Skip to navigation

Security Advisory Important: kernel security, bug fix, and enhancement update

Advisory: RHSA-2011:1479-1
Type: Security Advisory
Severity: Important
Issued on: 2011-11-29
Last updated on: 2011-11-29
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2011-1162
CVE-2011-1898
CVE-2011-2203
CVE-2011-2494
CVE-2011-3363
CVE-2011-4110

Details

Updated kernel packages that fix multiple security issues, several bugs,
and add one enhancement are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Using PCI passthrough without interrupt remapping support allowed Xen
hypervisor guests to generate MSI interrupts and thus potentially inject
traps. A privileged guest user could use this flaw to crash the host or
possibly escalate their privileges on the host. The fix for this issue can
prevent PCI passthrough working and guests starting. Refer to Red Hat
Bugzilla bug 715555 for details. (CVE-2011-1898, Important)

* A flaw was found in the way CIFS (Common Internet File System) shares
with DFS referrals at their root were handled. An attacker on the local
network who is able to deploy a malicious CIFS server could create a CIFS
network share that, when mounted, would cause the client system to crash.
(CVE-2011-3363, Moderate)

* A NULL pointer dereference flaw was found in the way the Linux kernel's
key management facility handled user-defined key types. A local,
unprivileged user could use the keyctl utility to cause a denial of
service. (CVE-2011-4110, Moderate)

* A flaw in the way memory containing security-related data was handled in
tpm_read() could allow a local, unprivileged user to read the results of a
previously run TPM command. (CVE-2011-1162, Low)

* A NULL pointer dereference flaw was found in the Linux kernel's HFS file
system implementation. A local attacker could use this flaw to cause a
denial of service by mounting a disk that contains a specially-crafted HFS
file system with a corrupted MDB extent record. (CVE-2011-2203, Low)

* The I/O statistics from the taskstats subsystem could be read without
any restrictions. A local, unprivileged user could use this flaw to gather
confidential information, such as the length of a password used in a
process. (CVE-2011-2494, Low)

Red Hat would like to thank Yogesh Sharma for reporting CVE-2011-3363;
Peter Huewe for reporting CVE-2011-1162; Clement Lecigne for reporting
CVE-2011-2203; and Vasiliy Kulikov of Openwall for reporting CVE-2011-2494.

This update also fixes several bugs and adds one enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
kernel-2.6.18-274.12.1.el5.src.rpm
File outdated by:  RHSA-2014:0285
    MD5: f7d18fc56129cc60de307ceeaeb5f6e6
SHA-256: c74476588a75e77f044c576a4d0c790e19bfbba3f3eca2534b850aced0046d77
 
IA-32:
kernel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1effda5f8ededf039f0381801407efe1
SHA-256: 1857116f8a7752cbfc0dda396eb987992c1ecda180d7b66b7621f3609bf983d1
kernel-PAE-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8d944450ae2134ef248d46e60155c6d4
SHA-256: 32332b283d87cbf9ba1f6756d3757ed1b8a025eead2634f7340987c0edad8dee
kernel-PAE-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: b09b81f90e9a95e5b73c0ecf1171d76a
SHA-256: 7a5d50519685396fc394b52cba3e179034047ccd9dfabd9022584ea65fe4aa51
kernel-debug-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: d88b6f54187c62d3d9d47d2edbf1c811
SHA-256: e4ea8c58cdad3927a223958a6d71b66e4426fe561164a1b0906dfdcc4f1505ec
kernel-debug-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2ac12fb692a7c85dd6678253d0b08006
SHA-256: b2c983757e94220436ab576a9ed653ac9a5f13d82d4614629691f3ddb2869e41
kernel-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: c1886684efcd487cd4038b13e548b5fe
SHA-256: b94c5fa51ee62b8dbb9723cb258b53594ae12b3f308f742e82c0d8604d3aeee3
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: fc8d0cb1970b699b2951e414251493f1
SHA-256: 9f7b399bed8ea021fc14288291bc68d806269fb6d75f7b6a4bbd2e9b3039bf57
kernel-xen-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8768ba0dff2ef91f00d4341f40566590
SHA-256: 9826e452182bff03b436a7d8011d465e8eeab3f23504daa84065b70d588bb529
kernel-xen-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 96d1912c9d23022b7fde689df6f252bc
SHA-256: 71100d5d12a08943f5e6352b5468b908decf3f6fc8453e757b828215b723fa34
 
IA-64:
kernel-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8e9f19b2c9f6e37fa39439b96e3c7f25
SHA-256: f9e4f7fc15e0bbe329c6d9b979b7a7bd9abf82a1e6cef792fefa27687c1b36fa
kernel-debug-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 0caebf9cfc23a26c9fc11d19d10798b1
SHA-256: 52ebd90d054f600952e5d036bae39e3c3cef95ac61e36c3ce41f8c870c58ba3c
kernel-debug-devel-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: c49dfc07eed1accf6109e99632507a5a
SHA-256: 5634b5321153b5407d31300639133c4f4dd256e01249c504a73d055c3d700940
kernel-devel-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: e0c07b221f9042bb76b72e1dcc1682f5
SHA-256: f5dc43d4cb1dea5934614cd6e5e386193b2ad204ed2f295f5633a591cacdd348
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f77f83492532e3d4f646af60ce617aea
SHA-256: 865a80540030ec5c9f113c73f50538d4d862654ddc961d37c958f6636882adda
kernel-xen-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cd3781551f6a3d2e7248ed0f8d8ed5b9
SHA-256: f1d29f7b82f5ab1c9d2188f22ac415ef1ef666944a3ebe05e9db85b5961d8a9b
kernel-xen-devel-2.6.18-274.12.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 02350a3de37b4c82f59cf26acb5a8f47
SHA-256: f63c3baa149c5a133c0f59cad1c0c6bcbecc6ffdd87e60019632768741748821
 
PPC:
kernel-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 103927c2d8cfd0750f5f240534f8510a
SHA-256: 5001cc53548512a56533a2f5bf5e67f41be4beb6dab0bd78445ffeb131cfea02
kernel-debug-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a7e82deaa0e4078f30901e7ec02947f6
SHA-256: b61cfbe1aaf736375a812ccaa0d130a06199bfb1121672ef6e303146c5d5d244
kernel-debug-devel-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: df6179a4f6301a953d4e7c469e6eb71f
SHA-256: 59a5e2bc67278dd3b20872dd203226125f6305a5e7fe6589ead1db65625b8ba9
kernel-devel-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: b1e36a67c8bc5cbef6c8c0cb30e1fd47
SHA-256: b8a113a7ba228f274e3a2509ecc66ac8f90346f37da4ac843d1d61e42c1bbab8
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.ppc.rpm
File outdated by:  RHSA-2014:0285
    MD5: 695569766e8d1e718b26f1516607daf4
SHA-256: ad24fcdaba1990f6c48c25fba1276f953ab192502c75f691f838e6ce8e0644c8
kernel-headers-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 42dba1aac2e903e4630a945720d97b5f
SHA-256: 19bfdbb650e137466824fe3c0f60c7f18de017580ec2d8b33b19c88ab8b752be
kernel-kdump-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 96cbaaa97abac917cdf45cc38b214126
SHA-256: f1d8d17498c68cbe791a0bfd229c1b91d8cb06fd9ca8a712191fda1e49ab8b77
kernel-kdump-devel-2.6.18-274.12.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 35fb28d32073755e7e07807c8288da86
SHA-256: 9b9aab87ece60450a44d224f38f989990d31b09d1633e4628e89ed967e20d07f
 
s390x:
kernel-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 609462a62d4b2f0733bd68bce9019952
SHA-256: cbece33db9ff390272c5e7743471cd1b776a938182f095f2edf696638f8d3802
kernel-debug-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 73f1f0046b91ddd2b157ccd8b59f70ec
SHA-256: 1d5f6c613d186eccd29c63490f2d643f9275586b2b29e4044d60ebcc41afebee
kernel-debug-devel-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 37549a0df9e024e268785ec201e2c703
SHA-256: 1f0c5c1f7233ae7235df504cbb621f9aacf1663607e47ddef785ab02b0cb7ea1
kernel-devel-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: cd8b76a9cfee2b45777b4d9dfa3060ea
SHA-256: ac94f3825baaa584f4bbc675d67851900134b16b347babfed29ed4a201a96b70
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 6ca1b55228df64b9bb42329ab30d3120
SHA-256: b0f4463746e8d3f0df45f5a93419cb5d16ee92dc3caff11f81ef10865cb9fb78
kernel-kdump-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 296faf5fb1f70dfa10c2354f2ccda6ab
SHA-256: 9624c53436bf2d972391478a90312624814f04a474d17d3dc967c901f72fd370
kernel-kdump-devel-2.6.18-274.12.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 9a61400fe26ba3293fc94462001eb8f8
SHA-256: 3ddc0020719a266e817f3356eae9484db18d44e534e238f5f3011f78df27890c
 
x86_64:
kernel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 35e6a1997c78eace3aa3c85874ada604
SHA-256: f85036cf4e3284c5f9da1ff33ccf924be7b09c70e732b9d60e086b7d5570e378
kernel-debug-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2de2ec1a0749f8319a821b4b40b59e60
SHA-256: e873cf36d8548e3acc3991e93b699862e08bad75c07e5bb2d7bb80c9e337ecb5
kernel-debug-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cb22401820a7d7defeea1788f1e06031
SHA-256: 3f5eefc54cecf161e8d3e774fd816c9467bae5e56b6aea008c176feb22c6cde0
kernel-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4e11172c8fef5dc5af855fb9360ddf63
SHA-256: e848c71491c06dd9c5c53482a5d29bbe4ab5cdfc317e7a117b35ca03d0efce09
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: bf277dc2ef47f6301eb17e0819f630f4
SHA-256: d4320af50cec07bb0de5c4c78d5df3fc46179862d4b8aa120072ee9108d93e8e
kernel-xen-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 04b56a91deae159342090be8f53d38b1
SHA-256: f70a1fde960b146eda5eed6491085ad57018bdaa3f75315cd986eee890681108
kernel-xen-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8a7b4ff00d276672ec07dd0c9c86d457
SHA-256: ca23569bd2ce86e8017862f1ae1b4b7d179d7595ab3b1eb08b10ab997bcb1978
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
kernel-2.6.18-274.12.1.el5.src.rpm
File outdated by:  RHSA-2014:0285
    MD5: f7d18fc56129cc60de307ceeaeb5f6e6
SHA-256: c74476588a75e77f044c576a4d0c790e19bfbba3f3eca2534b850aced0046d77
 
IA-32:
kernel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1effda5f8ededf039f0381801407efe1
SHA-256: 1857116f8a7752cbfc0dda396eb987992c1ecda180d7b66b7621f3609bf983d1
kernel-PAE-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8d944450ae2134ef248d46e60155c6d4
SHA-256: 32332b283d87cbf9ba1f6756d3757ed1b8a025eead2634f7340987c0edad8dee
kernel-PAE-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: b09b81f90e9a95e5b73c0ecf1171d76a
SHA-256: 7a5d50519685396fc394b52cba3e179034047ccd9dfabd9022584ea65fe4aa51
kernel-debug-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: d88b6f54187c62d3d9d47d2edbf1c811
SHA-256: e4ea8c58cdad3927a223958a6d71b66e4426fe561164a1b0906dfdcc4f1505ec
kernel-debug-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2ac12fb692a7c85dd6678253d0b08006
SHA-256: b2c983757e94220436ab576a9ed653ac9a5f13d82d4614629691f3ddb2869e41
kernel-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: c1886684efcd487cd4038b13e548b5fe
SHA-256: b94c5fa51ee62b8dbb9723cb258b53594ae12b3f308f742e82c0d8604d3aeee3
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: fc8d0cb1970b699b2951e414251493f1
SHA-256: 9f7b399bed8ea021fc14288291bc68d806269fb6d75f7b6a4bbd2e9b3039bf57
kernel-xen-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8768ba0dff2ef91f00d4341f40566590
SHA-256: 9826e452182bff03b436a7d8011d465e8eeab3f23504daa84065b70d588bb529
kernel-xen-devel-2.6.18-274.12.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 96d1912c9d23022b7fde689df6f252bc
SHA-256: 71100d5d12a08943f5e6352b5468b908decf3f6fc8453e757b828215b723fa34
 
x86_64:
kernel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 35e6a1997c78eace3aa3c85874ada604
SHA-256: f85036cf4e3284c5f9da1ff33ccf924be7b09c70e732b9d60e086b7d5570e378
kernel-debug-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 2de2ec1a0749f8319a821b4b40b59e60
SHA-256: e873cf36d8548e3acc3991e93b699862e08bad75c07e5bb2d7bb80c9e337ecb5
kernel-debug-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cb22401820a7d7defeea1788f1e06031
SHA-256: 3f5eefc54cecf161e8d3e774fd816c9467bae5e56b6aea008c176feb22c6cde0
kernel-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4e11172c8fef5dc5af855fb9360ddf63
SHA-256: e848c71491c06dd9c5c53482a5d29bbe4ab5cdfc317e7a117b35ca03d0efce09
kernel-doc-2.6.18-274.12.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 087dc8f3e31693e37fea723fe352d7fc
SHA-256: 06df2962f0972dfe35fd1e33b7925d784c253f30d1b40d2aeba81384f79f09a2
kernel-headers-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: bf277dc2ef47f6301eb17e0819f630f4
SHA-256: d4320af50cec07bb0de5c4c78d5df3fc46179862d4b8aa120072ee9108d93e8e
kernel-xen-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 04b56a91deae159342090be8f53d38b1
SHA-256: f70a1fde960b146eda5eed6491085ad57018bdaa3f75315cd986eee890681108
kernel-xen-devel-2.6.18-274.12.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8a7b4ff00d276672ec07dd0c9c86d457
SHA-256: ca23569bd2ce86e8017862f1ae1b4b7d179d7595ab3b1eb08b10ab997bcb1978
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

712774 - CVE-2011-2203 kernel: hfs_find_init() sb->ext_tree NULL pointer dereference
715555 - CVE-2011-1898 virt: VT-d (PCI passthrough) MSI trap injection
716842 - CVE-2011-2494 kernel: taskstats io infoleak
732629 - CVE-2011-1162 kernel: tpm: infoleak
738291 - CVE-2011-3363 kernel: cifs: always do is_path_accessible check in cifs_mount
741273 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time [rhel-5.7.z]
745726 - Host crash when pass-through fails [rhel-5.7.z]
751297 - CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/