The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
a deficiency was found in the fasync_helper() implementation. This could
allow a local, unprivileged user to leverage a use-after-free of locked,
asynchronous file descriptors to cause a denial of service or privilege
escalation. (CVE-2009-4141, Important)
a NULL pointer dereference flaw was found in the sctp_rcv_ootb() function
in the Linux kernel Stream Control Transmission Protocol (SCTP)
implementation. A remote attacker could send a specially-crafted SCTP
packet to a target system, resulting in a denial of service.
(CVE-2010-0008, Important)
a NULL pointer dereference flaw was found in the ip6_dst_lookup_tail()
function in the Linux kernel. An attacker on the local network could
trigger this flaw by sending IPv6 traffic to a target system, leading to a
system crash (kernel OOPS) if dst->neighbour is NULL on the target system
when receiving an IPv6 packet. (CVE-2010-0437, Important)
This update also fixes the following bugs:
programs compiled on x86, and that also call sched_rr_get_interval(),
were silently corrupted when run on 64-bit systems. With this update, when
such programs attempt to call sched_rr_get_interval() on 64-bit systems,
sys32_sched_rr_get_interval() is called instead, which resolves this issue.
(BZ#557683)
the fix for CVE-2009-4538 provided by RHSA-2010:0053 introduced a
regression, preventing Wake on LAN (WoL) working for network devices using
the Intel PRO/1000 Linux driver, e1000e. Attempting to configure WoL for
such devices resulted in the following error, even when configuring valid
options:
“Cannot set new wake-on-lan settings: Operation not supported
not setting wol”
This update resolves this regression, and WoL now works as expected for
network devices using the e1000e driver. (BZ#559334)
a number of bugs have been fixed in the copy_user routines for Intel 64
and AMD64 systems, one of which could have possibly led to data corruption.
(BZ#568307)
on some systems, a race condition in the inode-based file event
notifications implementation caused soft lockups and the following
messages:
“BUG: warning at fs/inotify.c:181/set_dentry_child_flags()”
“BUG: soft lockup - CPU#[x] stuck for 10s!”
This update resolves this race condition, and also removes the inotify
debugging code from the kernel, due to race conditions in that code.
(BZ#568663)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | s390x | kernel | < 2.6.18-128.14.1.el5 | kernel-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-kdump | < 2.6.18-128.14.1.el5 | kernel-kdump-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-headers | < 2.6.18-128.14.1.el5 | kernel-headers-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-kdump-devel | < 2.6.18-128.14.1.el5 | kernel-kdump-devel-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-devel | < 2.6.18-128.14.1.el5 | kernel-devel-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | noarch | kernel-doc | < 2.6.18-128.14.1.el5 | kernel-doc-2.6.18-128.14.1.el5.noarch.rpm |
RedHat | 5 | s390x | kernel-debug-devel | < 2.6.18-128.14.1.el5 | kernel-debug-devel-2.6.18-128.14.1.el5.s390x.rpm |
RedHat | 5 | s390x | kernel-debug | < 2.6.18-128.14.1.el5 | kernel-debug-2.6.18-128.14.1.el5.s390x.rpm |