RHSA-2009:1670: Important: kernel security and bug fix update

First published: Tue Dec 15 2009(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>Security fixes:<br><li> NULL pointer dereference flaws in the r128 driver. Checks to test if the</li> Concurrent Command Engine state was initialized were missing in private<br>IOCTL functions. An attacker could use these flaws to cause a local denial<br>of service or escalate their privileges. (CVE-2009-3620, Important)<br><li> a NULL pointer dereference flaw in the NFSv4 implementation. Several</li> NFSv4 file locking functions failed to check whether a file had been opened<br>on the server before performing locking operations on it. A local user on a<br>system with an NFSv4 share mounted could possibly use this flaw to cause a<br>denial of service or escalate their privileges. (CVE-2009-3726, Important)<br><li> a flaw in tcf_fill_node(). A certain data structure in this function was</li> not initialized properly before being copied to user-space. This could lead<br>to an information leak. (CVE-2009-3612, Moderate)<br><li> unix_stream_connect() did not check if a UNIX domain socket was in the</li> shutdown state. This could lead to a deadlock. A local, unprivileged user<br>could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate)<br>Knowledgebase DOC-20536 has steps to mitigate NULL pointer dereference<br>flaws.<br>Bug fixes:<br><li> frequently changing a CPU between online and offline caused a kernel</li> panic on some systems. (BZ#545583)<br><li> for the LSI Logic LSI53C1030 Ultra320 SCSI controller, read commands sent</li> could receive incorrect data, preventing correct data transfer. (BZ#529308)<br><li> pciehp could not detect PCI Express hot plug slots on some systems.</li> (BZ#530383)<br><li> soft lockups: inotify race and contention on dcache_lock. (BZ#533822,</li> BZ#537019)<br><li> priority ordered lists are now used for threads waiting for a given</li> mutex. (BZ#533858)<br><li> a deadlock in DLM could cause GFS2 file systems to lock up. (BZ#533859)</li> <li> use-after-free bug in the audit subsystem crashed certain systems when</li> running usermod. (BZ#533861)<br><li> on certain hardware configurations, a kernel panic when the Broadcom</li> iSCSI offload driver (bnx2i.ko and cnic.ko) was loaded. (BZ#537014)<br><li> qla2xxx: Enabled MSI-X, and correctly handle the module parameter to</li> control it. This improves performance for certain systems. (BZ#537020)<br><li> system crash when reading the cpuaffinity file on a system. (BZ#537346)</li> <li> suspend-resume problems on systems with lots of logical CPUs, e.g. BX-EX.</li> (BZ#539674)<br><li> off-by-one error in the legacy PCI bus check. (BZ#539675)</li> <li> TSC was not made available on systems with multi-clustered APICs. This</li> could cause slow performance for time-sensitive applications. (BZ#539676)<br><li> ACPI: ARB_DISABLE now disabled on platforms that do not need it.</li> (BZ#539677)<br><li> fix node to core and power-aware scheduling issues, and a kernel panic</li> during boot on certain AMD Opteron processors. (BZ#539678, BZ#540469,<br>BZ#539680, BZ#539682)<br><li> APIC timer interrupt issues on some AMD Opteron systems prevented</li> achieving full power savings. (BZ#539681)<br><li> general OProfile support for some newer Intel processors. (BZ#539683)</li> <li> system crash during boot when NUMA is enabled on systems using MC and</li> kernel-xen. (BZ#539684)<br><li> on some larger systems, performance issues due to a spinlock. (BZ#539685)</li> <li> APIC errors when IOMMU is enabled on some AMD Opteron systems.</li> (BZ#539687)<br><li> on some AMD Opteron systems, repeatedly taking a CPU offline then online</li> caused a system hang. (BZ#539688)<br><li> I/O page fault errors on some systems. (BZ#539689)</li> <li> certain memory configurations could cause the kernel-xen kernel to fail</li> to boot on some AMD Opteron systems. (BZ#539690)<br><li> NMI watchdog is now disabled for offline CPUs. (BZ#539691)</li> <li> duplicate directories in /proc/acpi/processor/ on BX-EX systems.</li> (BZ#539692)<br><li> links did not come up when using bnx2x with certain Broadcom devices.</li> (BZ#540381)<br>Users should upgrade to these updated packages, which contain backported<br>patches to correct these issues. The system must be rebooted for this<br>update to take effect.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2009:1670
• agent/software-canonical-lookup
• package-manager/redhat