RHSA-2009:0225: Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update

First published: Tue Jan 20 2009(Updated: )

The Linux kernel (the core of the Linux operating system)<br>These updated packages contain 730 bug fixes and enhancements for the Linux<br>kernel. Space precludes a detailed description of each of these changes in<br>this advisory and users are therefore directed to the release notes for Red<br>Hat Enterprise Linux 5.3 for information on 97 of the most significant of<br>these changes. <br>Details of three security-related bug fixes are set out below, along with<br>notes on other broad categories of change not covered in the release notes.<br>For more detailed information on specific bug fixes or enhancements, please<br>consult the Bugzilla numbers listed in this advisory.<br><li> when fput() was called to close a socket, the __scm_destroy() function </li> in the Linux kernel could make indirect recursive calls to itself. This <br>could, potentially, lead to a denial of service issue. (CVE-2008-5029, <br>Important)<br><li> a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A</li> local, unprivileged user could use the flaw to listen on the same socket<br>more than once, possibly causing a denial of service. (CVE-2008-5079,<br>Important)<br><li> a race condition was found in the Linux kernel "inotify" watch removal</li> and umount implementation. This could allow a local, unprivileged user <br>to cause a privilege escalation or a denial of service. (CVE-2008-5182, <br>Important)<br><li> Bug fixes and enhancements are provided for:</li> <li> support for specific NICs, including products from the following</li> manufacturers:<br>Broadcom<br>Chelsio<br>Cisco<br>Intel<br>Marvell<br>NetXen<br>Realtek<br>Sun<br><li> Fiber Channel support, including support for Qlogic qla2xxx,</li> qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.<br><li> support for various CPUs, including:</li> AMD Opteron processors with 45 nm SOI ("Shanghai")<br>AMD Turion Ultra processors<br>Cell processors<br>Intel Core i7 processors<br><li> Xen support, including issues specific to the IA64 platform, systems</li> using AMD processors, and Dell Optiplex GX280 systems<br><li> ext3, ext4, GFS2, NFS, and SPUFS</li> <li> Infiniband (including eHCA, eHEA, and IPoIB) support</li> <li> common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support</li> <li> the kernel distributed lock manager (DLM)</li> <li> hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues</li> specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial<br>connections, tape-drives, and USB<br><li> ACPI, some of a general nature and some related to specific hardware</li> including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and<br>certain machines based on Intel Centrino processor technology.<br><li> CIFS, including Kerberos support and a tech-preview of DFS support</li> <li> networking support, including IPv6, PPPoE, and IPSec</li> <li> support for Intel chipsets, including:</li> Intel Cantiga chipsets<br>Intel Eagle Lake chipsets<br>Intel i915 chipsets<br>Intel i965 chipsets<br>Intel Ibex Peak chipsets<br>Intel chipsets offering QuickPath Interconnects (QPI)<br><li> device mapping issues, including some in device mapper itself</li> <li> various issues specific to IA64 and PPC</li> <li> CCISS, including support for Compaq SMART Array controllers P711m and</li> P712m and other new hardware<br><li> various issues affecting specific HP systems, including:</li> DL785G5<br>XW4800<br>XW8600<br>XW8600<br>XW9400<br><li> IOMMU support, including specific</li> issues with AMD and IBM Calgary hardware<br><li> the audit subsystem</li> <li> DASD support</li> <li> iSCSI support, including issues specific to Chelsio T3 adapters</li> <li> LVM issues</li> <li> SCTP management information base (MIB) support</li> <li> issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace</li> <li> IBM Power platforms using Enhanced I/O Error Handling (EEH)</li> <li> EDAC issues for AMD K8 and Intel i5000</li> <li> ALSA, including support for new hardware</li> <li> futex support</li> <li> hugepage support</li> <li> Intelligent Platform Management Interface (IPMI) support</li> <li> issues affecting NEC/Stratus servers</li> <li> OFED support</li> <li> SELinux </li> <li> various Virtio issues</li> All users are advised to upgrade to these updated packages, which resolve<br>these issues and add these enhancements.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2009:0225
• agent/software-canonical-lookup
• package-manager/redhat