Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0063 -- [Linux][RedHat] Important: kernel security update 13 June 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: kernel Publisher: Red Hat Operating System: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 3 Linux variants Impact: Execute Arbitrary Code/Commands Increased Privileges Read-only Data Access Denial of Service Access: Remote/Unauthenticated Existing Account CVE Names: CVE-2006-6535 CVE-2006-6106 CVE-2006-6056 CVE-2006-6054 CVE-2006-6053 CVE-2006-5823 CVE-2006-5757 CVE-2006-5754 CVE-2006-5753 CVE-2006-5751 CVE-2006-5619 CVE-2006-5174 CVE-2006-4814 CVE-2006-4813 CVE-2006-4538 CVE-2007-1592 Ref: ESB-2007.0325 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0014.html https://rhn.redhat.com/errata/RHSA-2007-0436.html Comment: This advisory references vulnerabilities in the Linux kernel that also affects distributions other than Red Hat. It is recommended that administrators running Linux check for an updated version of the kernel for their system. This bulletin contains two Red Hat advisories fixing kernel vulnerabilities in RHEL 4 and RHEL 3 respectively. Revision History: June 13 2007: Updates available for RHEL3 January 31 2007: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2007:0014-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0014.html Issue date: 2007-01-30 Updated on: 2007-01-30 Product: Red Hat Enterprise Linux Keywords: nahant kernel update CVE Names: CVE-2006-4538 CVE-2006-4813 CVE-2006-4814 CVE-2006-5174 CVE-2006-5619 CVE-2006-5751 CVE-2006-5753 CVE-2006-5754 CVE-2006-5757 CVE-2006-5823 CVE-2006-6053 CVE-2006-6054 CVE-2006-6056 CVE-2006-6106 CVE-2006-6535 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the get_fdb_entries function of the network bridging support that allowed a local user to cause a denial of service (crash) or allow a potential privilege escalation (CVE-2006-5751, Important) * an information leak in the _block_prepare_write function that allowed a local user to read kernel memory (CVE-2006-4813, Important) * an information leak in the copy_from_user() implementation on s390 and s390x platforms that allowed a local user to read kernel memory (CVE-2006-5174, Important) * a flaw in the handling of /proc/net/ip6_flowlabel that allowed a local user to cause a denial of service (infinite loop) (CVE-2006-5619, Important) * a flaw in the AIO handling that allowed a local user to cause a denial of service (panic) (CVE-2006-5754, Important) * a race condition in the mincore system core that allowed a local user to cause a denial of service (system hang) (CVE-2006-4814, Moderate) * a flaw in the ELF handling on ia64 and sparc architectures which triggered a cross-region memory mapping and allowed a local user to cause a denial of service (CVE-2006-4538, Moderate) * a flaw in the dev_queue_xmit function of the network subsystem that allowed a local user to cause a denial of service (data corruption) (CVE-2006-6535, Moderate) * a flaw in the handling of CAPI messages over Bluetooth that allowed a remote system to cause a denial of service or potential code execution. This flaw is only exploitable if a privileged user establishes a connection to a malicious remote device (CVE-2006-6106, Moderate) * a flaw in the listxattr system call that allowed a local user to cause a denial of service (data corruption) or potential privilege escalation. To successfully exploit this flaw the existence of a bad inode is required first (CVE-2006-5753, Moderate) * a flaw in the __find_get_block_slow function that allowed a local privileged user to cause a denial of service (CVE-2006-5757, Low) * various flaws in the supported filesystems that allowed a local privileged user to cause a denial of service (CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6056, Low) In addition to the security issues described above, fixes for the following bugs were included: * initialization error of the tg3 driver with some BCM5703x network card * a memory leak in the audit subsystem * x86_64 nmi watchdog timeout is too short * ext2/3 directory reads fail intermittently Red Hat would like to thank Dmitriy Monakhov and Kostantin Khorenko for reporting issues fixed in this erratum. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 180663 - CVE-2006-4814 Race condition in mincore can cause "ps -ef" to hang 205335 - CVE-2006-4538 Local DoS with corrupted ELF 206328 - CVE-2006-5757 Linux kernel Filesystem Mount Dead Loop 207463 - CVE-2006-4813 Information leak in __block_prepare_write() 209435 - CVE-2006-5174 copy_from_user information leak on s390 212144 - CVE-2006-6535 unbalanced local_bh_enable() in dev_queue_xmit() 213214 - CVE-2006-5619 Lockup via /proc/net/ip6_flowlabel 213921 - SAN file systems becoming read-only 214288 - CVE-2006-5757 ISO9660 __find_get_block_slow() denial of service 216452 - CVE-2006-5751 Linux kernel get_fdb_entries() integer overflow 216958 - CVE-2006-5823 zlib_inflate memory corruption 217011 - CVE-2006-6056 SELinux superblock_doinit denial of service 217021 - CVE-2006-6054 ext2_check_page denial of service 217030 - CVE-2006-6053 ext3fs_dirhash denial of service 218602 - CVE-2006-6106 Multiple problems in net/bluetooth/cmtp/capi.c 220677 - CVE-2006-5753 listxattr syscall can corrupt user space programs 220971 - CVE-2006-5754 kernel panic in aio_free_ring() 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-42.0.8.EL.src.rpm 4c5a52437396f7a13656d571c953f23d kernel-2.6.9-42.0.8.EL.src.rpm i386: 9a273bb88feb2ba6de0a729f4303da77 kernel-2.6.9-42.0.8.EL.i686.rpm bc271f3c7db9510f305efc3d571218fb kernel-debuginfo-2.6.9-42.0.8.EL.i686.rpm dcdbe50947e78445971d26b80088d4a5 kernel-devel-2.6.9-42.0.8.EL.i686.rpm eaf0c5906009b600ae0d0b4d8dc10689 kernel-hugemem-2.6.9-42.0.8.EL.i686.rpm 4fda55afc62edb207d19859be66d0643 kernel-hugemem-devel-2.6.9-42.0.8.EL.i686.rpm 1a036e3aaa5ffc09a15e5941e33c37a0 kernel-smp-2.6.9-42.0.8.EL.i686.rpm 425feebacc995306ad28e58b35a94956 kernel-smp-devel-2.6.9-42.0.8.EL.i686.rpm ia64: 42c3f6b694e25790958aed0aecc5bcd0 kernel-2.6.9-42.0.8.EL.ia64.rpm a340710c18598dbace8534359937e156 kernel-debuginfo-2.6.9-42.0.8.EL.ia64.rpm 63d60b16a797bc511c1978eb785d4a51 kernel-devel-2.6.9-42.0.8.EL.ia64.rpm 88c4b888ee5568cc25edf1a9ff870fbb kernel-largesmp-2.6.9-42.0.8.EL.ia64.rpm af29b49da4539869697ae837515efdd9 kernel-largesmp-devel-2.6.9-42.0.8.EL.ia64.rpm noarch: 632e04bf2018dc6ce16f8ea48fd7ef06 kernel-doc-2.6.9-42.0.8.EL.noarch.rpm ppc: 4177872245f3a38f80cd48416d3e26ec kernel-2.6.9-42.0.8.EL.ppc64.rpm 1bced0760a374adb51c0be3558d08c0f kernel-2.6.9-42.0.8.EL.ppc64iseries.rpm c258aeb007e926474f354c2460277063 kernel-debuginfo-2.6.9-42.0.8.EL.ppc64.rpm 52c874905009c6084d42517924baeb92 kernel-debuginfo-2.6.9-42.0.8.EL.ppc64iseries.rpm 6d8b0391759a4ebb0fdd0ab9557f6e2b kernel-devel-2.6.9-42.0.8.EL.ppc64.rpm 504c22fedffe3211e3baf7cead42f4b2 kernel-devel-2.6.9-42.0.8.EL.ppc64iseries.rpm 67ba325845e53adb47491270cce6f25c kernel-largesmp-2.6.9-42.0.8.EL.ppc64.rpm 6913c4c29c66596002cafbeaf5e302e5 kernel-largesmp-devel-2.6.9-42.0.8.EL.ppc64.rpm s390: 465a450fa33240414a60c8fc6b667d93 kernel-2.6.9-42.0.8.EL.s390.rpm e0af614fd161d713f71dc8e68e359d6a kernel-debuginfo-2.6.9-42.0.8.EL.s390.rpm 85fd0c3ec8835e8db559534cea3c6499 kernel-devel-2.6.9-42.0.8.EL.s390.rpm s390x: 7b864b4442b5bfeead88fc3e71ec23ed kernel-2.6.9-42.0.8.EL.s390x.rpm efbaa832acbda6abd53df156978f3af1 kernel-debuginfo-2.6.9-42.0.8.EL.s390x.rpm 8aefa3b6fba894952ec26f65e531b3a9 kernel-devel-2.6.9-42.0.8.EL.s390x.rpm x86_64: 8c9145fdf63eef95fb496e66c38d4bc7 kernel-2.6.9-42.0.8.EL.x86_64.rpm 9299ae524c8c721e345d87f2b9bdcef6 kernel-debuginfo-2.6.9-42.0.8.EL.x86_64.rpm e008222f297bf17d90b61445c7d70076 kernel-devel-2.6.9-42.0.8.EL.x86_64.rpm 144ff394474bea230f46727ec9ed49c2 kernel-largesmp-2.6.9-42.0.8.EL.x86_64.rpm 7d419a43de741200d188a389c3f6fa75 kernel-largesmp-devel-2.6.9-42.0.8.EL.x86_64.rpm d8bb03294708f82e5724db0907d208dc kernel-smp-2.6.9-42.0.8.EL.x86_64.rpm b825e00d12216be12e3a15c5be7b8082 kernel-smp-devel-2.6.9-42.0.8.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-42.0.8.EL.src.rpm 4c5a52437396f7a13656d571c953f23d kernel-2.6.9-42.0.8.EL.src.rpm i386: 9a273bb88feb2ba6de0a729f4303da77 kernel-2.6.9-42.0.8.EL.i686.rpm bc271f3c7db9510f305efc3d571218fb kernel-debuginfo-2.6.9-42.0.8.EL.i686.rpm dcdbe50947e78445971d26b80088d4a5 kernel-devel-2.6.9-42.0.8.EL.i686.rpm eaf0c5906009b600ae0d0b4d8dc10689 kernel-hugemem-2.6.9-42.0.8.EL.i686.rpm 4fda55afc62edb207d19859be66d0643 kernel-hugemem-devel-2.6.9-42.0.8.EL.i686.rpm 1a036e3aaa5ffc09a15e5941e33c37a0 kernel-smp-2.6.9-42.0.8.EL.i686.rpm 425feebacc995306ad28e58b35a94956 kernel-smp-devel-2.6.9-42.0.8.EL.i686.rpm noarch: 632e04bf2018dc6ce16f8ea48fd7ef06 kernel-doc-2.6.9-42.0.8.EL.noarch.rpm x86_64: 8c9145fdf63eef95fb496e66c38d4bc7 kernel-2.6.9-42.0.8.EL.x86_64.rpm 9299ae524c8c721e345d87f2b9bdcef6 kernel-debuginfo-2.6.9-42.0.8.EL.x86_64.rpm e008222f297bf17d90b61445c7d70076 kernel-devel-2.6.9-42.0.8.EL.x86_64.rpm 144ff394474bea230f46727ec9ed49c2 kernel-largesmp-2.6.9-42.0.8.EL.x86_64.rpm 7d419a43de741200d188a389c3f6fa75 kernel-largesmp-devel-2.6.9-42.0.8.EL.x86_64.rpm d8bb03294708f82e5724db0907d208dc kernel-smp-2.6.9-42.0.8.EL.x86_64.rpm b825e00d12216be12e3a15c5be7b8082 kernel-smp-devel-2.6.9-42.0.8.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-42.0.8.EL.src.rpm 4c5a52437396f7a13656d571c953f23d kernel-2.6.9-42.0.8.EL.src.rpm i386: 9a273bb88feb2ba6de0a729f4303da77 kernel-2.6.9-42.0.8.EL.i686.rpm bc271f3c7db9510f305efc3d571218fb kernel-debuginfo-2.6.9-42.0.8.EL.i686.rpm dcdbe50947e78445971d26b80088d4a5 kernel-devel-2.6.9-42.0.8.EL.i686.rpm eaf0c5906009b600ae0d0b4d8dc10689 kernel-hugemem-2.6.9-42.0.8.EL.i686.rpm 4fda55afc62edb207d19859be66d0643 kernel-hugemem-devel-2.6.9-42.0.8.EL.i686.rpm 1a036e3aaa5ffc09a15e5941e33c37a0 kernel-smp-2.6.9-42.0.8.EL.i686.rpm 425feebacc995306ad28e58b35a94956 kernel-smp-devel-2.6.9-42.0.8.EL.i686.rpm ia64: 42c3f6b694e25790958aed0aecc5bcd0 kernel-2.6.9-42.0.8.EL.ia64.rpm a340710c18598dbace8534359937e156 kernel-debuginfo-2.6.9-42.0.8.EL.ia64.rpm 63d60b16a797bc511c1978eb785d4a51 kernel-devel-2.6.9-42.0.8.EL.ia64.rpm 88c4b888ee5568cc25edf1a9ff870fbb kernel-largesmp-2.6.9-42.0.8.EL.ia64.rpm af29b49da4539869697ae837515efdd9 kernel-largesmp-devel-2.6.9-42.0.8.EL.ia64.rpm noarch: 632e04bf2018dc6ce16f8ea48fd7ef06 kernel-doc-2.6.9-42.0.8.EL.noarch.rpm x86_64: 8c9145fdf63eef95fb496e66c38d4bc7 kernel-2.6.9-42.0.8.EL.x86_64.rpm 9299ae524c8c721e345d87f2b9bdcef6 kernel-debuginfo-2.6.9-42.0.8.EL.x86_64.rpm e008222f297bf17d90b61445c7d70076 kernel-devel-2.6.9-42.0.8.EL.x86_64.rpm 144ff394474bea230f46727ec9ed49c2 kernel-largesmp-2.6.9-42.0.8.EL.x86_64.rpm 7d419a43de741200d188a389c3f6fa75 kernel-largesmp-devel-2.6.9-42.0.8.EL.x86_64.rpm d8bb03294708f82e5724db0907d208dc kernel-smp-2.6.9-42.0.8.EL.x86_64.rpm b825e00d12216be12e3a15c5be7b8082 kernel-smp-devel-2.6.9-42.0.8.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-42.0.8.EL.src.rpm 4c5a52437396f7a13656d571c953f23d kernel-2.6.9-42.0.8.EL.src.rpm i386: 9a273bb88feb2ba6de0a729f4303da77 kernel-2.6.9-42.0.8.EL.i686.rpm bc271f3c7db9510f305efc3d571218fb kernel-debuginfo-2.6.9-42.0.8.EL.i686.rpm dcdbe50947e78445971d26b80088d4a5 kernel-devel-2.6.9-42.0.8.EL.i686.rpm eaf0c5906009b600ae0d0b4d8dc10689 kernel-hugemem-2.6.9-42.0.8.EL.i686.rpm 4fda55afc62edb207d19859be66d0643 kernel-hugemem-devel-2.6.9-42.0.8.EL.i686.rpm 1a036e3aaa5ffc09a15e5941e33c37a0 kernel-smp-2.6.9-42.0.8.EL.i686.rpm 425feebacc995306ad28e58b35a94956 kernel-smp-devel-2.6.9-42.0.8.EL.i686.rpm ia64: 42c3f6b694e25790958aed0aecc5bcd0 kernel-2.6.9-42.0.8.EL.ia64.rpm a340710c18598dbace8534359937e156 kernel-debuginfo-2.6.9-42.0.8.EL.ia64.rpm 63d60b16a797bc511c1978eb785d4a51 kernel-devel-2.6.9-42.0.8.EL.ia64.rpm 88c4b888ee5568cc25edf1a9ff870fbb kernel-largesmp-2.6.9-42.0.8.EL.ia64.rpm af29b49da4539869697ae837515efdd9 kernel-largesmp-devel-2.6.9-42.0.8.EL.ia64.rpm noarch: 632e04bf2018dc6ce16f8ea48fd7ef06 kernel-doc-2.6.9-42.0.8.EL.noarch.rpm x86_64: 8c9145fdf63eef95fb496e66c38d4bc7 kernel-2.6.9-42.0.8.EL.x86_64.rpm 9299ae524c8c721e345d87f2b9bdcef6 kernel-debuginfo-2.6.9-42.0.8.EL.x86_64.rpm e008222f297bf17d90b61445c7d70076 kernel-devel-2.6.9-42.0.8.EL.x86_64.rpm 144ff394474bea230f46727ec9ed49c2 kernel-largesmp-2.6.9-42.0.8.EL.x86_64.rpm 7d419a43de741200d188a389c3f6fa75 kernel-largesmp-devel-2.6.9-42.0.8.EL.x86_64.rpm d8bb03294708f82e5724db0907d208dc kernel-smp-2.6.9-42.0.8.EL.x86_64.rpm b825e00d12216be12e3a15c5be7b8082 kernel-smp-devel-2.6.9-42.0.8.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5619 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5751 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5757 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5823 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6535 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFv1h/XlSAg2UNWIIRAibaAJ9UFgB89W5J2+5B4QeJuuElzkPw8gCfTfja 2cotYMtskfMOUyzB75sJlO4= =ziV5 - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: Updated kernel packages for Red Hat Enterprise Linux 3 Update 9 Advisory ID: RHSA-2007:0436-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0436.html Issue date: 2007-06-07 Updated on: 2007-06-11 Product: Red Hat Enterprise Linux Keywords: taroon kernel update Obsoletes: RHSA-2006:0710 CVE Names: CVE-2006-5823 CVE-2006-6054 CVE-2007-1592 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the ninth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the ninth regular kernel update to Red Hat Enterprise Linux 3. There were no new features introduced by this update. The only changes that have been included address critical customer needs or security issues (elaborated below). Key areas affected by fixes in this update include the networking subsystem, dcache handling, the ext2 and ext3 file systems, the USB subsystem, ACPI handling, and the audit subsystem. There were also several isolated fixes in the tg3, e1000, megaraid_sas, and aacraid device drivers. The following security bugs were fixed in this update: * a flaw in the cramfs file system that allowed invalid compressed data to cause memory corruption (CVE-2006-5823, low) * a flaw in the ext2 file system that allowed an invalid inode size to cause a denial of service (system hang) (CVE-2006-6054, low) * a flaw in IPV6 flow label handling that allowed a local user to cause a denial of service (crash) (CVE-2007-1592, important) Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 128616 - acl permissions over nfs 137374 - Need fix for: [NETFILTER]: Fix checksum bug for multicast/broadcast packets on postrouting hook. 144794 - tg3 driver on BCM5703X won't load. Says tg3: Could not obtain valid ethernet address, aborting. 164855 - u5 patch that turned on Dprintk's in arch/x86_64/kernel/smpboot.c 171007 - powermate module does not recognize Griffin Powermate device 173350 - jbd I/O errors after ext3 orphan processing on readonly device 177300 - hugetlb_get_unmapped_area may overflow in X86_64 compat mode 189052 - Kernel panic on shutdown or poweroff on SMP 192796 - cut/paste bug in kscand 199542 - Data corruption after IO error on swap (RHEL3) 209154 - High speed USB HID devices not working in RHEL3 216960 - CVE-2006-5823 zlib_inflate memory corruption 217022 - CVE-2006-6054 ext2_check_page denial of service 217930 - [RHEL3] Netdump for 8139cp driver 224600 - running 32-bit executables on x86_64/ia64/s390x causes negative "vm_committed_space" value 226895 - Kernel oops when loading ipmi_si module 231912 - Laus doesn't audit detach event 232221 - Laus dev.audit.attach-all doesn't attach to init 232336 - Enable use of PAL_HALT_LIGHT for idle loop as non-default option 233262 - ipv6 OOPS triggerable by any user 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-50.EL.src.rpm c79722a872a08eb82398a58749f270cf kernel-2.4.21-50.EL.src.rpm i386: 7cfbe7d0110e0c1381b73177104119ec kernel-2.4.21-50.EL.athlon.rpm 7203347beb0c4659f63bebb1e487b009 kernel-2.4.21-50.EL.i686.rpm 5c994b0987b31010cb0a825e022aee84 kernel-BOOT-2.4.21-50.EL.i386.rpm fae1d5c55370b3247bdaeb8c554d0ce5 kernel-debuginfo-2.4.21-50.EL.athlon.rpm aba8af6dc7681e0ec6296478caa5afbe kernel-debuginfo-2.4.21-50.EL.i386.rpm dfeb338d473d9f4ea25e4c5f009f93a4 kernel-debuginfo-2.4.21-50.EL.i686.rpm 277167db623567d2772f53c9442aab79 kernel-doc-2.4.21-50.EL.i386.rpm fe20ef598810be1ee1eb5a7b34994e63 kernel-hugemem-2.4.21-50.EL.i686.rpm 4c19a2a12f011afbcf8ee09dfe19d9b5 kernel-hugemem-unsupported-2.4.21-50.EL.i686.rpm 1ceae1fcc0a9d53ee80ca959f077d1bf kernel-smp-2.4.21-50.EL.athlon.rpm 71e88c7296ff3dacdccfdac4e3071df2 kernel-smp-2.4.21-50.EL.i686.rpm 59b44b72919e9aa6ca57bd5eaafd686b kernel-smp-unsupported-2.4.21-50.EL.athlon.rpm 57239b02735863035421e6b4f9152790 kernel-smp-unsupported-2.4.21-50.EL.i686.rpm 2e0d8c5c9d320ba251483de4ebb30d68 kernel-source-2.4.21-50.EL.i386.rpm 1543ab5008587ee48e77f6ff55e3b69e kernel-unsupported-2.4.21-50.EL.athlon.rpm f6b4df392ef5cdc8760377f802d8d0d8 kernel-unsupported-2.4.21-50.EL.i686.rpm ia64: 4ecbfd266438b2f64846b583608886f3 kernel-2.4.21-50.EL.ia64.rpm 26e27e76ff1b0034115ea29ed665f5d3 kernel-debuginfo-2.4.21-50.EL.ia64.rpm 29ad4e24dbfdfdc3898ed12a960c7fac kernel-doc-2.4.21-50.EL.ia64.rpm bc1684ae959c30fa809b0ed9304b0aad kernel-source-2.4.21-50.EL.ia64.rpm cde442e6c7fba9087ac7c92ee40748e3 kernel-unsupported-2.4.21-50.EL.ia64.rpm ppc: 2f7744a0ce4d5828b24dfb11f3582f62 kernel-2.4.21-50.EL.ppc64iseries.rpm 0deb3e0d8635dd62587ab8cc5dd15b4f kernel-2.4.21-50.EL.ppc64pseries.rpm e5fcea12133e5a85b23ae7cf828293c1 kernel-debuginfo-2.4.21-50.EL.ppc64.rpm c7ecd608935b1b1207f35d1b8b9cb034 kernel-debuginfo-2.4.21-50.EL.ppc64iseries.rpm 7217c44962ebcd635ac4db43cd85ece5 kernel-debuginfo-2.4.21-50.EL.ppc64pseries.rpm b72e3d9dfbcdc60ef35784860f1aefe7 kernel-doc-2.4.21-50.EL.ppc64.rpm e066a029b086eca8621082f6113aca8b kernel-source-2.4.21-50.EL.ppc64.rpm ade7659061ea001fc8dccf356350584e kernel-unsupported-2.4.21-50.EL.ppc64iseries.rpm 908c4d68a46a7731a639efde75bfe8be kernel-unsupported-2.4.21-50.EL.ppc64pseries.rpm s390: 7cc098163ea8521e71fa5cb9599e430a kernel-2.4.21-50.EL.s390.rpm f471fbb4022ea086cb3dd9715be0904e kernel-debuginfo-2.4.21-50.EL.s390.rpm 8d4aede1a46ed6da1e6162cc67cb13ce kernel-doc-2.4.21-50.EL.s390.rpm f57c2055269270541629220914a7bfd1 kernel-source-2.4.21-50.EL.s390.rpm 9bd2949e1681035d8d9ae7667a09a43b kernel-unsupported-2.4.21-50.EL.s390.rpm s390x: 76811eb47f700e3abb5058b271db6098 kernel-2.4.21-50.EL.s390x.rpm a4767cbfb6887b6d538a9380aecd6478 kernel-debuginfo-2.4.21-50.EL.s390x.rpm 349a97363d9b77d2397f59bf1719cc80 kernel-doc-2.4.21-50.EL.s390x.rpm cf755ee59b7fa3e5cc50267eae6efb3d kernel-source-2.4.21-50.EL.s390x.rpm 3b4a567c303cd51b61e9f77dc2eea76a kernel-unsupported-2.4.21-50.EL.s390x.rpm x86_64: da285ae8b8a1d4dc3fe0411861488119 kernel-2.4.21-50.EL.ia32e.rpm 5f7e05a4ca91441fdd52d79da1886dfe kernel-2.4.21-50.EL.x86_64.rpm 9e2be2ea882e105ea3926d41bf1442be kernel-debuginfo-2.4.21-50.EL.ia32e.rpm a7b578a947b841e1334135c97fa0d390 kernel-debuginfo-2.4.21-50.EL.x86_64.rpm fe43cb360a3130855db0404bda411cd1 kernel-doc-2.4.21-50.EL.x86_64.rpm 6ca6c1e84c6f11ac9dc40c27d40b9473 kernel-smp-2.4.21-50.EL.x86_64.rpm 9d3594ab2e34a316668685dbe2ed4511 kernel-smp-unsupported-2.4.21-50.EL.x86_64.rpm 5e2951403ef3036cd82b70fc91e86100 kernel-source-2.4.21-50.EL.x86_64.rpm 372d28ebf73a915bb4fdf8b4433910ac kernel-unsupported-2.4.21-50.EL.ia32e.rpm 90fb18a58a605af3337fcaf7e69b8010 kernel-unsupported-2.4.21-50.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-50.EL.src.rpm c79722a872a08eb82398a58749f270cf kernel-2.4.21-50.EL.src.rpm i386: 7cfbe7d0110e0c1381b73177104119ec kernel-2.4.21-50.EL.athlon.rpm 7203347beb0c4659f63bebb1e487b009 kernel-2.4.21-50.EL.i686.rpm 5c994b0987b31010cb0a825e022aee84 kernel-BOOT-2.4.21-50.EL.i386.rpm fae1d5c55370b3247bdaeb8c554d0ce5 kernel-debuginfo-2.4.21-50.EL.athlon.rpm aba8af6dc7681e0ec6296478caa5afbe kernel-debuginfo-2.4.21-50.EL.i386.rpm dfeb338d473d9f4ea25e4c5f009f93a4 kernel-debuginfo-2.4.21-50.EL.i686.rpm 277167db623567d2772f53c9442aab79 kernel-doc-2.4.21-50.EL.i386.rpm fe20ef598810be1ee1eb5a7b34994e63 kernel-hugemem-2.4.21-50.EL.i686.rpm 4c19a2a12f011afbcf8ee09dfe19d9b5 kernel-hugemem-unsupported-2.4.21-50.EL.i686.rpm 1ceae1fcc0a9d53ee80ca959f077d1bf kernel-smp-2.4.21-50.EL.athlon.rpm 71e88c7296ff3dacdccfdac4e3071df2 kernel-smp-2.4.21-50.EL.i686.rpm 59b44b72919e9aa6ca57bd5eaafd686b kernel-smp-unsupported-2.4.21-50.EL.athlon.rpm 57239b02735863035421e6b4f9152790 kernel-smp-unsupported-2.4.21-50.EL.i686.rpm 2e0d8c5c9d320ba251483de4ebb30d68 kernel-source-2.4.21-50.EL.i386.rpm 1543ab5008587ee48e77f6ff55e3b69e kernel-unsupported-2.4.21-50.EL.athlon.rpm f6b4df392ef5cdc8760377f802d8d0d8 kernel-unsupported-2.4.21-50.EL.i686.rpm x86_64: da285ae8b8a1d4dc3fe0411861488119 kernel-2.4.21-50.EL.ia32e.rpm 5f7e05a4ca91441fdd52d79da1886dfe kernel-2.4.21-50.EL.x86_64.rpm 9e2be2ea882e105ea3926d41bf1442be kernel-debuginfo-2.4.21-50.EL.ia32e.rpm a7b578a947b841e1334135c97fa0d390 kernel-debuginfo-2.4.21-50.EL.x86_64.rpm fe43cb360a3130855db0404bda411cd1 kernel-doc-2.4.21-50.EL.x86_64.rpm 6ca6c1e84c6f11ac9dc40c27d40b9473 kernel-smp-2.4.21-50.EL.x86_64.rpm 9d3594ab2e34a316668685dbe2ed4511 kernel-smp-unsupported-2.4.21-50.EL.x86_64.rpm 5e2951403ef3036cd82b70fc91e86100 kernel-source-2.4.21-50.EL.x86_64.rpm 372d28ebf73a915bb4fdf8b4433910ac kernel-unsupported-2.4.21-50.EL.ia32e.rpm 90fb18a58a605af3337fcaf7e69b8010 kernel-unsupported-2.4.21-50.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-50.EL.src.rpm c79722a872a08eb82398a58749f270cf kernel-2.4.21-50.EL.src.rpm i386: 7cfbe7d0110e0c1381b73177104119ec kernel-2.4.21-50.EL.athlon.rpm 7203347beb0c4659f63bebb1e487b009 kernel-2.4.21-50.EL.i686.rpm 5c994b0987b31010cb0a825e022aee84 kernel-BOOT-2.4.21-50.EL.i386.rpm fae1d5c55370b3247bdaeb8c554d0ce5 kernel-debuginfo-2.4.21-50.EL.athlon.rpm aba8af6dc7681e0ec6296478caa5afbe kernel-debuginfo-2.4.21-50.EL.i386.rpm dfeb338d473d9f4ea25e4c5f009f93a4 kernel-debuginfo-2.4.21-50.EL.i686.rpm 277167db623567d2772f53c9442aab79 kernel-doc-2.4.21-50.EL.i386.rpm fe20ef598810be1ee1eb5a7b34994e63 kernel-hugemem-2.4.21-50.EL.i686.rpm 4c19a2a12f011afbcf8ee09dfe19d9b5 kernel-hugemem-unsupported-2.4.21-50.EL.i686.rpm 1ceae1fcc0a9d53ee80ca959f077d1bf kernel-smp-2.4.21-50.EL.athlon.rpm 71e88c7296ff3dacdccfdac4e3071df2 kernel-smp-2.4.21-50.EL.i686.rpm 59b44b72919e9aa6ca57bd5eaafd686b kernel-smp-unsupported-2.4.21-50.EL.athlon.rpm 57239b02735863035421e6b4f9152790 kernel-smp-unsupported-2.4.21-50.EL.i686.rpm 2e0d8c5c9d320ba251483de4ebb30d68 kernel-source-2.4.21-50.EL.i386.rpm 1543ab5008587ee48e77f6ff55e3b69e kernel-unsupported-2.4.21-50.EL.athlon.rpm f6b4df392ef5cdc8760377f802d8d0d8 kernel-unsupported-2.4.21-50.EL.i686.rpm ia64: 4ecbfd266438b2f64846b583608886f3 kernel-2.4.21-50.EL.ia64.rpm 26e27e76ff1b0034115ea29ed665f5d3 kernel-debuginfo-2.4.21-50.EL.ia64.rpm 29ad4e24dbfdfdc3898ed12a960c7fac kernel-doc-2.4.21-50.EL.ia64.rpm bc1684ae959c30fa809b0ed9304b0aad kernel-source-2.4.21-50.EL.ia64.rpm cde442e6c7fba9087ac7c92ee40748e3 kernel-unsupported-2.4.21-50.EL.ia64.rpm x86_64: da285ae8b8a1d4dc3fe0411861488119 kernel-2.4.21-50.EL.ia32e.rpm 5f7e05a4ca91441fdd52d79da1886dfe kernel-2.4.21-50.EL.x86_64.rpm 9e2be2ea882e105ea3926d41bf1442be kernel-debuginfo-2.4.21-50.EL.ia32e.rpm a7b578a947b841e1334135c97fa0d390 kernel-debuginfo-2.4.21-50.EL.x86_64.rpm fe43cb360a3130855db0404bda411cd1 kernel-doc-2.4.21-50.EL.x86_64.rpm 6ca6c1e84c6f11ac9dc40c27d40b9473 kernel-smp-2.4.21-50.EL.x86_64.rpm 9d3594ab2e34a316668685dbe2ed4511 kernel-smp-unsupported-2.4.21-50.EL.x86_64.rpm 5e2951403ef3036cd82b70fc91e86100 kernel-source-2.4.21-50.EL.x86_64.rpm 372d28ebf73a915bb4fdf8b4433910ac kernel-unsupported-2.4.21-50.EL.ia32e.rpm 90fb18a58a605af3337fcaf7e69b8010 kernel-unsupported-2.4.21-50.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-50.EL.src.rpm c79722a872a08eb82398a58749f270cf kernel-2.4.21-50.EL.src.rpm i386: 7cfbe7d0110e0c1381b73177104119ec kernel-2.4.21-50.EL.athlon.rpm 7203347beb0c4659f63bebb1e487b009 kernel-2.4.21-50.EL.i686.rpm 5c994b0987b31010cb0a825e022aee84 kernel-BOOT-2.4.21-50.EL.i386.rpm fae1d5c55370b3247bdaeb8c554d0ce5 kernel-debuginfo-2.4.21-50.EL.athlon.rpm aba8af6dc7681e0ec6296478caa5afbe kernel-debuginfo-2.4.21-50.EL.i386.rpm dfeb338d473d9f4ea25e4c5f009f93a4 kernel-debuginfo-2.4.21-50.EL.i686.rpm 277167db623567d2772f53c9442aab79 kernel-doc-2.4.21-50.EL.i386.rpm fe20ef598810be1ee1eb5a7b34994e63 kernel-hugemem-2.4.21-50.EL.i686.rpm 4c19a2a12f011afbcf8ee09dfe19d9b5 kernel-hugemem-unsupported-2.4.21-50.EL.i686.rpm 1ceae1fcc0a9d53ee80ca959f077d1bf kernel-smp-2.4.21-50.EL.athlon.rpm 71e88c7296ff3dacdccfdac4e3071df2 kernel-smp-2.4.21-50.EL.i686.rpm 59b44b72919e9aa6ca57bd5eaafd686b kernel-smp-unsupported-2.4.21-50.EL.athlon.rpm 57239b02735863035421e6b4f9152790 kernel-smp-unsupported-2.4.21-50.EL.i686.rpm 2e0d8c5c9d320ba251483de4ebb30d68 kernel-source-2.4.21-50.EL.i386.rpm 1543ab5008587ee48e77f6ff55e3b69e kernel-unsupported-2.4.21-50.EL.athlon.rpm f6b4df392ef5cdc8760377f802d8d0d8 kernel-unsupported-2.4.21-50.EL.i686.rpm ia64: 4ecbfd266438b2f64846b583608886f3 kernel-2.4.21-50.EL.ia64.rpm 26e27e76ff1b0034115ea29ed665f5d3 kernel-debuginfo-2.4.21-50.EL.ia64.rpm 29ad4e24dbfdfdc3898ed12a960c7fac kernel-doc-2.4.21-50.EL.ia64.rpm bc1684ae959c30fa809b0ed9304b0aad kernel-source-2.4.21-50.EL.ia64.rpm cde442e6c7fba9087ac7c92ee40748e3 kernel-unsupported-2.4.21-50.EL.ia64.rpm x86_64: da285ae8b8a1d4dc3fe0411861488119 kernel-2.4.21-50.EL.ia32e.rpm 5f7e05a4ca91441fdd52d79da1886dfe kernel-2.4.21-50.EL.x86_64.rpm 9e2be2ea882e105ea3926d41bf1442be kernel-debuginfo-2.4.21-50.EL.ia32e.rpm a7b578a947b841e1334135c97fa0d390 kernel-debuginfo-2.4.21-50.EL.x86_64.rpm fe43cb360a3130855db0404bda411cd1 kernel-doc-2.4.21-50.EL.x86_64.rpm 6ca6c1e84c6f11ac9dc40c27d40b9473 kernel-smp-2.4.21-50.EL.x86_64.rpm 9d3594ab2e34a316668685dbe2ed4511 kernel-smp-unsupported-2.4.21-50.EL.x86_64.rpm 5e2951403ef3036cd82b70fc91e86100 kernel-source-2.4.21-50.EL.x86_64.rpm 372d28ebf73a915bb4fdf8b4433910ac kernel-unsupported-2.4.21-50.EL.ia32e.rpm 90fb18a58a605af3337fcaf7e69b8010 kernel-unsupported-2.4.21-50.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5823 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1592 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGbYwhXlSAg2UNWIIRAu21AJ4u7MYtxy5/U0mOX2xTWtLf2sy+rACeN9zM +sZgNmsh32K6L0l5/v0eeOI= =Omh9 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRm+Muyh9+71yA2DNAQIv2AP/UbuCytgjwZm+Bo4xKJvmZXxwt3RJv8RA eCNT5Vgn7qHA9JdWrrjuJkUfdLodp8u+lwGCDgM5Zh3COMS/VfedVlwkZkuZbGXR K4rVYAOkf1ETHN+d2vDcuKiIX8UDC9GykjBaFV52GiGXPXgBSpjNXrQdrYg1aGZu 1sHXQcnjc7c= =64ca -----END PGP SIGNATURE-----