RHSA-2010:0178: Important: Red Hat Enterprise Linux 5.5 kernel security and bug fix update

First published: Tue Mar 30 2010(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> a race condition was found in the mac80211 implementation, a framework</li> used for writing drivers for wireless devices. An attacker could trigger<br>this flaw by sending a Delete Block ACK (DELBA) packet to a target system,<br>resulting in a remote denial of service. Note: This issue only affected<br>users on 802.11n networks, and that also use the iwlagn driver with Intel<br>wireless hardware. (CVE-2009-4027, Important)<br><li> a flaw was found in the gfs2_lock() implementation. The GFS2 locking code</li> could skip the lock operation for files that have the S_ISGID bit<br>(set-group-ID on execution) in their mode set. A local, unprivileged user<br>on a system that has a GFS2 file system mounted could use this flaw to<br>cause a kernel panic. (CVE-2010-0727, Moderate)<br><li> a divide-by-zero flaw was found in the ext4 file system code. A local</li> attacker could use this flaw to cause a denial of service by mounting a<br>specially-crafted ext4 file system. (CVE-2009-4307, Low)<br>These updated packages also include several hundred bug fixes for and<br>enhancements to the Linux kernel. Space precludes documenting each of these<br>changes in this advisory and users are directed to the Red Hat Enterprise<br>Linux 5.5 Release Notes for information on the most significant of these<br>changes:<br><a href="http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Release_Notes/" target="_blank">http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Release_Notes/</a> Also, for details concerning every bug fixed in and every enhancement added<br>to the kernel for this release, refer to the kernel chapter in the Red Hat<br>Enterprise Linux 5.5 Technical Notes:<br><a href="http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Technical_Notes/kernel.html" target="_blank">http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.5/html/Technical_Notes/kernel.html</a> All Red Hat Enterprise Linux 5 users are advised to install these updated<br>packages, which address these vulnerabilities as well as fixing the bugs<br>and adding the enhancements noted in the Red Hat Enterprise Linux 5.5<br>Release Notes and Technical Notes. The system must be rebooted for this<br>update to take effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/severity
• agent/type
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2010:0178
• agent/software-canonical-lookup
• agent/weakness
• agent/remedy
• agent/title
• agent/description
• agent/event
• agent/trending
• agent/tags
• agent/source
• package-manager/redhat