RHSA-2010:0670: Important: kernel security and bug fix update
First published: Thu Sep 02 2010(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> When an application has a stack overflow, the stack could silently</li> overwrite another memory mapped area instead of a segmentation fault<br>occurring, which could cause an application to execute arbitrary code,<br>possibly leading to privilege escalation. It is known that the X Window<br>System server can be used to trigger this flaw. (CVE-2010-2240, Important)<br><li> A miscalculation of the size of the free space of the initial directory</li> entry in a directory leaf block was found in the Linux kernel Global File<br>System 2 (GFS2) implementation. A local, unprivileged user with write<br>access to a GFS2-mounted file system could perform a rename operation on<br>that file system to trigger a NULL pointer dereference, possibly resulting<br>in a denial of service or privilege escalation. (CVE-2010-2798, Important)<br>Red Hat would like to thank the X.Org security team for reporting<br>CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as the original<br>reporter; and Grant Diffey of CenITex for reporting CVE-2010-2798.<br>This update also fixes the following bugs:<br><li> Problems receiving network traffic correctly via a non-standard layer 3</li> protocol when using the ixgbe driver. This update corrects this issue.<br>(BZ#618275)<br><li> A bug was found in the way the megaraid_sas driver (for SAS based RAID</li> controllers) handled physical disks and management IOCTLs. All physical<br>disks were exported to the disk layer, allowing an oops in<br>megasas_complete_cmd_dpc() when completing the IOCTL command if a timeout<br>occurred. One possible trigger for this bug was running "mkfs". This update<br>resolves this issue by updating the megaraid_sas driver to version 4.31.<br>(BZ#619363)<br><li> Previously, Message Signaled Interrupts (MSI) resulted in PCI bus writes</li> to mask and unmask the MSI IRQ for a PCI device. These unnecessary PCI bus<br>writes resulted in the serialization of MSIs, leading to poor performance<br>on systems with high MSI load. This update adds a new kernel boot<br>parameter, msi_nolock, which forgoes the PCI bus writes and allows for<br>better simultaneous processing of MSIs. (BZ#621939)<br>Users should upgrade to these updated packages, which contain backported<br>patches to correct these issues. The system must be rebooted for this<br>update to take effect.<br>
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=606611
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=618275
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=619363
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=620300
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=621939
- http://www.redhat.com/security/updates/classification/#important
- https://access.redhat.com/errata/RHSA-2010:0670 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- anchor-id/RHSA-2010:0670