- Vulnerability/
- RHSA-2010:0041
RHSA-2010:0041: Important: kernel-rt security and bug fix update
First published: Thu Jan 21 2010(Updated: )
The kernel-rt packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> an array index error was found in the gdth driver in the Linux kernel. A</li> local user could send a specially-crafted IOCTL request that would cause a<br>denial of service or, possibly, privilege escalation. (CVE-2009-3080,<br>Important)<br><li> a flaw was found in the FUSE implementation in the Linux kernel. When a</li> system is low on memory, fuse_put_request() could dereference an invalid<br>pointer, possibly leading to a local denial of service or privilege<br>escalation. (CVE-2009-4021, Important)<br><li> a flaw was found in each of the following Intel PRO/1000 Linux drivers in</li> the Linux kernel: e1000 and e1000e. A remote attacker using packets larger<br>than the MTU could bypass the existing fragment check, resulting in<br>partial, invalid frames being passed to the network stack. These flaws<br>could also possibly be used to trigger a remote denial of service.<br>(CVE-2009-4536, CVE-2009-4538, Important)<br><li> a flaw was found in the Realtek r8169 Ethernet driver in the Linux</li> kernel. Receiving overly-long frames with a certain revision of the network<br>cards supported by this driver could possibly result in a remote denial of<br>service. (CVE-2009-4537, Important)<br>This update also fixes the following bugs:<br><li> the "function tracer" from ftrace could eventually present problems when</li> a module was unloaded during a tracing session. Some of the related call<br>site entries for that module were not removed from ftrace's internal lists<br>and could lead to confusing "oops" error messages. The call site entries<br>are now removed correctly, and the errors no longer occur. (BZ#537472)<br><li> when using the kernel in tickless (or NOHZ) mode, time was not</li> accumulated one tick at a time. This created latencies when the accumulated<br>interval grew large. Time is now accumulated logarithmically and latencies<br>related to tickless mode no longer occur. (BZ#538370)<br><li> running the "cset set" command was resulting in unsafe access to a</li> structure that could be concurrently changed. This was eventually causing<br>the kernel to crash. The operations were repositioned so that they no<br>longer add locks, to minimize performance penalties. (BZ#541080)<br><li> the function used to calculate system load called different functions to</li> count the tasks in running and interpretable states. On systems with a<br>large number of CPUs, this could result in several TLB and cache misses.<br>These functions have now been combined, and the problem has been<br>significantly reduced. (BZ#552860)<br><li> when legacy PCI bus checks occurred, an off-by-one error would present.</li> Scanning 255 PCI buses is now allowed as 0xff is a valid bus, and the error<br>no longer occurs. (BZ#552874)<br><li> on systems with 8 or more CPUs, an unnecessary anon_vma lock acquisition</li> in vma_adjust() was causing a decrease in throughput. Code from the<br>upstream kernel was backported, and the throughput decrease no longer<br>exists. (BZ#552876)<br><li> the scheduler function double_lock_balance() favors logically lower CPUs.</li> This could cause logically higher CPUs to be starved if run queues were<br>under a lot of pressure, resulting in latencies. The algorithm has been<br>adjusted so that it is fairer, and logically higher CPUs no longer risk<br>being starved. (BZ#552877)<br>These updated packages also include other bug fixes. Users are directed to<br>the Red Hat Enterprise MRG 1.2 Release Notes for information on those<br>fixes, available shortly from:<br><a href="http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/" target="_blank">http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/</a> Users should upgrade to these updated packages, which contain backported<br>patches to correct these issues. The system must be rebooted for this<br>update to take effect.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=537472
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=538734
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=539414
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=541080
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=550907
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=551214
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=552126
- http://www.redhat.com/security/updates/classification/#important
- http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/
- https://access.redhat.com/errata/RHSA-2010:0041 (Advisory)
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2010:0041
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type