Home / mailings [RHSA-2007:0376-01] Important: kernel security and bug fix update
Posted on 14 June 2007
RedHat-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update
Advisory ID: RHSA-2007:0376-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0376.html
Issue date: 2007-06-14
Updated on: 2007-06-14
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-7203 CVE-2007-1353 CVE-2007-2453
CVE-2007-2525
- ---------------------------------------------------------------------
1. Summary:
Updated kernel packages that fix security issues and bugs in the Red Hat
Enterprise Linux 5 kernel are now available.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64
3. Problem description:
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
* a flaw in the mount handling routine for 64-bit systems that allowed a
local user to cause denial of service (CVE-2006-7203, Important).
* a flaw in the PPP over Ethernet implementation that allowed a remote user
to cause a denial of service (CVE-2007-2525, Important).
* a flaw in the Bluetooth subsystem that allowed a local user to trigger an
information leak (CVE-2007-1353, Low).
* a bug in the random number generator that prevented the manual seeding of
the entropy pool (CVE-2007-2453, Low).
In addition to the security issues described above, fixes for the following
have been included:
* a race condition between ext3_link/unlink that could create an orphan
inode list corruption.
* a bug in the e1000 driver that could lead to a watchdog timeout panic.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
238048 - watchdog timeout panic in e1000 driver
240456 - CVE-2006-7203 oops in compat_sys_mount() when data pointer is NULL
241862 - CVE-2007-1353 Bluetooth setsockopt() information leaks
241863 - CVE-2007-2525 PPPoE socket PPPIOCGCHAN denial of service
241888 - CVE-2007-2453 Slightly degraded pool mixing for entropy extraction
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.6.el5.src.rpm
ca4c1316fbd95a8d49f904e7bccc945e kernel-2.6.18-8.1.6.el5.src.rpm
i386:
751a0967b7267cdc841786d07535f043 kernel-2.6.18-8.1.6.el5.i686.rpm
972cbf91bd3a6d44f6ec8076a533d9af kernel-PAE-2.6.18-8.1.6.el5.i686.rpm
6beea141fda0927112d55f2c2df09d90 kernel-PAE-debuginfo-2.6.18-8.1.6.el5.i686.rpm
e9759676152604e9f933ec09e6ce1cd2 kernel-debuginfo-2.6.18-8.1.6.el5.i686.rpm
7708187d2868c4618a0013bdca469ad5 kernel-debuginfo-common-2.6.18-8.1.6.el5.i686.rpm
48d4505991b2366c786568543cb8ec2f kernel-headers-2.6.18-8.1.6.el5.i386.rpm
da0cec315cfa6fe94146db555055fda3 kernel-xen-2.6.18-8.1.6.el5.i686.rpm
90968933d212307fd4f978e2f582844e kernel-xen-debuginfo-2.6.18-8.1.6.el5.i686.rpm
noarch:
f26ab19937282b8e62402fa0e69dcafd kernel-doc-2.6.18-8.1.6.el5.noarch.rpm
x86_64:
cfad289b0ece8e9fa7b630d7187b6346 kernel-2.6.18-8.1.6.el5.x86_64.rpm
4f4d6106881cab950dd1d53f4e29f264 kernel-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
386c302134fd4f02f58dbaa92a82baf3 kernel-debuginfo-common-2.6.18-8.1.6.el5.x86_64.rpm
c9da8f3c701a49d5dfb10b6c81cb3166 kernel-headers-2.6.18-8.1.6.el5.x86_64.rpm
a15f021f85dfd7146116e96165b3b13b kernel-xen-2.6.18-8.1.6.el5.x86_64.rpm
16b4839286c2e0676ad336d1e2e9fddc kernel-xen-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.6.el5.src.rpm
ca4c1316fbd95a8d49f904e7bccc945e kernel-2.6.18-8.1.6.el5.src.rpm
i386:
6beea141fda0927112d55f2c2df09d90 kernel-PAE-debuginfo-2.6.18-8.1.6.el5.i686.rpm
584699e4fe6d117e44f7e05b2fdd6ab9 kernel-PAE-devel-2.6.18-8.1.6.el5.i686.rpm
e9759676152604e9f933ec09e6ce1cd2 kernel-debuginfo-2.6.18-8.1.6.el5.i686.rpm
7708187d2868c4618a0013bdca469ad5 kernel-debuginfo-common-2.6.18-8.1.6.el5.i686.rpm
a86e33c65793ab34921b82f144811b2e kernel-devel-2.6.18-8.1.6.el5.i686.rpm
90968933d212307fd4f978e2f582844e kernel-xen-debuginfo-2.6.18-8.1.6.el5.i686.rpm
9c793133f00941476dcaa77b2e768b0e kernel-xen-devel-2.6.18-8.1.6.el5.i686.rpm
x86_64:
4f4d6106881cab950dd1d53f4e29f264 kernel-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
386c302134fd4f02f58dbaa92a82baf3 kernel-debuginfo-common-2.6.18-8.1.6.el5.x86_64.rpm
dbe4f7c67bb11ae6861db4f887b53053 kernel-devel-2.6.18-8.1.6.el5.x86_64.rpm
16b4839286c2e0676ad336d1e2e9fddc kernel-xen-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
a3fe6cd0914e123d38dfe43c30d40ddc kernel-xen-devel-2.6.18-8.1.6.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-8.1.6.el5.src.rpm
ca4c1316fbd95a8d49f904e7bccc945e kernel-2.6.18-8.1.6.el5.src.rpm
i386:
751a0967b7267cdc841786d07535f043 kernel-2.6.18-8.1.6.el5.i686.rpm
972cbf91bd3a6d44f6ec8076a533d9af kernel-PAE-2.6.18-8.1.6.el5.i686.rpm
6beea141fda0927112d55f2c2df09d90 kernel-PAE-debuginfo-2.6.18-8.1.6.el5.i686.rpm
584699e4fe6d117e44f7e05b2fdd6ab9 kernel-PAE-devel-2.6.18-8.1.6.el5.i686.rpm
e9759676152604e9f933ec09e6ce1cd2 kernel-debuginfo-2.6.18-8.1.6.el5.i686.rpm
7708187d2868c4618a0013bdca469ad5 kernel-debuginfo-common-2.6.18-8.1.6.el5.i686.rpm
a86e33c65793ab34921b82f144811b2e kernel-devel-2.6.18-8.1.6.el5.i686.rpm
48d4505991b2366c786568543cb8ec2f kernel-headers-2.6.18-8.1.6.el5.i386.rpm
da0cec315cfa6fe94146db555055fda3 kernel-xen-2.6.18-8.1.6.el5.i686.rpm
90968933d212307fd4f978e2f582844e kernel-xen-debuginfo-2.6.18-8.1.6.el5.i686.rpm
9c793133f00941476dcaa77b2e768b0e kernel-xen-devel-2.6.18-8.1.6.el5.i686.rpm
ia64:
a7912a5558ec0173c0fdfee5fd2863bf kernel-2.6.18-8.1.6.el5.ia64.rpm
f5f1338e15ad825c3797720cde989aa9 kernel-debuginfo-2.6.18-8.1.6.el5.ia64.rpm
79d0579065c679526e0c20be6efbe663 kernel-debuginfo-common-2.6.18-8.1.6.el5.ia64.rpm
1311e18b2680a77fdca62c2ab49632f6 kernel-devel-2.6.18-8.1.6.el5.ia64.rpm
74b7ea13777122bf411be76b0a1144f8 kernel-headers-2.6.18-8.1.6.el5.ia64.rpm
42009c041ffe6a26596ab4816ea3abce kernel-xen-2.6.18-8.1.6.el5.ia64.rpm
c427979ca4b283d2a6e0c423d9585bc4 kernel-xen-debuginfo-2.6.18-8.1.6.el5.ia64.rpm
f8155ee4c63caad60eb508883d4c7dda kernel-xen-devel-2.6.18-8.1.6.el5.ia64.rpm
noarch:
f26ab19937282b8e62402fa0e69dcafd kernel-doc-2.6.18-8.1.6.el5.noarch.rpm
ppc:
1a69e468f30d703ffeb6ef773e1dbe59 kernel-2.6.18-8.1.6.el5.ppc64.rpm
50dd3a4b7845f277256da13b44857285 kernel-debuginfo-2.6.18-8.1.6.el5.ppc64.rpm
d4e68ff44cb1db63198836a6fa0682e2 kernel-debuginfo-common-2.6.18-8.1.6.el5.ppc64.rpm
b78b15d609855fe10466f4533b8f6310 kernel-devel-2.6.18-8.1.6.el5.ppc64.rpm
e406e68cbf4f7b5930e7e3149caa2235 kernel-headers-2.6.18-8.1.6.el5.ppc.rpm
b3337ae1d970c7a95238d3e413d2bc6e kernel-headers-2.6.18-8.1.6.el5.ppc64.rpm
748ae09ed90bebb5f5ccf72bf6c5c91a kernel-kdump-2.6.18-8.1.6.el5.ppc64.rpm
5f7bbbea25a3842cf6885bf487696a2e kernel-kdump-debuginfo-2.6.18-8.1.6.el5.ppc64.rpm
b69e9cad8402e47baac4e29b689a3872 kernel-kdump-devel-2.6.18-8.1.6.el5.ppc64.rpm
s390x:
0a4967dea91440f8d06d98841d2b2273 kernel-2.6.18-8.1.6.el5.s390x.rpm
68c34557826eb052661f4731efcd8dcf kernel-debuginfo-2.6.18-8.1.6.el5.s390x.rpm
92a8be9370d9ab515dae2515cd1f4308 kernel-debuginfo-common-2.6.18-8.1.6.el5.s390x.rpm
a477294269e511f48ef78e9e114a2047 kernel-devel-2.6.18-8.1.6.el5.s390x.rpm
24d34019d943bac327c5baecd6ab6bdd kernel-headers-2.6.18-8.1.6.el5.s390x.rpm
x86_64:
cfad289b0ece8e9fa7b630d7187b6346 kernel-2.6.18-8.1.6.el5.x86_64.rpm
4f4d6106881cab950dd1d53f4e29f264 kernel-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
386c302134fd4f02f58dbaa92a82baf3 kernel-debuginfo-common-2.6.18-8.1.6.el5.x86_64.rpm
dbe4f7c67bb11ae6861db4f887b53053 kernel-devel-2.6.18-8.1.6.el5.x86_64.rpm
c9da8f3c701a49d5dfb10b6c81cb3166 kernel-headers-2.6.18-8.1.6.el5.x86_64.rpm
a15f021f85dfd7146116e96165b3b13b kernel-xen-2.6.18-8.1.6.el5.x86_64.rpm
16b4839286c2e0676ad336d1e2e9fddc kernel-xen-debuginfo-2.6.18-8.1.6.el5.x86_64.rpm
a3fe6cd0914e123d38dfe43c30d40ddc kernel-xen-devel-2.6.18-8.1.6.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2525
http://www.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.