-3191
CVE-2011-3209
CVE-2011-3347

Details

Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security fixes:

* The maximum file offset handling for ext4 file systems could allow a
local, unprivileged user to cause a denial of service. (CVE-2011-2695,
Important)

* IPv6 fragment identification value generation could allow a remote
attacker to disrupt a target system's networking, preventing legitimate
users from accessing its services. (CVE-2011-2699, Important)

* A malicious CIFS (Common Internet File System) server could send a
specially-crafted response to a directory read request that would result in
a denial of service or privilege escalation on a system that has a CIFS
share mounted. (CVE-2011-3191, Important)

* A local attacker could use mount.ecryptfs_private to mount (and then
access) a directory they would otherwise not have access to. Note: To
correct this issue, the RHSA-2011:1241 ecryptfs-utils update must also be
installed. (CVE-2011-1833, Moderate)

* A flaw in the taskstats subsystem could allow a local, unprivileged user
to cause excessive CPU time and memory use. (CVE-2011-2484, Moderate)

* Mapping expansion handling could allow a local, unprivileged user to
cause a denial of service. (CVE-2011-2496, Moderate)

* GRO (Generic Receive Offload) fields could be left in an inconsistent
state. An attacker on the local network could use this flaw to cause a
denial of service. GRO is enabled by default in all network drivers that
support it. (CVE-2011-2723, Moderate)

* RHSA-2011:1065 introduced a regression in the Ethernet bridge
implementation. If a system had an interface in a bridge, and an attacker
on the local network could send packets to that interface, they could cause
a denial of service on that system. Xen hypervisor and KVM (Kernel-based
Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942,
Moderate)

* A flaw in the Xen hypervisor IOMMU error handling implementation could
allow a privileged guest user, within a guest operating system that has
direct control of a PCI device, to cause performance degradation on the
host and possibly cause it to hang. (CVE-2011-3131, Moderate)

* IPv4 and IPv6 protocol sequence number and fragment ID generation could
allow a man-in-the-middle attacker to inject packets and possibly hijack
connections. Protocol sequence number and fragment IDs are now more random.
(CVE-2011-3188, Moderate)

* A flaw in the kernel's clock implementation could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-3209, Moderate)

* Non-member VLAN (virtual LAN) packet handling for interfaces in
promiscuous mode and also using the be2net driver could allow an attacker
on the local network to cause a denial of service. (CVE-2011-3347,
Moderate)

* A flaw in the auerswald USB driver could allow a local, unprivileged user
to cause a denial of service or escalate their privileges by inserting a
specially-crafted USB device. (CVE-2009-4067, Low)

* A flaw in the Trusted Platform Module (TPM) implementation could allow a
local, unprivileged user to leak information to user space. (CVE-2011-1160,
Low)

* A local, unprivileged user could possibly mount a CIFS share that
requires authentication without knowing the correct password if the mount
was already mounted by another local user. (CVE-2011-1585, Low)

Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699;
Darren Lavender for reporting CVE-2011-3191; the Ubuntu Security Team for
reporting CVE-2011-1833; Vasiliy Kulikov of Openwall for reporting
CVE-2011-2484; Robert Swiecki for reporting CVE-2011-2496; Brent Meshier
for reporting CVE-2011-2723; Dan Kaminsky for reporting CVE-2011-3188;
Yasuaki Ishimatsu for reporting CVE-2011-3209; Somnath Kotur for reporting
CVE-2011-3347; Rafael Dominguez Vega for reporting CVE-2009-4067; and Peter
Huewe for reporting CVE-2011-1160. The Ubuntu Security Team acknowledges
Vasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of
CVE-2011-1833.


Solution

This update also fixes several bugs and adds one enhancement.
Documentation for these changes will be available shortly from the
Technical Notes document linked to in the References section.

Users should upgrade to these updated packages, which contain
backported patches to correct these issues, and fix the bugs and add
the enhancement noted in the Technical Notes. The system must be
rebooted for this update to take effect.

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
kernel-2.6.18-274.7.1.el5.src.rpm
File outdated by:  RHSA-2014:0285
    MD5: f8134495f61d956789c4af81c56b0482
SHA-256: 470163d196129a77aa08fd26584998d7e6acb48fdc8b2bd124f4ce244f5e332a
 
IA-32:
kernel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e0567733cc5285832df1b89574fd0ea8
SHA-256: 9ca89c8550188daf2c14d729b3ba9d575c04f9eed3a06a99754aef440d1c1d9d
kernel-PAE-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: b1f860d23fbdb2adb9f1a40a25eb593b
SHA-256: d917c232c6815b6f6e7aefacb07a1761f8fd332392802b62d6a687f2d344d72b
kernel-PAE-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 57f45069f5f7c888cc28e41c148aa520
SHA-256: ba59dad5e5d50e522a1c05bb06bca110cd855f6235a64f7e6bb19a33d4014790
kernel-debug-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 98a8c169b7d48902f9c4d2433768965c
SHA-256: 6735276d6348d94cad3b90f736d0c6306a053b692482d5649369b305aed33672
kernel-debug-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: bdc8291d0d7248964061b6b0c5eb9e6d
SHA-256: 1867b0a8401a43c0e5aeb933ccb3478160868dd32805adfd02fd05c46bc33088
kernel-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1e06d0f7ebc29eaf7c6125d9e6e8bc1d
SHA-256: 356805f1368ab609ea248afd5aa96069f8fb68f59efdecc495f7f538fd87bc79
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: cb60c6c6a899b992646ebe610f89eea1
SHA-256: 21c5986d84fed5eda9a702c55705f35decd85988c9ff159ff482c25484118558
kernel-xen-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4658760122cfcd8f088f57cd50e9236e
SHA-256: c5cb4bb35b0972447701bca7bff4075188f7946df97c9e3b314098e79dc5dc08
kernel-xen-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7bdaeab4e14495d281b1715bb3b4f1e0
SHA-256: 51e1b03e55cffd8e292b9c63063981c51dd82615e0b1cb51950d20b7b9e582f7
 
IA-64:
kernel-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f189e47622168f6038ff17aac64c7580
SHA-256: 19b556d8974e2a2e26ee6a70fa19a45f22f618e994649f8c996ddbae6d5cc60c
kernel-debug-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: afa45e478326779f5e7a6af294438ed1
SHA-256: faba358f4aea9c41ff380dc88a44a005927980dceeb3d940fdb1fac1f5147760
kernel-debug-devel-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a92b669c94bb5e9d4dfa97302e3e62d1
SHA-256: 4f310ddb97d2e5ac10e1f0063aa49ece1dd8ca45dc8d27b91dbf0cfc02c68228
kernel-devel-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: d5b479680fe37ff260d55849ea288a3e
SHA-256: b32af30cac7b9952856130fe26193a6fcbbf90a308f623b3c5b483d2dfe62a0a
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f72a46d4165a3e3f2975f997ffd848d5
SHA-256: d3969ca5f7e7b31d992d5deeb45707c5020d8e67a51c4092cde0644d83f44343
kernel-xen-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: c5e0f149452812da3fba655bfb4e7a27
SHA-256: e93ac276eb03465cff561f78a7e4f921ae823e322fd0627a7e56d14773374cf5
kernel-xen-devel-2.6.18-274.7.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cbc77e3f4e4e357db08c1b460f1440e2
SHA-256: 2474fc1aea84cab0c3b2b7ec31ab20ba8b1df8de0b6df5f910aac24a1a65982d
 
PPC:
kernel-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: fec0feaddc372a92f78dddb26bf974fa
SHA-256: 5d8addf15ecff25975f423569fb135effdf65d9b6df7ab7155c920533fbfe763
kernel-debug-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: bfdb4819dc37619544193fcba96f74ce
SHA-256: 46cc6854c006cd6fa04a67bc13c392ab35504b0d7fe3fa21ec7673a8e1aebe6d
kernel-debug-devel-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 196bf7270723552ecf025279494d4e9c
SHA-256: 8e67b3d78a0f97ad4e09de30a70eaf904a92631f076ee4f9b4efd8266bb2f4d2
kernel-devel-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: e590dbbc5187d7eae89fa741e9a42ac7
SHA-256: 9174ef86e0925d9ae9f6356b5c50ee551b44e6a9a7c74c5432b84f37df970275
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.ppc.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c1f595d887f9f85878ff1820ee469a
SHA-256: e5e60a35fdae5589be7d7ab507ee2f57c891079c93080b5272b070f63936384f
kernel-headers-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5c82bc7d863050e304cbac00dcc1c388
SHA-256: bddf464b4ea0f347260625a1dd76c5e30d3f1a342ee6e89092a57c64fe903419
kernel-kdump-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 3d9731be86ab566863cf66e8b0ee6ddf
SHA-256: a52c370f8bd6bbcddf7a4718a4ffd9004e96fc165708a2cc4e2e262c15c7bc42
kernel-kdump-devel-2.6.18-274.7.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8668f900023756b6656fe4ce941d6d5d
SHA-256: ce0eab591d36d772805e4b46408d78a06961d76b671f8d543bbac4bf7a1bbc49
 
s390x:
kernel-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 37356f6268d25979345c5bf4fdb5c501
SHA-256: 55e2ee5ecadd1e4964a5607a16a1138162fbfe25f353052820020daaa3b4d533
kernel-debug-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4a0c87bc7ba034033bce133cfece27ce
SHA-256: 533d0ea9969e57997a337e9e6d0f88059689b0f02f43ef5b426559a46a10a882
kernel-debug-devel-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 626c9409325d3f714083617acd582d96
SHA-256: 58056ee59d634f0e2bec36965460da9eefaeb9302ae098362abc0f1d2a4c00de
kernel-devel-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: f83e2bc728c64f801ea7b0d7285c469c
SHA-256: 5bfdc25832def3839bab460e83da0df4bc05d724e864aa3b0b46fe2a9816e37f
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: e987f47b36f4a095973ccd25c8c365b4
SHA-256: 0d4856f63e04f3f0fa44eaaabb4f62fd2c1667bbf5488379d1079e6fc8baa432
kernel-kdump-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: a0c9a30b6500760598cb14471b3d0109
SHA-256: 9653ab1d7c4a2d5fa3991bcbf25e5b32098783dbe98e4fea5a7016dafe0132ac
kernel-kdump-devel-2.6.18-274.7.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 3e25b56262d91e43c2d2af1a511846e7
SHA-256: 33e3ba6add32ac1158fda758bc126f8f6ff6def0f4caf8be3920611c4bc5f4e9
 
x86_64:
kernel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: acb6f1482937222ef18efa6cd1fbcec5
SHA-256: 4feb5b876b4fa895eb96654d5013a930d90f1c01b873094d383e43f06cfae320
kernel-debug-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f29c729690db1ab7a62417e1e5e40c2f
SHA-256: 47c522b5ecc0fccae5c96523d86a0ea7f75bc1356e8136471d73a6a9ca225076
kernel-debug-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 9a153ddfc460222a6436d49e87a79252
SHA-256: 245e08e4c5937475f020360bf0b8b58e8324d71515785d1f5cbeb031de53b742
kernel-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2d1b7f4abda8fe8ac9b4f5ce11126bc5
SHA-256: 971aa88a05ed622c2b90d4699b579b69c7fe6ba3664596554140da1dbb5dd709
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 215381a6b452439b10e2af2e4cd0d934
SHA-256: 535abfc16dea382ac055d82d76367077613858f89db85903979e9090d9303a21
kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: ae2b809b49249860254a9df47a5f19d7
SHA-256: e81d008f727a54853ab7ce2d65eac13a8a4951a96993464e7a6bd56a4e02e143
kernel-xen-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: d6502bf3505dcb6ff03fc8765c72a73f
SHA-256: 4be5df0cce362513ba96cb9ee90a44e16b7de3c991804d628375aff3cc3efc45
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
kernel-2.6.18-274.7.1.el5.src.rpm
File outdated by:  RHSA-2014:0285
    MD5: f8134495f61d956789c4af81c56b0482
SHA-256: 470163d196129a77aa08fd26584998d7e6acb48fdc8b2bd124f4ce244f5e332a
 
IA-32:
kernel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: e0567733cc5285832df1b89574fd0ea8
SHA-256: 9ca89c8550188daf2c14d729b3ba9d575c04f9eed3a06a99754aef440d1c1d9d
kernel-PAE-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: b1f860d23fbdb2adb9f1a40a25eb593b
SHA-256: d917c232c6815b6f6e7aefacb07a1761f8fd332392802b62d6a687f2d344d72b
kernel-PAE-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 57f45069f5f7c888cc28e41c148aa520
SHA-256: ba59dad5e5d50e522a1c05bb06bca110cd855f6235a64f7e6bb19a33d4014790
kernel-debug-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 98a8c169b7d48902f9c4d2433768965c
SHA-256: 6735276d6348d94cad3b90f736d0c6306a053b692482d5649369b305aed33672
kernel-debug-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: bdc8291d0d7248964061b6b0c5eb9e6d
SHA-256: 1867b0a8401a43c0e5aeb933ccb3478160868dd32805adfd02fd05c46bc33088
kernel-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1e06d0f7ebc29eaf7c6125d9e6e8bc1d
SHA-256: 356805f1368ab609ea248afd5aa96069f8fb68f59efdecc495f7f538fd87bc79
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: cb60c6c6a899b992646ebe610f89eea1
SHA-256: 21c5986d84fed5eda9a702c55705f35decd85988c9ff159ff482c25484118558
kernel-xen-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4658760122cfcd8f088f57cd50e9236e
SHA-256: c5cb4bb35b0972447701bca7bff4075188f7946df97c9e3b314098e79dc5dc08
kernel-xen-devel-2.6.18-274.7.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 7bdaeab4e14495d281b1715bb3b4f1e0
SHA-256: 51e1b03e55cffd8e292b9c63063981c51dd82615e0b1cb51950d20b7b9e582f7
 
x86_64:
kernel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: acb6f1482937222ef18efa6cd1fbcec5
SHA-256: 4feb5b876b4fa895eb96654d5013a930d90f1c01b873094d383e43f06cfae320
kernel-debug-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f29c729690db1ab7a62417e1e5e40c2f
SHA-256: 47c522b5ecc0fccae5c96523d86a0ea7f75bc1356e8136471d73a6a9ca225076
kernel-debug-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 9a153ddfc460222a6436d49e87a79252
SHA-256: 245e08e4c5937475f020360bf0b8b58e8324d71515785d1f5cbeb031de53b742
kernel-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2d1b7f4abda8fe8ac9b4f5ce11126bc5
SHA-256: 971aa88a05ed622c2b90d4699b579b69c7fe6ba3664596554140da1dbb5dd709
kernel-doc-2.6.18-274.7.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5d3ce261642784ac11bd4e85ef41f3d8
SHA-256: b110dd4b66c8bfb66eb85132197055485f5f3d1a282d5586b68dd8aee0f5326b
kernel-headers-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 215381a6b452439b10e2af2e4cd0d934
SHA-256: 535abfc16dea382ac055d82d76367077613858f89db85903979e9090d9303a21
kernel-xen-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: ae2b809b49249860254a9df47a5f19d7
SHA-256: e81d008f727a54853ab7ce2d65eac13a8a4951a96993464e7a6bd56a4e02e143
kernel-xen-devel-2.6.18-274.7.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: d6502bf3505dcb6ff03fc8765c72a73f
SHA-256: 4be5df0cce362513ba96cb9ee90a44e16b7de3c991804d628375aff3cc3efc45
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

684671 - CVE-2011-1160 kernel: tpm infoleaks
697394 - CVE-2011-1585 kernel: cifs session reuse
715436 - CVE-2011-2484 kernel: taskstats: duplicate entries in listener mode can lead to DoS
716538 - CVE-2011-2496 kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
722393 - CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
722557 - CVE-2011-2695 kernel: ext4: kernel panic when writing data to the last block of sparse file
723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable
726552 - CVE-2011-2723 kernel: gro: only reset frag0 when skb can be pulled
728518 - win2003 i386 guest BSOD when created with e1000 nic [rhel-5.7.z]
730341 - CVE-2011-3131 kernel: xen: IOMMU fault livelock
730682 - [EL5.7] igb: failed to activate WOL on 2nd LAN port on i350 [rhel-5.7.z]
730686 - Huge performance regression in NFS client [rhel-5.7.z]
730917 - CVE-2011-2942 kernel: bridge: null pointer dereference in __br_deliver
731172 - CVE-2011-1833 kernel: ecryptfs: mount source TOCTOU race
732658 - CVE-2011-3188 kernel: net: improve sequence number generation
732869 - CVE-2011-3191 kernel: cifs: signedness issue in CIFSFindNext()
732878 - CVE-2011-3209 kernel: panic occurs when clock_gettime() is called
733665 - Incorrect values in /proc/sys/vm/dirty_writeback_centises and dirty_expire_centisecs [rhel-5.7.z]
736425 - CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS
738389 - Patch needed to allow MTU >1500 on vif prior to connecting to bridge [rhel-5.7.z]
738392 - netfront MTU drops to 1500 after domain migration [rhel-5.7.z]
739823 - 2.6.18-238.1.1.el5 or newer won't boot under Xen HVM due to linux-2.6-virt-nmi-don-t-print-nmi-stuck-messages-on-guests.patch [rhel-5.7.z]


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/