Описание
ELSA-2008-0885: kernel security and bug fix update (IMPORTANT)
[2.6.18-92.1.13.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [orabug 6045759]
- [splice] Fix bad unlock_page() in error case (Jens Axboe) [orabug 6263574]
- [NET] fix netpoll race (Tina Yang) [orabugz 5791]
[2.6.18-92.1.13.el5]
- [md] fix crashes in iterate_rdev (Doug Ledford ) [460128 455471]
- [sound] snd_seq_oss_synth_make_info info leak (Eugene Teo ) [458000 458001] {CVE-2008-3272}
- [ipmi] control BMC device ordering (peterm@redhat.com ) [459071 430157]
- [ia64] fix to check module_free parameter (Masami Hiramatsu ) [460639 457961]
- [misc] NULL pointer dereference in kobject_get_path (Jiri Pirko ) [459776 455460]
- [xen] ia64: SMP-unsafe with XENMEM_add_to_physmap on HVM (Tetsu Yamamoto ) [459780 457137]
- [net] bridge: eliminate delay on carrier up (Herbert Xu ) [458783 453526]
- [fs] dio: lock refcount operations (Jeff Moyer ) [459082 455750]
- [misc] serial: fix break handling for i82571 over LAN (Aristeu Rozanski ) [460509 440018]
- [fs] dio: use kzalloc to zero out struct dio (Jeff Moyer ) [461091 439918]
- [fs] lockd: nlmsvc_lookup_host called with f_sema held (Jeff Layton ) [459083 453094]
- [net] bnx2x: chip reset and port type fixes (Andy Gospodarek ) [441259 442026]
[2.6.18-92.1.12.el5]
- [mm] tmpfs: restore missing clear_highpage (Eugene Teo ) [426082 426083]{CVE-2007-6417}
- [fs] vfs: fix lookup on deleted directory (Eugene Teo ) [457865 457866]{CVE-2008-3275}
- [net] ixgbe: remove device ID for unsupported device (Andy Gospodarek ) [457484 454910]
- [ppc] Event Queue overflow on eHCA adapters (Brad Peters ) [458779 446713]
[2.6.18-92.1.11.el5]
- [mm] xpmem: inhibit page swapping under heavy mem use (George Beshers ) [456946 456574]
- [xen] HV: memory corruption with large number of cpus (Chris Lalancette ) [455768 449945]
- [fs] missing check before setting mount propagation (Eugene Teo ) [454392 454393]
- [openib] small ipoib packet can cause an oops (Doug Ledford ) [447913 445731]
- [misc] fix race in switch_uid and user signal accounting (Vince Worthington ) [456235 441762 440830]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel
2.6.18-92.1.13.0.1.el5
kernel-debug
2.6.18-92.1.13.0.1.el5
kernel-debug-devel
2.6.18-92.1.13.0.1.el5
kernel-devel
2.6.18-92.1.13.0.1.el5
kernel-doc
2.6.18-92.1.13.0.1.el5
kernel-headers
2.6.18-92.1.13.0.1.el5
kernel-xen
2.6.18-92.1.13.0.1.el5
kernel-xen-devel
2.6.18-92.1.13.0.1.el5
ocfs2-2.6.18-92.1.13.0.1.el5
1.2.9-1.el5
ocfs2-2.6.18-92.1.13.0.1.el5debug
1.2.9-1.el5
ocfs2-2.6.18-92.1.13.0.1.el5xen
1.2.9-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5
2.0.4-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5debug
2.0.4-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5xen
2.0.4-1.el5
Oracle Linux i386
kernel
2.6.18-92.1.13.0.1.el5
kernel-PAE
2.6.18-92.1.13.0.1.el5
kernel-PAE-devel
2.6.18-92.1.13.0.1.el5
kernel-debug
2.6.18-92.1.13.0.1.el5
kernel-debug-devel
2.6.18-92.1.13.0.1.el5
kernel-devel
2.6.18-92.1.13.0.1.el5
kernel-doc
2.6.18-92.1.13.0.1.el5
kernel-headers
2.6.18-92.1.13.0.1.el5
kernel-xen
2.6.18-92.1.13.0.1.el5
kernel-xen-devel
2.6.18-92.1.13.0.1.el5
ocfs2-2.6.18-92.1.13.0.1.el5
1.2.9-1.el5
ocfs2-2.6.18-92.1.13.0.1.el5PAE
1.2.9-1.el5
ocfs2-2.6.18-92.1.13.0.1.el5debug
1.2.9-1.el5
ocfs2-2.6.18-92.1.13.0.1.el5xen
1.2.9-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5
2.0.4-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5PAE
2.0.4-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5debug
2.0.4-1.el5
oracleasm-2.6.18-92.1.13.0.1.el5xen
2.0.4-1.el5
Ссылки на источники
Связанные уязвимости
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through ...
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).