Home / mailings [RHSA-2007:0347-01] Important: kernel security and bug fix update
Posted on 16 May 2007
RedHat-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2007:0347-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0347.html
Issue date: 2007-05-16
Updated on: 2007-05-16
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1496 CVE-2007-1497 CVE-2007-1592
CVE-2007-1861 CVE-2007-2172 CVE-2007-2242
- ---------------------------------------------------------------------
1. Summary:
Updated kernel packages that fix security issues and bugs in the Red Hat
Enterprise Linux 5 kernel are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
3. Problem description:
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
* a flaw in the handling of IPv6 type 0 routing headers that allowed remote
users to cause a denial of service that led to a network amplification
between two routers (CVE-2007-2242, Important).
* a flaw in the nfnetlink_log netfilter module that allowed a local user to
cause a denial of service (CVE-2007-1496, Important).
* a flaw in the flow list of listening IPv6 sockets that allowed a local
user to cause a denial of service (CVE-2007-1592, Important).
* a flaw in the handling of netlink messages that allowed a local user to
cause a denial of service (infinite recursion) (CVE-2007-1861, Important).
* a flaw in the IPv4 forwarding base that allowed a local user to cause an
out-of-bounds access (CVE-2007-2172, Important).
* a flaw in the nf_conntrack netfilter module for IPv6 that allowed remote
users to bypass certain netfilter rules using IPv6 fragments
(CVE-2007-1497, Moderate).
In addition to the security issues described above, fixes for the following
have been included:
* a regression in ipv6 routing.
* an error in memory initialization that caused gdb to output inaccurate
backtraces on ia64.
* the nmi watchdog timeout was updated from 5 to 30 seconds.
* a flaw in distributed lock management that could result in errors during
virtual machine migration.
* an omitted include in kernel-headers that led to compile failures for
some packages.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
238046 - oops and panics bringing up/down interfaces on 128p Altix, 8 interfaces
238731 - dlm locking error from gfs dio/aio during virt machine migration
238749 - The patch "xen: Add PACKET_AUXDATA cmsg" cause /usr/include/linux/if_packet.h broken
238944 - CVE-2007-1592 IPv6 oops triggerable by any user
238946 - CVE-2007-1496 Various NULL pointer dereferences in netfilter code
238947 - CVE-2007-1497 IPv6 fragments bypass in nf_conntrack netfilter code
238948 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability
238949 - CVE-2007-2242 IPv6 routing headers issue
238960 - CVE-2007-1861 infinite recursion in netlink
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm
a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm
i386:
7ea25aefdfc680a76826429075a95c39 kernel-2.6.18-8.1.4.el5.i686.rpm
6bff12b40b95a8d2a1289a04f899244b kernel-PAE-2.6.18-8.1.4.el5.i686.rpm
9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm
cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm
b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm
7f0ecd55e3977d93d27c86e13041d2b9 kernel-headers-2.6.18-8.1.4.el5.i386.rpm
97f88531ad7be7462b93a9d434728f43 kernel-xen-2.6.18-8.1.4.el5.i686.rpm
60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm
noarch:
399b9229deddfcd91db39da9aff06656 kernel-doc-2.6.18-8.1.4.el5.noarch.rpm
x86_64:
b21949aab1ba017d070aa114a64000ba kernel-2.6.18-8.1.4.el5.x86_64.rpm
d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm
86785d6927d0b2603bfcd413eb778f0b kernel-headers-2.6.18-8.1.4.el5.x86_64.rpm
76971a3a74604f1dee054a1dbd7ebf67 kernel-xen-2.6.18-8.1.4.el5.x86_64.rpm
e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm
a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm
i386:
9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm
15bde90df04f50cc70323a81fc624b8a kernel-PAE-devel-2.6.18-8.1.4.el5.i686.rpm
cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm
b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm
93983fdd3e77c260adb37de012a829af kernel-devel-2.6.18-8.1.4.el5.i686.rpm
60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm
26b09c370a9ab26cfdb2a188271f7f05 kernel-xen-devel-2.6.18-8.1.4.el5.i686.rpm
x86_64:
d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm
48f80c1bd887008cf220daf606ff56b8 kernel-devel-2.6.18-8.1.4.el5.x86_64.rpm
e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
51c578847a2bfb63266dfba2243dbc16 kernel-xen-devel-2.6.18-8.1.4.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm
a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm
i386:
7ea25aefdfc680a76826429075a95c39 kernel-2.6.18-8.1.4.el5.i686.rpm
6bff12b40b95a8d2a1289a04f899244b kernel-PAE-2.6.18-8.1.4.el5.i686.rpm
9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm
15bde90df04f50cc70323a81fc624b8a kernel-PAE-devel-2.6.18-8.1.4.el5.i686.rpm
cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm
b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm
93983fdd3e77c260adb37de012a829af kernel-devel-2.6.18-8.1.4.el5.i686.rpm
7f0ecd55e3977d93d27c86e13041d2b9 kernel-headers-2.6.18-8.1.4.el5.i386.rpm
97f88531ad7be7462b93a9d434728f43 kernel-xen-2.6.18-8.1.4.el5.i686.rpm
60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm
26b09c370a9ab26cfdb2a188271f7f05 kernel-xen-devel-2.6.18-8.1.4.el5.i686.rpm
ia64:
411ed588a694990ad9801fdef57cbe6d kernel-2.6.18-8.1.4.el5.ia64.rpm
c957fa2b7eeadad2349e88a9244ac5cb kernel-debuginfo-2.6.18-8.1.4.el5.ia64.rpm
898ae9f23dbb060165286a6537570bc6 kernel-debuginfo-common-2.6.18-8.1.4.el5.ia64.rpm
5062a60ed526c494ac662cec4fdfe47c kernel-devel-2.6.18-8.1.4.el5.ia64.rpm
c97016a8bda12298c3b66524d5dabe84 kernel-headers-2.6.18-8.1.4.el5.ia64.rpm
bb23d95b706b342ca935d43bbf902c61 kernel-xen-2.6.18-8.1.4.el5.ia64.rpm
e8e8684027570c4ecc75de6f2d9689eb kernel-xen-debuginfo-2.6.18-8.1.4.el5.ia64.rpm
9e59e9e9a94b68eba80b893b8592d964 kernel-xen-devel-2.6.18-8.1.4.el5.ia64.rpm
noarch:
399b9229deddfcd91db39da9aff06656 kernel-doc-2.6.18-8.1.4.el5.noarch.rpm
ppc:
da9abf45515578bd37cfe13f60bdc4bf kernel-2.6.18-8.1.4.el5.ppc64.rpm
569fcc7a9e80593c99970730cec4a40c kernel-debuginfo-2.6.18-8.1.4.el5.ppc64.rpm
767cb8edeffae46d02e9556d9d6533fe kernel-debuginfo-common-2.6.18-8.1.4.el5.ppc64.rpm
73ccbea80ec007e649d9245de507578e kernel-devel-2.6.18-8.1.4.el5.ppc64.rpm
d619c03f0217a68be76c87b8b24e2ecf kernel-headers-2.6.18-8.1.4.el5.ppc.rpm
4ef1d41f1565246da9cc3de87bd7862b kernel-headers-2.6.18-8.1.4.el5.ppc64.rpm
ef68af661c08062a3ff329048d3f9329 kernel-kdump-2.6.18-8.1.4.el5.ppc64.rpm
fc220f0fc0a5343ea87bdcad0aeda4b2 kernel-kdump-debuginfo-2.6.18-8.1.4.el5.ppc64.rpm
28521b7eae6621a13661118a025e773e kernel-kdump-devel-2.6.18-8.1.4.el5.ppc64.rpm
s390x:
8539348562746e09c24c8555470d77a5 kernel-2.6.18-8.1.4.el5.s390x.rpm
bf19f97c5c041c02638ffd2dc1ba1387 kernel-debuginfo-2.6.18-8.1.4.el5.s390x.rpm
8b55df775f84c423cbd8d7ac5e89c74e kernel-debuginfo-common-2.6.18-8.1.4.el5.s390x.rpm
d61702ef23bc7fec3ce5351d6d13ecb8 kernel-devel-2.6.18-8.1.4.el5.s390x.rpm
b8e186d02e1d0766911b6dd8bae63dc2 kernel-headers-2.6.18-8.1.4.el5.s390x.rpm
x86_64:
b21949aab1ba017d070aa114a64000ba kernel-2.6.18-8.1.4.el5.x86_64.rpm
d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm
48f80c1bd887008cf220daf606ff56b8 kernel-devel-2.6.18-8.1.4.el5.x86_64.rpm
86785d6927d0b2603bfcd413eb778f0b kernel-headers-2.6.18-8.1.4.el5.x86_64.rpm
76971a3a74604f1dee054a1dbd7ebf67 kernel-xen-2.6.18-8.1.4.el5.x86_64.rpm
e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm
51c578847a2bfb63266dfba2243dbc16 kernel-xen-devel-2.6.18-8.1.4.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1592
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242
http://www.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.