3 Security Updates for RHEL  

Posted by Daniela Mehler

Red Hat has published the following 3 security advisories:

- [RHSA-2010:0720-02] Moderate: mikmod security update
- [RHSA-2010:0719-01] Important: kernel security update
- [RHSA-2010:0718-01] Important: kernel security update

[RHSA-2010:0720-02] Moderate: mikmod security update
=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: mikmod security update
Advisory ID: RHSA-2010:0720-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0720.html
Issue date: 2010-09-28
CVE Names: CVE-2007-6720 CVE-2009-3995 CVE-2009-3996
=====================================================================

1. Summary:

Updated mikmod packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3, 4, and 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

MikMod is a MOD music file player for Linux, UNIX, and similar operating
systems. It supports various file formats including MOD, STM, S3M, MTM, XM,
ULT, and IT.

Multiple input validation flaws, resulting in buffer overflows, were
discovered in MikMod. Specially-crafted music files in various formats
could, when played, cause an application using the MikMod library to crash
or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996,
CVE-2007-6720)

All MikMod users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running applications using
the MikMod library must be restarted for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

479829 - CVE-2007-6720 mikmod: crash or abort when loading/playing multiple files with different number of channels
614643 - CVE-2009-3995 CVE-2009-3996 libmikmod: arbitrary code execution via crafted Impulse Tracker or Ultratracker files

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mikmod-3.1.6-23.el3.src.rpm

i386:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-devel-3.1.6-23.el3.i386.rpm

ia64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.ia64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.ia64.rpm
mikmod-devel-3.1.6-23.el3.ia64.rpm

ppc:
mikmod-3.1.6-23.el3.ppc.rpm
mikmod-3.1.6-23.el3.ppc64.rpm
mikmod-debuginfo-3.1.6-23.el3.ppc.rpm
mikmod-debuginfo-3.1.6-23.el3.ppc64.rpm
mikmod-devel-3.1.6-23.el3.ppc.rpm

s390:
mikmod-3.1.6-23.el3.s390.rpm
mikmod-debuginfo-3.1.6-23.el3.s390.rpm
mikmod-devel-3.1.6-23.el3.s390.rpm

s390x:
mikmod-3.1.6-23.el3.s390.rpm
mikmod-3.1.6-23.el3.s390x.rpm
mikmod-debuginfo-3.1.6-23.el3.s390.rpm
mikmod-debuginfo-3.1.6-23.el3.s390x.rpm
mikmod-devel-3.1.6-23.el3.s390x.rpm

x86_64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.x86_64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.x86_64.rpm
mikmod-devel-3.1.6-23.el3.x86_64.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mikmod-3.1.6-23.el3.src.rpm

i386:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-devel-3.1.6-23.el3.i386.rpm

x86_64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.x86_64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.x86_64.rpm
mikmod-devel-3.1.6-23.el3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mikmod-3.1.6-23.el3.src.rpm

i386:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-devel-3.1.6-23.el3.i386.rpm

ia64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.ia64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.ia64.rpm
mikmod-devel-3.1.6-23.el3.ia64.rpm

x86_64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.x86_64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.x86_64.rpm
mikmod-devel-3.1.6-23.el3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mikmod-3.1.6-23.el3.src.rpm

i386:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-devel-3.1.6-23.el3.i386.rpm

ia64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.ia64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.ia64.rpm
mikmod-devel-3.1.6-23.el3.ia64.rpm

x86_64:
mikmod-3.1.6-23.el3.i386.rpm
mikmod-3.1.6-23.el3.x86_64.rpm
mikmod-debuginfo-3.1.6-23.el3.i386.rpm
mikmod-debuginfo-3.1.6-23.el3.x86_64.rpm
mikmod-devel-3.1.6-23.el3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mikmod-3.1.6-33.el4_8.1.src.rpm

i386:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-devel-3.1.6-33.el4_8.1.i386.rpm

ia64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.ia64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.ia64.rpm
mikmod-devel-3.1.6-33.el4_8.1.ia64.rpm

ppc:
mikmod-3.1.6-33.el4_8.1.ppc.rpm
mikmod-3.1.6-33.el4_8.1.ppc64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.ppc.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.ppc64.rpm
mikmod-devel-3.1.6-33.el4_8.1.ppc.rpm

s390:
mikmod-3.1.6-33.el4_8.1.s390.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.s390.rpm
mikmod-devel-3.1.6-33.el4_8.1.s390.rpm

s390x:
mikmod-3.1.6-33.el4_8.1.s390.rpm
mikmod-3.1.6-33.el4_8.1.s390x.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.s390.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.s390x.rpm
mikmod-devel-3.1.6-33.el4_8.1.s390x.rpm

x86_64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mikmod-3.1.6-33.el4_8.1.src.rpm

i386:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-devel-3.1.6-33.el4_8.1.i386.rpm

x86_64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mikmod-3.1.6-33.el4_8.1.src.rpm

i386:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-devel-3.1.6-33.el4_8.1.i386.rpm

ia64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.ia64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.ia64.rpm
mikmod-devel-3.1.6-33.el4_8.1.ia64.rpm

x86_64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mikmod-3.1.6-33.el4_8.1.src.rpm

i386:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-devel-3.1.6-33.el4_8.1.i386.rpm

ia64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.ia64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.ia64.rpm
mikmod-devel-3.1.6-33.el4_8.1.ia64.rpm

x86_64:
mikmod-3.1.6-33.el4_8.1.i386.rpm
mikmod-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.i386.rpm
mikmod-debuginfo-3.1.6-33.el4_8.1.x86_64.rpm
mikmod-devel-3.1.6-33.el4_8.1.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mikmod-3.1.6-39.el5_5.1.src.rpm

i386:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm

x86_64:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-3.1.6-39.el5_5.1.x86_64.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mikmod-3.1.6-39.el5_5.1.src.rpm

i386:
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm

x86_64:
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.x86_64.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/mikmod-3.1.6-39.el5_5.1.src.rpm

i386:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm

ia64:
mikmod-3.1.6-39.el5_5.1.ia64.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.ia64.rpm
mikmod-devel-3.1.6-39.el5_5.1.ia64.rpm

ppc:
mikmod-3.1.6-39.el5_5.1.ppc.rpm
mikmod-3.1.6-39.el5_5.1.ppc64.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.ppc.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.ppc64.rpm
mikmod-devel-3.1.6-39.el5_5.1.ppc.rpm
mikmod-devel-3.1.6-39.el5_5.1.ppc64.rpm

s390x:
mikmod-3.1.6-39.el5_5.1.s390.rpm
mikmod-3.1.6-39.el5_5.1.s390x.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.s390.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.s390x.rpm
mikmod-devel-3.1.6-39.el5_5.1.s390.rpm
mikmod-devel-3.1.6-39.el5_5.1.s390x.rpm

x86_64:
mikmod-3.1.6-39.el5_5.1.i386.rpm
mikmod-3.1.6-39.el5_5.1.x86_64.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.i386.rpm
mikmod-debuginfo-3.1.6-39.el5_5.1.x86_64.rpm
mikmod-devel-3.1.6-39.el5_5.1.i386.rpm
mikmod-devel-3.1.6-39.el5_5.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2007-6720.html
https://www.redhat.com/security/data/cve/CVE-2009-3995.html
https://www.redhat.com/security/data/cve/CVE-2009-3996.html
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.

[RHSA-2010:0719-01] Important: kernel security update
=====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2010:0719-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0719.html
Issue date: 2010-09-28
CVE Names: CVE-2010-3081
=====================================================================

1. Summary:

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.7 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* The compat_alloc_user_space() function in the Linux kernel 32/64-bit
compatibility layer implementation was missing sanity checks. This function
could be abused in other areas of the Linux kernel if its length argument
can be controlled from user-space. On 64-bit systems, a local, unprivileged
user could use this flaw to escalate their privileges. (CVE-2010-3081,
Important)

Red Hat would like to thank Ben Hawkes for reporting this issue.

Refer to Knowledgebase article DOC-40265 for further details:
https://access.redhat.com/kb/docs/DOC-40265

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

634457 - CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

6. Package List:

Red Hat Enterprise Linux AS version 4.7.z:

Source:
kernel-2.6.9-78.0.33.EL.src.rpm

i386:
kernel-2.6.9-78.0.33.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.i686.rpm
kernel-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.33.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-smp-2.6.9-78.0.33.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-xenU-2.6.9-78.0.33.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.33.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.33.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.ia64.rpm
kernel-devel-2.6.9-78.0.33.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.33.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.33.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm

ppc:
kernel-2.6.9-78.0.33.EL.ppc64.rpm
kernel-2.6.9-78.0.33.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.ppc64.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.ppc64iseries.rpm
kernel-devel-2.6.9-78.0.33.EL.ppc64.rpm
kernel-devel-2.6.9-78.0.33.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-78.0.33.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-78.0.33.EL.ppc64.rpm

s390:
kernel-2.6.9-78.0.33.EL.s390.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.s390.rpm
kernel-devel-2.6.9-78.0.33.EL.s390.rpm

s390x:
kernel-2.6.9-78.0.33.EL.s390x.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.s390x.rpm
kernel-devel-2.6.9-78.0.33.EL.s390x.rpm

x86_64:
kernel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.33.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.33.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.33.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.33.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4.7.z:

Source:
kernel-2.6.9-78.0.33.EL.src.rpm

i386:
kernel-2.6.9-78.0.33.EL.i686.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.i686.rpm
kernel-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-hugemem-2.6.9-78.0.33.EL.i686.rpm
kernel-hugemem-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-smp-2.6.9-78.0.33.EL.i686.rpm
kernel-smp-devel-2.6.9-78.0.33.EL.i686.rpm
kernel-xenU-2.6.9-78.0.33.EL.i686.rpm
kernel-xenU-devel-2.6.9-78.0.33.EL.i686.rpm

ia64:
kernel-2.6.9-78.0.33.EL.ia64.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.ia64.rpm
kernel-devel-2.6.9-78.0.33.EL.ia64.rpm
kernel-largesmp-2.6.9-78.0.33.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-78.0.33.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm

x86_64:
kernel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-debuginfo-2.6.9-78.0.33.EL.x86_64.rpm
kernel-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-largesmp-2.6.9-78.0.33.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-smp-2.6.9-78.0.33.EL.x86_64.rpm
kernel-smp-devel-2.6.9-78.0.33.EL.x86_64.rpm
kernel-xenU-2.6.9-78.0.33.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-78.0.33.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-3081.html
http://www.redhat.com/security/updates/classification/#important
https://access.redhat.com/kb/docs/DOC-40265

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.

[RHSA-2010:0718-01] Important: kernel security update
=====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2010:0718-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0718.html
Issue date: 2010-09-28
CVE Names: CVE-2010-3081
=====================================================================

1. Summary:

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* The compat_alloc_user_space() function in the Linux kernel 32/64-bit
compatibility layer implementation was missing sanity checks. This function
could be abused in other areas of the Linux kernel if its length argument
can be controlled from user-space. On 64-bit systems, a local, unprivileged
user could use this flaw to escalate their privileges. (CVE-2010-3081,
Important)

Red Hat would like to thank Ben Hawkes for reporting this issue.

Refer to Knowledgebase article DOC-40265 for further details:
https://access.redhat.com/kb/docs/DOC-40265

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

5. Bugs fixed (http://bugzilla.redhat.com/):

634457 - CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.29.1.EL.src.rpm

i386:
kernel-2.6.9-89.29.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.i686.rpm
kernel-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.29.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.ia64.rpm
kernel-devel-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.29.1.EL.noarch.rpm

ppc:
kernel-2.6.9-89.29.1.EL.ppc64.rpm
kernel-2.6.9-89.29.1.EL.ppc64iseries.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.ppc64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.ppc64iseries.rpm
kernel-devel-2.6.9-89.29.1.EL.ppc64.rpm
kernel-devel-2.6.9-89.29.1.EL.ppc64iseries.rpm
kernel-largesmp-2.6.9-89.29.1.EL.ppc64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.ppc64.rpm

s390:
kernel-2.6.9-89.29.1.EL.s390.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.s390.rpm
kernel-devel-2.6.9-89.29.1.EL.s390.rpm

s390x:
kernel-2.6.9-89.29.1.EL.s390x.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.s390x.rpm
kernel-devel-2.6.9-89.29.1.EL.s390x.rpm

x86_64:
kernel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.29.1.EL.src.rpm

i386:
kernel-2.6.9-89.29.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.i686.rpm
kernel-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.i686.rpm

noarch:
kernel-doc-2.6.9-89.29.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.29.1.EL.src.rpm

i386:
kernel-2.6.9-89.29.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.i686.rpm
kernel-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.29.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.ia64.rpm
kernel-devel-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.29.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.29.1.EL.src.rpm

i386:
kernel-2.6.9-89.29.1.EL.i686.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.i686.rpm
kernel-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-2.6.9-89.29.1.EL.i686.rpm
kernel-hugemem-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-2.6.9-89.29.1.EL.i686.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-2.6.9-89.29.1.EL.i686.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.i686.rpm

ia64:
kernel-2.6.9-89.29.1.EL.ia64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.ia64.rpm
kernel-devel-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.ia64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.ia64.rpm

noarch:
kernel-doc-2.6.9-89.29.1.EL.noarch.rpm

x86_64:
kernel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-debuginfo-2.6.9-89.29.1.EL.x86_64.rpm
kernel-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-largesmp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-2.6.9-89.29.1.EL.x86_64.rpm
kernel-smp-devel-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-2.6.9-89.29.1.EL.x86_64.rpm
kernel-xenU-devel-2.6.9-89.29.1.EL.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-3081.html
http://www.redhat.com/security/updates/classification/#important
https://access.redhat.com/kb/docs/DOC-40265

8. Contact:

The Red Hat security contact is . More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.

This entry was posted on 3:55 PM .