Описание
ELSA-2009-1548: kernel security and bug fix update (IMPORTANT)
[2.6.18-164.6.1.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514]
- Add entropy support to igb ( John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314]
[2.6.18-164.6.1.el5]
- [fs] fix pipe null pointer dereference (Jeff Moyer) [530938 530939] {CVE-2009-3547}
- [security] require root for mmap_min_addr (Eric Paris ) [518142 518143] {CVE-2009-2695}
- [net] lvs: adjust sync protocol handling for ipvsadm -2 (Neil Horman ) [528645 524129]
- [xen] allow booting with broken serial hardware (Chris Lalancette ) [524153 518338]
[2.6.18-164.5.1.el5]
- [fs] eCryptfs: prevent lower dentry from going negative (Eric Sandeen ) [527834 527835] {CVE-2009-2908}
- [nfs] v4: reclaimer thread stuck in an infinite loop (Sachin S. Prabhu ) [529162 526888]
- [net] r8169: avoid losing MSI interrupts (Ivan Vecera ) [529366 514589]
- [scsi] st.c: memory use after free after MTSETBLK ioctl (David Jeffery ) [528133 520192]
- [net] r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera ) [529143 515857] {CVE-2009-3613}
[2.6.18-164.4.1.el5]
- [net] bonding: set primary param via sysfs (Jiri Pirko ) [517971 499884]
- [scsi] fusion: re-enable mpt_msi_enable option (Tomas Henzl ) [526963 520820]
- [net] ipt_recent: sanity check hit count (Amerigo Wang ) [527434 523982]
- [net] ipv4: ip_append_data handle NULL routing table (Jiri Pirko ) [527436 520297]
- [nfs] fix cache invalidation problems in nfs_readdir (Jeff Layton ) [526960 511170]
- [net] tc: fix unitialized kernel memory leak (Jiri Pirko ) [520994 520863]
[2.6.18-164.3.1.el5]
- [nfs] knfsd: fix NFSv4 O_EXCL creates (Jeff Layton ) [522163 524521] {CVE-2009-3286}
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
kernel
2.6.18-164.6.1.0.1.el5
kernel-debug
2.6.18-164.6.1.0.1.el5
kernel-debug-devel
2.6.18-164.6.1.0.1.el5
kernel-devel
2.6.18-164.6.1.0.1.el5
kernel-doc
2.6.18-164.6.1.0.1.el5
kernel-headers
2.6.18-164.6.1.0.1.el5
kernel-xen
2.6.18-164.6.1.0.1.el5
kernel-xen-devel
2.6.18-164.6.1.0.1.el5
ocfs2-2.6.18-164.6.1.0.1.el5
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5debug
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5xen
1.4.4-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5xen
2.0.5-1.el5
Oracle Linux x86_64
kernel
2.6.18-164.6.1.0.1.el5
kernel-debug
2.6.18-164.6.1.0.1.el5
kernel-debug-devel
2.6.18-164.6.1.0.1.el5
kernel-devel
2.6.18-164.6.1.0.1.el5
kernel-doc
2.6.18-164.6.1.0.1.el5
kernel-headers
2.6.18-164.6.1.0.1.el5
kernel-xen
2.6.18-164.6.1.0.1.el5
kernel-xen-devel
2.6.18-164.6.1.0.1.el5
ocfs2-2.6.18-164.6.1.0.1.el5
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5debug
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5xen
1.4.4-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5xen
2.0.5-1.el5
Oracle Linux i386
kernel
2.6.18-164.6.1.0.1.el5
kernel-PAE
2.6.18-164.6.1.0.1.el5
kernel-PAE-devel
2.6.18-164.6.1.0.1.el5
kernel-debug
2.6.18-164.6.1.0.1.el5
kernel-debug-devel
2.6.18-164.6.1.0.1.el5
kernel-devel
2.6.18-164.6.1.0.1.el5
kernel-doc
2.6.18-164.6.1.0.1.el5
kernel-headers
2.6.18-164.6.1.0.1.el5
kernel-xen
2.6.18-164.6.1.0.1.el5
kernel-xen-devel
2.6.18-164.6.1.0.1.el5
ocfs2-2.6.18-164.6.1.0.1.el5
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5PAE
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5debug
1.4.4-1.el5
ocfs2-2.6.18-164.6.1.0.1.el5xen
1.4.4-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5PAE
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-164.6.1.0.1.el5xen
2.0.5-1.el5
Ссылки на источники
Связанные уязвимости
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux ...
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a NULL pointer dereference, as demonstrated via a Mutt temporary directory in an eCryptfs mount.