- Issued:
- 2004-05-11
- Updated:
- 2004-05-11
RHSA-2004:188 - Security Advisory
Synopsis
Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2
Type/Severity
Security Advisory: Important
Topic
Updated kernel packages are now available as part of ongoing
support and maintenance of Red Hat Enterprise Linux version
3. This is the second regular update.
Description
The Linux kernel handles the basic functions of the
operating system.
This is the second regular kernel update to Red Hat
Enterprise Linux version 3. It contains several minor
security fixes, many bug fixes, device driver updates,
new hardware support, and the introduction of Linux
Syscall Auditing support.
There were bug fixes in many different parts of the kernel,
the bulk of which addressed unusual situations such as error
handling, race conditions, and resource starvation. The
combined effect of the approximately 140 fixes is a strong
improvement in the reliability and durability of Red Hat
Enterprise Linux. Some of the key areas affected are disk
drivers, network drivers, USB support, x86_64 and ppc64
platform support, ia64 32-bit emulation layer enablers,
and the VM, NFS, IPv6, and SCSI subsystems.
A significant change in the SCSI subsystem (the disabling
of the scsi-affine-queue patch) should significantly improve
SCSI disk driver performance in many scenarios. There were
10 Bugzillas against SCSI performance problems addressed
by this change.
The following drivers have been upgraded to new versions:
bonding ---- 2.4.1
cciss ------ 2.4.50.RH1
e1000 ------ 5.2.30.1-k1
fusion ----- 2.05.11.03
ipr -------- 1.0.3
ips -------- 6.11.07
megaraid2 -- 2.10.1.1
qla2x00 ---- 6.07.02-RH1
tg3 -------- 3.1
z90crypt --- 1.1.4
This update introduces support for the new Intel EM64T
processor. A new "ia32e" architecture has been created to
support booting on platforms based on either the original
AMD Opteron CPU or the new Intel EM64T CPU. The existing
"x86_64" architecture has remained optimized for Opteron
systems. Kernels for both types of systems are built from
the same x86_64-architecture sources and share a common
kernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).
Other highlights in this update include a major upgrade to
the SATA infrastructure, addition of IBM JS20 Power Blade
support, and creation of an optional IBM eServer zSeries
On-Demand Timer facility for reducing idle CPU overhead.
The following security issues were addressed in this update:
A minor flaw was found where /proc/tty/driver/serial reveals
the exact character counts for serial links. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0461 to this issue.
The kernel strncpy() function in Linux 2.4 and 2.5 does not
pad the target buffer with null bytes on architectures other
than x86, as opposed to the expected libc behavior, which
could lead to information leaks. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0465 to this issue.
A minor data leak was found in two real time clock drivers
(for /dev/rtc). The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name
CAN-2003-0984 to this issue.
A flaw in the R128 Direct Render Infrastructure (dri) driver
could allow local privilege escalation. This driver is part
of the kernel-unsupported package. The Common Vulnera-
bilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0003 to this issue.
A flaw in ncp_lookup() in ncpfs could allow local privilege
escalation. The ncpfs module allows a system to mount
volumes of NetWare servers or print to NetWare printers and
is in the kernel-unsupported package. The Common Vulnera-
bilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0010 to this issue.
(Note that the kernel-unsupported package contains drivers
and other modules that are unsupported and therefore might
contain security problems that have not been addressed.)
All Red Hat Enterprise Linux 3 users are advised to upgrade
their kernels to the packages associated with their machine
architectures and configurations as listed in this erratum.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 102194 - Disk READ performance worse compared with 2.4.20-18.9smp
- BZ - 103706 - Some numerical values in /proc/partitions file becomes an unusual value.
- BZ - 104084 - ctc interface unexpectedly dies
- BZ - 104444 - RHEL3 U2: Syscall Auditing Support
- BZ - 104633 - The synchronous write() system call of RHEL3.0 is slower than that of RHEL2.1.
- BZ - 104634 - The synchronous write() system call of RHEL3.0 is slower than that of RHEL2.1.
- BZ - 104636 - The synchronous write() system call of RHEL3.0 is slower than that of RHEL2.1.
- BZ - 106111 - RHEL 3 U2: Only one CPU is initialized in a Hypthreading enabled Intel ICH5 platform.
- BZ - 106219 - raid level 1 disk failures
- BZ - 106334 - RHEL 3 - U2 -Qlogic FAStT Fibre driver 6.05 or later
- BZ - 106396 - Hardware crypto support
- BZ - 106402 - LTC4736 - PTS: Kernel Panic during mutex contention test.
- BZ - 106503 - ia64 kernel stops allocating memory too early when overcommit_memory set to strict
- BZ - 106584 - 'cp -p' returns error when destination is an nfs directory
- BZ - 106870 - RHEL 3 AS/IPF/QU1: Qlogic qla2300 6.06.50
- BZ - 106890 - RHEL 3 U2: preserve_argv0 patch missing - IPF x86 compat.
- BZ - 106894 - RHEL 3, U2: IA32 feat: new microcode update format sup. (Prescott/Nocona)
- BZ - 106969 - Random stall during boot-up
- BZ - 107330 - NC6770 adapter fails to regain connection after lost link
- BZ - 107331 - (tg3) Jumbo Frames w/bonding fails on NC7771 and Red Hat EL 3 RC1 respin
- BZ - 107744 - RHEL3 Update1: ia32 on ia64 syscall table
- BZ - 107864 - Data corruption in iozone benchmark
- BZ - 107915 - binfmt_misc.o is a part of kernel-unsupported - x86 compat on IPF
- BZ - 108958 - MINSIGSTKSZ mismatch between ia32 and ia64
- BZ - 109242 - LTC5267 - Network degradation as runs progress in specweb99
- BZ - 109618 - 3ware raid extremely low throughput
- BZ - 109660 - op_time no samples files found
- BZ - 109843 - Typo in module parameter of scsi_mod module
- BZ - 109914 - PATCH: LTC5351-Large external array causes SIGILL in 32-bit
- BZ - 110170 - [PATCH] LTC5381- rhel 3 will need to pick up the cyclone-lpj-fix patch
- BZ - 110633 - iptables ipt_limit module fails on ppc (iserie) RS64-IV RHEL3
- BZ - 110716 - RHEL 3 - U2 - JS30 Blade - kernel enablement
- BZ - 110849 - zcrypt update to 06-11 and up
- BZ - 110872 - System Hangs after 5-10 minutes with USB attached
- BZ - 110999 - clock is running to fast on IBM x445
- BZ - 111250 - tg3 driver fails to autonegotiate correctly
- BZ - 111264 - ada compiler crashes on even hello-world
- BZ - 111287 - [PATCH] alternate signal stack bug corrupts RNaT bits
- BZ - 111403 - [PATCH] LTC3766 - pthreads/NPTL problems with large memory processes
- BZ - 111446 - hang in RHEL 3 pthreads library
- BZ - 111629 - ACL over NFS problem
- BZ - 111673 - RHEL 3 U2 - ServeRAID update for IA64 fixes
- BZ - 111681 - Invalid ICMP type 11 messages echo'd to console
- BZ - 111768 - /proc/pid/statm can return negative values
- BZ - 111774 - [PATCH] HP cciss driver bug fix
- BZ - 111853 - [PATCH] cciss hba pointer may be null when trying to release I/O memory
- BZ - 111854 - [PATCH] need to enable prefetch on HP 64xx controllers
- BZ - 111855 - [PATCH] problems hot plugging older cciss controllers
- BZ - 111856 - [PATCH] cciss driver may panic system when sharing IRQ's
- BZ - 111858 - [PATCH] cciss may display #blocks as a negative value
- BZ - 111903 - [PATCH] oops in IUCV code
- BZ - 111911 - avoid hang during initialization on I/O errors
- BZ - 111968 - Allow async read/write to propagate down to transports that support async
- BZ - 112006 - [PATCH] BUG() from __remove_inode_page
- BZ - 112025 - SMP kernels parsing of AICP tables limited - breaks hyperthreading
- BZ - 112039 - RHEL 3 U2: Qlogic qla2300 driver version 6.07.++
- BZ - 112040 - RHEL 3 U2: Update cciss driver to 2.4.50
- BZ - 112057 - RHEL3 U2: update megaraid2 to version 2.10.x
- BZ - 112103 - RHEL3 U2: IA32 core dump support on IPF
- BZ - 112111 - RHEL 3 U2: ICH6 PATA support
- BZ - 112139 - RHEL 3 U2: update cciss driver (new funct/bug fixes) to 2.4.50
- BZ - 112163 - RHEL 3 U2 - Update e1000
- BZ - 112190 - Duplicate get_partition_list bug to track Bugzilla 111342 in Taroon -
- BZ - 112288 - [PATCH] ICMPv6 error message contains incorrect original packet's data.
- BZ - 112359 - RHEL 3.0 using v6.06.00b11 driver attached to McData switch doesn't log in or scan devices successfully.
- BZ - 112363 - NC7722 when using the TG3 driver has no active link Th established
- BZ - 112449 - (TG3) driver doesn't work properly with bcm5700 nic
- BZ - 112584 - reservation error code, corrupts request queue
- BZ - 112607 - aironet driver fixes
- BZ - 112646 - defunct processes whose parent process is 'init' are created.
- BZ - 112724 - kernel hang when unmap a hugetlb vma
- BZ - 112764 - RHEL3 kernel not preventing or recovering from fork bomb when ulimit used
- BZ - 112826 - LTC5732 - MMIO alignment error when inserting the olympic TR module.
- BZ - 113034 - RHEL 3 U2: Merge IBM IPR driver into main kernel RPM
- BZ - 113051 - [PATCH] LTC5757 - RHEL3 update 2 RAS patches - rtas syscall and os-term
- BZ - 113052 - [PATCH] LTC5758 - /proc/ppc64/lparcfg file missing in RHEL 3
- BZ - 113071 - [PATCH] RHEL3 ia64: 32 bit applications don't dump core properly
- BZ - 113072 - [PATCH] RHEL3/ia64: strace -f on multithreaded 32 bit applications doesn't work
- BZ - 113099 - CAN-2003-0461 /proc reveals char count
- BZ - 113100 - CAN-2003-0465 kernel strncpy padding
- BZ - 113103 - CAN-2003-0984 minor /dev/rtc leak
- BZ - 113105 - Al-Viro kmod local DoS
- BZ - 113171 - lousy read performance on megaraid with 2.4.21-4.0.2.EL
- BZ - 113213 - kernel crashes when unmap_kvec() is called in interrupt context
- BZ - 113328 - RHEL 3 - U2 ACPI support for multiple IDE devices (x455)
- BZ - 113341 - netdump - various race conditions that lead to hangs in panic()/die()
- BZ - 113413 - too many ipv6 aliases cause kernel oops
- BZ - 113561 - Patch for BLIST_SPARSELUN in scsi_scan.c
- BZ - 113604 - CAN-2004-0003 r128 DRI
- BZ - 113737 - [PATCH] sym53c8xx.c - odd byte tape fix
- BZ - 113738 - [PATCH] updated megaraid2 driver (2.10.1)
- BZ - 113739 - [PATCH] updated mptfusion driver (2.05.11)
- BZ - 113809 - depmod is not run for kernel-2.4.21-9.EL from Quaterly Update #1
- BZ - 113890 - [PATCH] Excutable compiled on x86 can cause kernel seg fault on x86_64
- BZ - 114052 - Raw device performance poor under WS 3 Dreamworks IT#29689
- BZ - 114135 - LSI Megaraid(2) performance subpar in RHEL3, using RHEL3 kernel
- BZ - 114137 - RHEL3 U2: patch for sym53c8xx.c to address odd byte tape fix
- BZ - 114356 - USB keyboard/mouse don\'t work on upcoming Dell servers
- BZ - 114529 - RHEL3: [PATCH] Inclusion of Handspring Treo patch into next kernel release
- BZ - 114553 - Bad performance with Q1 update kernel (-9EL)
- BZ - 114560 - zfcp updates for RHEL3 U2
- BZ - 114588 - [PATCH] don't serialize NFS direct writes
- BZ - 114773 - Panic in elf_core_copy_regs() core dumping ia32 binary
- BZ - 114869 - date returns future year of 586562
- BZ - 114873 - RHEL3 U2: softirq interrupt deferral patch
- BZ - 114874 - RHEL 2.1 U4 and RHEL 3 U2 - e1000 fix for SOL
- BZ - 114940 - RHEL 3.0 default QLogic driver v6.06.00b11 spews sg_low_free and QUEUE FULL messages at load time.
- BZ - 114942 - Running I/O on RHEL 3.0 and using the v6.06.00b11 driver, the driver ran out of memory and began arbitrarily killing processes.
- BZ - 115072 - Lack of file close processing for O_DIRECT unsupported filesystem in dentry_open()
- BZ - 115231 - RHEL 3_U2 Adds new processor support
- BZ - 115273 - bad disk I/O performance with the 2.4.21-4.ELsmp kernel
- BZ - 115334 - Suspected VM problem causes gradual Tux performance degradation
- BZ - 115390 - Kernel panic and/or EXT3-fs corruption running sysreport on rx7620
- BZ - 115438 - strange load - kswapd/IO ?
- BZ - 115439 - LTC5321-Cannot enable quota on RHEL 3 for ppc64
- BZ - 115823 - CAN-2004-0010 ncpfs hole (unsupported)
- BZ - 116261 - RHEL3 kernel specfile for s390* should require minimum version of s390utils
- BZ - 116916 - tg3 driver doesn't support bonding driver's ALB mode
- BZ - 117454 - /proc/cpuinfo has bad info on ia32e
- BZ - 117741 - P4 2.8ghz HT, Using RHEL WS 3.0 Update 1, latest SMP Kernel, see only 1 CPU
- BZ - 117914 - RHEL3 U3: Handspring Treo ID
- BZ - 117941 - frequent kernel panics
- BZ - 118109 - System hangs while running stress tests with hugetlbfs on hugemem kernel
- BZ - 118397 - system needlessly thrashing swap partition
- BZ - 118494 - updates to scsi_scan.c (RHEL3 U2 alpha)
- BZ - 118556 - MTRRs not initialized correctly
- BZ - 118647 - kswapd in state R and D load constant at 1+
- BZ - 118882 - Machine doesn't boot SMP Kernel after installation
- BZ - 118885 - [PATCH] kernel panics when removing expired IPsec SAs
- BZ - 118974 - stack overflows during ACPI initialization
- BZ - 118980 - option \'acpi=off\' not working correctly
- BZ - 119009 - Kernel panic occurs when trying to install RHEL 3 U2 B2 for AMD64
- BZ - 119174 - /proc/cpuinfo vendor_id is wrong. shows $
- BZ - 119234 - RHEL3 U2 beta1 hard locks on Celcius 810v
- BZ - 119545 - kernel module binfmt_misc missing
- BZ - 119638 - Can't set speed/duplex on tg3 fiber interfaces
- BZ - 119903 - nfs peformance very bad on EL3
- BZ - 120232 - [x86_64] Crash on install disc boot without newly-required noapictimers
- BZ - 120341 - Runaway processes with USB console on Blade Center
- BZ - 121856 - LTC7932-Kernel Panic with TCE allocation failure w/ Qlogic queue depth issue
- BZ - 122077 - servers freeze (only respond to ping and sysrq) periodically
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.