The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security fixes:
a NULL pointer dereference flaw was found in the Linux kernel NFSv4
implementation. Several of the NFSv4 file locking functions failed to check
whether a file had been opened on the server before performing locking
operations on it. A local, unprivileged user on a system with an NFSv4
share mounted could possibly use this flaw to cause a kernel panic (denial
of service) or escalate their privileges. (CVE-2009-3726, Important)
a flaw was found in the sctp_process_unk_param() function in the Linux
kernel Stream Control Transmission Protocol (SCTP) implementation. A remote
attacker could send a specially-crafted SCTP packet to an SCTP listening
port on a target system, causing a kernel panic (denial of service).
(CVE-2010-1173, Important)
a race condition between finding a keyring by name and destroying a freed
keyring was found in the Linux kernel key management facility. A local,
unprivileged user could use this flaw to cause a kernel panic (denial of
service) or escalate their privileges. (CVE-2010-1437, Important)
Red Hat would like to thank Simon Vallet for responsibly reporting
CVE-2009-3726; and Jukka Taimisto and Olli Jarva of Codenomicon Ltd, Nokia
Siemens Networks, and Wind River on behalf of their customer, for
responsibly reporting CVE-2010-1173.
Bug fixes:
RHBA-2007:0791 introduced a regression in the Journaling Block Device
(JBD). Under certain circumstances, removing a large file (such as 300 MB
or more) did not result in inactive memory being freed, leading to the
system having a large amount of inactive memory. Now, the memory is
correctly freed. (BZ#589155)
the timer_interrupt() routine did not scale lost real ticks to logical
ticks correctly, possibly causing time drift for 64-bit Red Hat Enterprise
Linux 4 KVM (Kernel-based Virtual Machine) guests that were booted with the
“divider=x” kernel parameter set to a value greater than 1. “warning: many
lost ticks” messages may have been logged on the affected guest systems.
(BZ#590551)
a bug could have prevented NFSv3 clients from having the most up-to-date
file attributes for files on a given NFSv3 file system. In cases where a
file type changed, such as if a file was removed and replaced with a
directory of the same name, the NFSv3 client may not have noticed this
change until stat(2) was called (for example, by running “ls -l”).
(BZ#596372)
RHBA-2007:0791 introduced bugs in the Linux kernel PCI-X subsystem. These
could have caused a system deadlock on some systems where the BIOS set the
default Maximum Memory Read Byte Count (MMRBC) to 4096, and that also use
the Intel PRO/1000 Linux driver, e1000. Errors such as “e1000: eth[x]:
e1000_clean_tx_irq: Detected Tx Unit Hang” were logged. (BZ#596374)
an out of memory condition in a KVM guest, using the virtio-net network
driver and also under heavy network stress, could have resulted in
that guest being unable to receive network traffic. Users had to manually
remove and re-add the virtio_net module and restart the network service
before networking worked as expected. Such memory conditions no longer
prevent KVM guests receiving network traffic. (BZ#597310)
when an SFQ qdisc that limited the queue size to two packets was added to
a network interface, sending traffic through that interface resulted in a
kernel crash. Such a qdisc no longer results in a kernel crash. (BZ#597312)
when an NFS client opened a file with the O_TRUNC flag set, it received
a valid stateid, but did not use that stateid to perform the SETATTR call.
Such cases were rejected by Red Hat Enterprise Linux 4 NFS servers with an
“NFS4ERR_BAD_STATEID” error, possibly preventing some NFS clients from
writing files to an NFS file system. (BZ#597314)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | src | kernel | < 2.6.9-89.0.26.EL | kernel-2.6.9-89.0.26.EL.src.rpm |
RedHat | any | s390x | kernel | < 2.6.9-89.0.26.EL | kernel-2.6.9-89.0.26.EL.s390x.rpm |
RedHat | any | ppc64 | kernel-largesmp | < 2.6.9-89.0.26.EL | kernel-largesmp-2.6.9-89.0.26.EL.ppc64.rpm |
RedHat | any | x86_64 | kernel-largesmp | < 2.6.9-89.0.26.EL | kernel-largesmp-2.6.9-89.0.26.EL.x86_64.rpm |
RedHat | any | i686 | kernel-hugemem-devel | < 2.6.9-89.0.26.EL | kernel-hugemem-devel-2.6.9-89.0.26.EL.i686.rpm |
RedHat | any | ia64 | kernel-devel | < 2.6.9-89.0.26.EL | kernel-devel-2.6.9-89.0.26.EL.ia64.rpm |
RedHat | any | i686 | kernel-smp-devel | < 2.6.9-89.0.26.EL | kernel-smp-devel-2.6.9-89.0.26.EL.i686.rpm |
RedHat | any | x86_64 | kernel-xenu-devel | < 2.6.9-89.0.26.EL | kernel-xenU-devel-2.6.9-89.0.26.EL.x86_64.rpm |
RedHat | any | s390 | kernel-devel | < 2.6.9-89.0.26.EL | kernel-devel-2.6.9-89.0.26.EL.s390.rpm |
RedHat | any | x86_64 | kernel-smp | < 2.6.9-89.0.26.EL | kernel-smp-2.6.9-89.0.26.EL.x86_64.rpm |