Skip to navigation

Security Advisory Important: kernel security and bug fix update

Advisory: RHSA-2012:0107-1
Type: Security Advisory
Severity: Important
Issued on: 2012-02-09
Last updated on: 2012-02-09
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2011-3638
CVE-2011-4086
CVE-2011-4127
CVE-2012-0028
CVE-2012-0207

Details

Updated kernel packages that fix multiple security issues and two bugs are
now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes
resulted in the requests being passed to the underlying block device. If a
privileged user only had access to a single partition or LVM volume, they
could use this flaw to bypass those restrictions and gain read and write
access (and be able to issue other SCSI commands) to the entire block
device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the
References, for further details about this issue. (CVE-2011-4127,
Important)

* A flaw was found in the way the Linux kernel handled robust list pointers
of user-space held futexes across exec() calls. A local, unprivileged user
could use this flaw to cause a denial of service or, eventually, escalate
their privileges. (CVE-2012-0028, Important)

* A flaw was found in the Linux kernel in the way splitting two extents in
ext4_ext_convert_to_initialized() worked. A local, unprivileged user with
the ability to mount and unmount ext4 file systems could use this flaw to
cause a denial of service. (CVE-2011-3638, Moderate)

* A flaw was found in the way the Linux kernel's journal_unmap_buffer()
function handled buffer head states. On systems that have an ext4 file
system with a journal mounted, a local, unprivileged user could use this
flaw to cause a denial of service. (CVE-2011-4086, Moderate)

* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()
function. An attacker able to send certain IGMP (Internet Group Management
Protocol) packets to a target system could use this flaw to cause a denial
of service. (CVE-2012-0207, Moderate)

Red Hat would like to thank Zheng Liu for reporting CVE-2011-3638, and
Simon McVittie for reporting CVE-2012-0207.

This update also fixes the following bugs:

* When a host was in recovery mode and a SCSI scan operation was initiated,
the scan operation failed and provided no error output. This bug has been
fixed and the SCSI layer now waits for recovery of the host to complete
scan operations for devices. (BZ#772162)

* SG_IO ioctls were not implemented correctly in the Red Hat Enterprise
Linux 5 virtio-blk driver. Sending an SG_IO ioctl request to a virtio-blk
disk caused the sending thread to enter an uninterruptible sleep state ("D"
state). With this update, SG_IO ioctls are rejected by the virtio-blk
driver: the ioctl system call will simply return an ENOTTY ("Inappropriate
ioctl for device") error and the thread will continue normally. (BZ#773322)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Updated packages

Red Hat Enterprise Linux (v. 5 server)

IA-32:
kernel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5480e4d16fce1a5206cd8753eee18a2a
SHA-256: e327eac2488e5a76336a101b7fb8c2b2b194a3ce342c9827a21bffae98ded510
kernel-PAE-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 0ecdfe63ff7e27d44646c4754b8d9a3a
SHA-256: a6c7c07bf722e4d8609ce790c5e59a5259bd5bd98df9c4f7e0b51cf7d38b81fb
kernel-PAE-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: ba52570bf788ac80f7f3525118d3d8b6
SHA-256: 96dd9f5265c3a461f315b40064d6b3810c63785cc6276b767ff4ea158a40f02b
kernel-debug-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 12aed9b106252a1c7c0ab32fcad5e9f7
SHA-256: 31aedc1b66b0a9ce36f96d5876eedbca642e329a282417da4b768985794b5a54
kernel-debug-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: bcc1067953af5c09c9dd2e47c414f433
SHA-256: 0a6294343280103f552d6387a5f7c755bf7dde57698f13225b6a1fb86d9fa58d
kernel-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 57d70c7aa8313d0e3f11bb140af3695f
SHA-256: e262f844e17b4bfcc24114aa4d8831e70dc85352e295ebdb35bd46a698f6fc70
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: a6d3eecbe6e5556bc75d10a35b129a6b
SHA-256: 61a7135fcbc8028c599b1dffb9a3cdc1c93ea93ff493b2a17064a7aaab7902b8
kernel-xen-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 254e20fc80b1e3a3c0d603221fa39d24
SHA-256: 9e8647060d4b039b5ea1f9823735a7b0af636295e1fa18550a0871360110c7bb
kernel-xen-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5857b42fbb05505194844a49f82dff3a
SHA-256: 81a262d02340ab7d65c880d924828ea476fe811ebde122eca0d139ece39a4096
 
IA-64:
kernel-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a8029967feef2822bfd6deb6e9ef0de4
SHA-256: bda88f7c73686276ca05415a8e8b8f404461c0282e843722a31159abcdfb438a
kernel-debug-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 07acd0a99c6bc1c9531db4cad76f3e49
SHA-256: a64b26183c8a8e73935122bef52343e21bdba40d82ea077112d4cef505bf5947
kernel-debug-devel-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8dfb1ed9c693ee0205e3956e02dee744
SHA-256: b23d44dc20bb5bf5691d528b10fa308fdf61b06555f546a99a7f39fd1bb7d9e7
kernel-devel-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: f4469205287a98651140a379c9b6a93c
SHA-256: fe2b623f3124510f89d80364a40c405326be18acdbbaa37ddee72908e7476852
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 42ccc727386891fcae1b0d7726189424
SHA-256: 832b7f41eca2cc5546b59912941ef5c4f5b5dc81ad74d7e47ed50b7e0110ef5d
kernel-xen-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: ee13fd212f58ac272e973148b6c7db71
SHA-256: 34b5c877bf4614d88d6152f68673292095e25d2bbfa0ae0437111ee28e192b7a
kernel-xen-devel-2.6.18-274.18.1.el5.ia64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8d2162e17bd19ff9134ba8b10ccbd0e5
SHA-256: 75c1dc4996fa271c6c37d57bad4ebf367309609a022dc94a3d46ea7a7bcbd5ff
 
PPC:
kernel-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 86e5c779b08e12b3c4f3da6bd172b764
SHA-256: 0257b9049f9683690af28ddce463efae215c34ef06141a217dee2887e968fbe2
kernel-debug-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 86dd8c3ea23eedbea9eecb1853408b71
SHA-256: b7bc97fa86a3bd63bcc42d59f86a4892bac6011944e1aeb23a32f4cdec39560b
kernel-debug-devel-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 10fe801c68fbd10195cbf77127188cb3
SHA-256: 1ee303f82311d019ab7918fc3a183098703df134a6ee49a9daad9e98f79c19f7
kernel-devel-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 401cc536d43da10bbd00273de723af0d
SHA-256: 03b2319bec59e12aad61b0a2d165e2db5dab6b181f9b71a09daf0eea209fb590
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.ppc.rpm
File outdated by:  RHSA-2014:0285
    MD5: 29b3070f6e181e0d2c0d1237032cdcf5
SHA-256: 295e4aa3bb8830fb431868c58521cceeab49d2b36c7860d0bf398025a20c73d7
kernel-headers-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: a8742e8afb1f97c381d33f840be4341f
SHA-256: a3b873d616acf90ea2128c4b65ee968e6ead5d177d642225f959566045f4479d
kernel-kdump-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cc3c4c5fdbba3efbc5448d966681765d
SHA-256: b2004db5a29bb9c39ce11bf762ce6c10a02d9692a74ffa106995117d9c80bcf8
kernel-kdump-devel-2.6.18-274.18.1.el5.ppc64.rpm
File outdated by:  RHSA-2014:0285
    MD5: cb52380ebe9f405bd4976ffd6e4a6c68
SHA-256: f964c10b72ffc2a6c8aeef0c78e7462702ea823e09a4b8a7692baddee01f54f9
 
s390x:
kernel-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 122e52b310b279fe114a6d5ecee87fc1
SHA-256: a5c13e726974a2a8e7419dc542823cfa77087e52ae70e44bc7ff86d86ffa80b4
kernel-debug-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 3dfa88ec328f12a178b7a025d5b8b760
SHA-256: 817b20eaefcd69604162b896f8be2fd9e972aaa87b2d9570cbae225a759d2224
kernel-debug-devel-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 1601103ab6f73838e077bdd44e8790e9
SHA-256: 7cad84e3e92827cb77803c66320cb6dc6a77812336e978ade543cfeb3f0c186d
kernel-devel-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 6db52f39b4571864b4cdf95aca7fd212
SHA-256: 8609bbfc4f5d49423dd5ac52a15d6026f7d73f9b3eb904377d7b32b7f44fe953
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: 21686e56ad77156beb85ac4d615c6238
SHA-256: 6e6ac247794b276ad36c5e632f722c2fcc6a0b6145f4a3d549cfdf89b4868ae5
kernel-kdump-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: f2470e4ec9cd83db1ea983994b495cd7
SHA-256: 6cb1175a4711630d8060067d2252f378be363cab5c6c9b61c8206197832fd4d9
kernel-kdump-devel-2.6.18-274.18.1.el5.s390x.rpm
File outdated by:  RHSA-2014:0285
    MD5: c448bdf4295fcd54b31d06665e545959
SHA-256: e030d4b99d10cde19082327a13d08af91ad51cab7703ae3749899207fdea42f5
 
x86_64:
kernel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 9d3fce92a9ef4df5bbc0e622b867ea56
SHA-256: 65b3127e57686dba6376e68e0ceadc5dc1c1e4a6a1197e8bbda7168e51714422
kernel-debug-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8a97d45e832bca2c9abba958267af41e
SHA-256: d633c3ec58cd9a6242d664a9e8e1d17a9b6ac1bd5bf6f644b871d5188c563f3b
kernel-debug-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5bc73ffce14dea755111c962c1b9497b
SHA-256: dda347bf4e9019ccec27190ba4528fa5b7722d33d581f42d29006e8ef4f1c335
kernel-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4011577893cbaf3cf72111e39e176b3c
SHA-256: c9be9b859c73021da04330f5181d29282667c7550836f6ca5ee63f1624c37266
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 420bb47077ba11bda32e0735d69d3959
SHA-256: c9c1ead3a127b1efad6beeef5b09f10f035b9a9c76e60958ded63384e14d3805
kernel-xen-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: e14a475ec969a1567f086e1783d76c2e
SHA-256: 09b52f136beee96bb976ea9de16d84bde4dd5b8ac1625b1b7004fa08919d0ca2
kernel-xen-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 308925bbd2ad652ec3549aa8394a5c46
SHA-256: 0ce849f526f9271ec134fbab2feafe2fa2d51c047be9558aa9972e3ab2c9045c
 
Red Hat Enterprise Linux Desktop (v. 5 client)

IA-32:
kernel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5480e4d16fce1a5206cd8753eee18a2a
SHA-256: e327eac2488e5a76336a101b7fb8c2b2b194a3ce342c9827a21bffae98ded510
kernel-PAE-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 0ecdfe63ff7e27d44646c4754b8d9a3a
SHA-256: a6c7c07bf722e4d8609ce790c5e59a5259bd5bd98df9c4f7e0b51cf7d38b81fb
kernel-PAE-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: ba52570bf788ac80f7f3525118d3d8b6
SHA-256: 96dd9f5265c3a461f315b40064d6b3810c63785cc6276b767ff4ea158a40f02b
kernel-debug-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 12aed9b106252a1c7c0ab32fcad5e9f7
SHA-256: 31aedc1b66b0a9ce36f96d5876eedbca642e329a282417da4b768985794b5a54
kernel-debug-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: bcc1067953af5c09c9dd2e47c414f433
SHA-256: 0a6294343280103f552d6387a5f7c755bf7dde57698f13225b6a1fb86d9fa58d
kernel-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 57d70c7aa8313d0e3f11bb140af3695f
SHA-256: e262f844e17b4bfcc24114aa4d8831e70dc85352e295ebdb35bd46a698f6fc70
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.i386.rpm
File outdated by:  RHSA-2014:0285
    MD5: a6d3eecbe6e5556bc75d10a35b129a6b
SHA-256: 61a7135fcbc8028c599b1dffb9a3cdc1c93ea93ff493b2a17064a7aaab7902b8
kernel-xen-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 254e20fc80b1e3a3c0d603221fa39d24
SHA-256: 9e8647060d4b039b5ea1f9823735a7b0af636295e1fa18550a0871360110c7bb
kernel-xen-devel-2.6.18-274.18.1.el5.i686.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5857b42fbb05505194844a49f82dff3a
SHA-256: 81a262d02340ab7d65c880d924828ea476fe811ebde122eca0d139ece39a4096
 
x86_64:
kernel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 9d3fce92a9ef4df5bbc0e622b867ea56
SHA-256: 65b3127e57686dba6376e68e0ceadc5dc1c1e4a6a1197e8bbda7168e51714422
kernel-debug-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 8a97d45e832bca2c9abba958267af41e
SHA-256: d633c3ec58cd9a6242d664a9e8e1d17a9b6ac1bd5bf6f644b871d5188c563f3b
kernel-debug-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 5bc73ffce14dea755111c962c1b9497b
SHA-256: dda347bf4e9019ccec27190ba4528fa5b7722d33d581f42d29006e8ef4f1c335
kernel-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 4011577893cbaf3cf72111e39e176b3c
SHA-256: c9be9b859c73021da04330f5181d29282667c7550836f6ca5ee63f1624c37266
kernel-doc-2.6.18-274.18.1.el5.noarch.rpm
File outdated by:  RHSA-2014:0285
    MD5: 78c971d929a914101c08329572b92f81
SHA-256: d0ed6860b4d79c2228c370516cc8517fc4c2c470925de69181b90701f9d47b4d
kernel-headers-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 420bb47077ba11bda32e0735d69d3959
SHA-256: c9c1ead3a127b1efad6beeef5b09f10f035b9a9c76e60958ded63384e14d3805
kernel-xen-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: e14a475ec969a1567f086e1783d76c2e
SHA-256: 09b52f136beee96bb976ea9de16d84bde4dd5b8ac1625b1b7004fa08919d0ca2
kernel-xen-devel-2.6.18-274.18.1.el5.x86_64.rpm
File outdated by:  RHSA-2014:0285
    MD5: 308925bbd2ad652ec3549aa8394a5c46
SHA-256: 0ce849f526f9271ec134fbab2feafe2fa2d51c047be9558aa9972e3ab2c9045c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

747942 - CVE-2011-3638 kernel: ext4: ext4_ext_insert_extent() kernel oops
749143 - CVE-2011-4086 kernel: jbd2: unmapped buffer with _Unwritten or _Delay flags set can lead to DoS
752375 - CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl
771764 - CVE-2012-0028 kernel: futex: clear robust_list on execve
772867 - CVE-2012-0207 kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/