The gfs-kmod packages contain modules that provide the ability to mount and
use GFS file systems.
A flaw was found in the gfs_lock() implementation. The GFS locking code
could skip the lock operation for files that have the S_ISGID bit
(set-group-ID on execution) in their mode set. A local, unprivileged user
on a system that has a GFS file system mounted could use this flaw to cause
a kernel panic. (CVE-2010-0727)
These updated gfs-kmod packages are in sync with the latest kernel
(2.6.18-164.19.1.el5). The modules in earlier gfs-kmod packages failed to
load because they did not match the running kernel. It was possible to
force-load the modules. With this update, however, users no longer need to.
Users are advised to upgrade to these latest gfs-kmod packages, updated for
use with the 2.6.18-164.19.1.el5 kernel, which contain a backported patch
to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | i686 | kmod-gfs | < 0.1.34-2.el5_4.3 | kmod-gfs-0.1.34-2.el5_4.3.i686.rpm |
RedHat | 5 | i686 | kmod-gfs-pae | < 0.1.34-2.el5_4.3 | kmod-gfs-PAE-0.1.34-2.el5_4.3.i686.rpm |
RedHat | 5 | i686 | kmod-gfs-xen | < 0.1.34-2.el5_4.3 | kmod-gfs-xen-0.1.34-2.el5_4.3.i686.rpm |