RedHatRHSA-2013:1790(RHSA-2013:1790) Moderate: kernel security and bug fix update
EPSS
Percentile
25.4%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
- An information leak flaw was found in the way the Xen hypervisor handled
error conditions when reading guest memory during certain guest-originated
operations, such as port or memory mapped I/O writes. A privileged user in
a fully-virtualized guest could use this flaw to leak hypervisor stack
memory to a guest. (CVE-2013-4355, Moderate)
Red Hat would like to thank the Xen project for reporting this issue.
This update also fixes the following bugs:
-
A previous fix to the kernel did not contain a memory barrier in the
percpu_up_write() function. Consequently, under certain circumstances, a
race condition could occur leading to memory corruption and a subsequent
kernel panic. This update introduces a new memory barrier pair, light_mb()
and heavy_mb(), for per-CPU basis read and write semaphores
(percpu-rw-semaphores) ensuring that the race condition can no longer
occur. In addition, the read path performance of “percpu-rw-semaphores” has
been improved. (BZ#1014715) -
Due to a bug in the tg3 driver, systems that had the Wake-on-LAN (WOL)
feature enabled on their NICs could not have been woken up from suspension
or hibernation using WOL. A missing pci_wake_from_d3() function call has
been added to the tg3 driver, which ensures that WOL functions properly by
setting the PME_ENABLE bit. (BZ#1014973) -
Due to an incorrect test condition in the mpt2sas driver, the driver was
unable to catch failures to map a SCSI scatter-gather list. The test
condition has been corrected so that the mpt2sas driver now handles SCSI
scatter-gather mapping failures as expected. (BZ#1018458) -
A previous patch to the kernel introduced the “VLAN tag re-insertion”
workaround to resolve a problem with incorrectly handled VLAN-tagged
packets with no assigned VLAN group while the be2net driver was in
promiscuous mode. However, this solution led to packet corruption and a
subsequent kernel oops if such a processed packed was a GRO packet.
Therefore, a patch has been applied to restrict VLAN tag re-insertion only
to non-GRO packets. The be2net driver now processes VLAN-tagged packets
with no assigned VLAN group correctly in this situation. (BZ#1023348)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | ppc64 | kernel-debug-debuginfo | < 2.6.18-371.3.1.el5 | kernel-debug-debuginfo-2.6.18-371.3.1.el5.ppc64.rpm |
| RedHat | 5 | i686 | kernel-devel | < 2.6.18-371.3.1.el5 | kernel-devel-2.6.18-371.3.1.el5.i686.rpm |
| RedHat | 5 | s390x | kernel-debug-devel | < 2.6.18-371.3.1.el5 | kernel-debug-devel-2.6.18-371.3.1.el5.s390x.rpm |
| RedHat | 5 | ppc64 | kernel-debug | < 2.6.18-371.3.1.el5 | kernel-debug-2.6.18-371.3.1.el5.ppc64.rpm |
| RedHat | 5 | ia64 | kernel-debuginfo-common | < 2.6.18-371.3.1.el5 | kernel-debuginfo-common-2.6.18-371.3.1.el5.ia64.rpm |
| RedHat | 5 | s390x | kernel-kdump | < 2.6.18-371.3.1.el5 | kernel-kdump-2.6.18-371.3.1.el5.s390x.rpm |
| RedHat | 5 | ia64 | kernel-xen-debuginfo | < 2.6.18-371.3.1.el5 | kernel-xen-debuginfo-2.6.18-371.3.1.el5.ia64.rpm |
| RedHat | 5 | ia64 | kernel-devel | < 2.6.18-371.3.1.el5 | kernel-devel-2.6.18-371.3.1.el5.ia64.rpm |
| RedHat | 5 | i686 | kernel-xen-debuginfo | < 2.6.18-371.3.1.el5 | kernel-xen-debuginfo-2.6.18-371.3.1.el5.i686.rpm |
| RedHat | 5 | i686 | kernel-pae | < 2.6.18-371.3.1.el5 | kernel-PAE-2.6.18-371.3.1.el5.i686.rpm |
Related
