Issued:: 2006-01-17
Updated:: 2006-01-17

RHSA-2006:0101 - Security Advisory

Overview
Updated Packages

Synopsis

kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix several security issues in the Red Hat
Enterprise Linux 4 kernel are now available.

This security advisory has been rated as having important security impact
by the Red Hat Security Response Team.

Description

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues
described below:

a flaw in network IGMP processing that a allowed a remote user on the

local network to cause a denial of service (disabling of multicast reports)
if the system is running multicast applications (CVE-2002-2185, moderate)

a flaw which allowed a local user to write to firmware on read-only

opened /dev/cdrom devices (CVE-2004-1190, moderate)

a flaw in gzip/zlib handling internal to the kernel that may allow a

local user to cause a denial of service (crash) (CVE-2005-2458, low)

a flaw in procfs handling during unloading of modules that allowed a

local user to cause a denial of service or potentially gain privileges
(CVE-2005-2709, moderate)

a flaw in the SCSI procfs interface that allowed a local user to cause a

denial of service (crash) (CVE-2005-2800, moderate)

a flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed

a local user to cause a denial of service (crash) (CVE-2005-3044, important)

a race condition when threads share memory mapping that allowed local

users to cause a denial of service (deadlock) (CVE-2005-3106, important)

a flaw when trying to mount a non-hfsplus filesystem using hfsplus that

allowed local users to cause a denial of service (crash) (CVE-2005-3109,
moderate)

a minor info leak with the get_thread_area() syscall that allowed

a local user to view uninitialized kernel stack data (CVE-2005-3276, low)

a flaw in mq_open system call that allowed a local user to cause a denial

of service (crash) (CVE-2005-3356, important)

a flaw in set_mempolicy that allowed a local user on some 64-bit

architectures to cause a denial of service (crash) (CVE-2005-3358, important)

a flaw in the auto-reap of child processes that allowed a local user to

cause a denial of service (crash) (CVE-2005-3784, important)

a flaw in the IPv6 flowlabel code that allowed a local user to cause a

denial of service (crash) (CVE-2005-3806, important)

a flaw in network ICMP processing that allowed a local user to cause

a denial of service (memory exhaustion) (CVE-2005-3848, important)

a flaw in file lease time-out handling that allowed a local user to cause

a denial of service (log file overflow) (CVE-2005-3857, moderate)

a flaw in network IPv6 xfrm handling that allowed a local user to

cause a denial of service (memory exhaustion) (CVE-2005-3858, important)

a flaw in procfs handling that allowed a local user to read kernel memory

(CVE-2005-4605, important)

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 158861 - CVE-2004-1190 Continued raw access issues
BZ - 165679 - CVE-2005-2458 gzip/zlib flaws
BZ - 167696 - CVE-2005-2800 SCSI proc DoS
BZ - 168659 - CVE-2005-3044 lost fput and sockfd_put could lead to DoS
BZ - 168777 - CVE-2005-3276 sys_get_thread_area minor info leak
BZ - 168924 - CVE-2005-2709 More sysctl flaws
BZ - 169130 - CVE-2005-3356 double decrement of mqueue_mnt->mnt_count in sys_mq_open
BZ - 170262 - CVE-2005-3106 exec_mmap race DoS
BZ - 171002 - CVE-2005-3109 HFS oops
BZ - 174078 - [RHEL4] CVE-2005-3784 auto-reap DoS
BZ - 174081 - CVE-2005-3806 ipv6 DOS
BZ - 174337 - [RHEL4] CVE-2005-3857 lease printk DoS
BZ - 174343 - CVE-2005-3858 ip6_input_finish DoS
BZ - 174345 - CVE-2005-3848 dst_entry leak DoS
BZ - 174807 - CVE-2002-2185 IGMP DoS
BZ - 175683 - CVE-2005-3358 panic caused by bad args to set_mempolicy
BZ - 176812 - CVE-2005-4605 Kernel memory disclosure

CVEs

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
kernel-2.6.9-22.0.2.EL.src.rpm	SHA-256: 231bbaf82f6ca5c00bd14abb24b203ca2698f93470dc7516320a68ee10212923
x86_64
kernel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: d82fd55affaf87b51a046b328092a372fc152ec65d32e390e2e9f2768fd0412b
kernel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: d82fd55affaf87b51a046b328092a372fc152ec65d32e390e2e9f2768fd0412b
kernel-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 332e4f70561eadafc0a2473a5e0220435abc2d010ab1bdca6604ca33a65f74f4
kernel-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 332e4f70561eadafc0a2473a5e0220435abc2d010ab1bdca6604ca33a65f74f4
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-smp-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 7a329161c069910cb63ffa8e659c37b1ea1e09723ff6356fad2d8dc6f996f47c
kernel-smp-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 7a329161c069910cb63ffa8e659c37b1ea1e09723ff6356fad2d8dc6f996f47c
kernel-smp-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: f84e8eba1c02bf8975379358edbaf36bf7a3a793ee0555cceff04dc9f826bb27
kernel-smp-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: f84e8eba1c02bf8975379358edbaf36bf7a3a793ee0555cceff04dc9f826bb27
ia64
kernel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: cb31bbc5ef1567f25f0213d3e8098be5e16f54037dee9e6c70441c63f5bc19c3
kernel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: cb31bbc5ef1567f25f0213d3e8098be5e16f54037dee9e6c70441c63f5bc19c3
kernel-devel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: 3e7576c7852582474fb9909e6f7613d174851ca0cd4e841b47124e26fbcec8f8
kernel-devel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: 3e7576c7852582474fb9909e6f7613d174851ca0cd4e841b47124e26fbcec8f8
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
i386
kernel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a7db78b69cbb7ba0b8aacf63827d5ad5b463bca212d29735b1b80a45db72e80c
kernel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a7db78b69cbb7ba0b8aacf63827d5ad5b463bca212d29735b1b80a45db72e80c
kernel-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cf3931cfb3bbb5cf9d92a5576686757d04e256a34ba6fe0408f89f156ceedaf
kernel-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cf3931cfb3bbb5cf9d92a5576686757d04e256a34ba6fe0408f89f156ceedaf
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-hugemem-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a9bd2bd458ed2c9f8ba3caad8811070a422c92597887753e82772ed33f5c70f3
kernel-hugemem-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a9bd2bd458ed2c9f8ba3caad8811070a422c92597887753e82772ed33f5c70f3
kernel-hugemem-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 99f6c86c6d1c959af7b550128da5cdcc510478c54f7c2a5862223e5db2c23e53
kernel-hugemem-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 99f6c86c6d1c959af7b550128da5cdcc510478c54f7c2a5862223e5db2c23e53
kernel-smp-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 0b340dcccc255d5d3c4e43032450e6753acb26cf545710bac6219217a0843d3e
kernel-smp-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 0b340dcccc255d5d3c4e43032450e6753acb26cf545710bac6219217a0843d3e
kernel-smp-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cc849ebc9c2988ed441ef42ca096b87f60eda5d4d70122cb2bb90af50932b58
kernel-smp-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cc849ebc9c2988ed441ef42ca096b87f60eda5d4d70122cb2bb90af50932b58

Red Hat Enterprise Linux Workstation 4

SRPM
kernel-2.6.9-22.0.2.EL.src.rpm	SHA-256: 231bbaf82f6ca5c00bd14abb24b203ca2698f93470dc7516320a68ee10212923
x86_64
kernel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: d82fd55affaf87b51a046b328092a372fc152ec65d32e390e2e9f2768fd0412b
kernel-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 332e4f70561eadafc0a2473a5e0220435abc2d010ab1bdca6604ca33a65f74f4
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-smp-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 7a329161c069910cb63ffa8e659c37b1ea1e09723ff6356fad2d8dc6f996f47c
kernel-smp-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: f84e8eba1c02bf8975379358edbaf36bf7a3a793ee0555cceff04dc9f826bb27
ia64
kernel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: cb31bbc5ef1567f25f0213d3e8098be5e16f54037dee9e6c70441c63f5bc19c3
kernel-devel-2.6.9-22.0.2.EL.ia64.rpm	SHA-256: 3e7576c7852582474fb9909e6f7613d174851ca0cd4e841b47124e26fbcec8f8
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
i386
kernel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a7db78b69cbb7ba0b8aacf63827d5ad5b463bca212d29735b1b80a45db72e80c
kernel-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cf3931cfb3bbb5cf9d92a5576686757d04e256a34ba6fe0408f89f156ceedaf
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-hugemem-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a9bd2bd458ed2c9f8ba3caad8811070a422c92597887753e82772ed33f5c70f3
kernel-hugemem-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 99f6c86c6d1c959af7b550128da5cdcc510478c54f7c2a5862223e5db2c23e53
kernel-smp-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 0b340dcccc255d5d3c4e43032450e6753acb26cf545710bac6219217a0843d3e
kernel-smp-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cc849ebc9c2988ed441ef42ca096b87f60eda5d4d70122cb2bb90af50932b58

Red Hat Enterprise Linux Desktop 4

SRPM
kernel-2.6.9-22.0.2.EL.src.rpm	SHA-256: 231bbaf82f6ca5c00bd14abb24b203ca2698f93470dc7516320a68ee10212923
x86_64
kernel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: d82fd55affaf87b51a046b328092a372fc152ec65d32e390e2e9f2768fd0412b
kernel-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 332e4f70561eadafc0a2473a5e0220435abc2d010ab1bdca6604ca33a65f74f4
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-smp-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: 7a329161c069910cb63ffa8e659c37b1ea1e09723ff6356fad2d8dc6f996f47c
kernel-smp-devel-2.6.9-22.0.2.EL.x86_64.rpm	SHA-256: f84e8eba1c02bf8975379358edbaf36bf7a3a793ee0555cceff04dc9f826bb27
i386
kernel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a7db78b69cbb7ba0b8aacf63827d5ad5b463bca212d29735b1b80a45db72e80c
kernel-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cf3931cfb3bbb5cf9d92a5576686757d04e256a34ba6fe0408f89f156ceedaf
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
kernel-hugemem-2.6.9-22.0.2.EL.i686.rpm	SHA-256: a9bd2bd458ed2c9f8ba3caad8811070a422c92597887753e82772ed33f5c70f3
kernel-hugemem-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 99f6c86c6d1c959af7b550128da5cdcc510478c54f7c2a5862223e5db2c23e53
kernel-smp-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 0b340dcccc255d5d3c4e43032450e6753acb26cf545710bac6219217a0843d3e
kernel-smp-devel-2.6.9-22.0.2.EL.i686.rpm	SHA-256: 2cc849ebc9c2988ed441ef42ca096b87f60eda5d4d70122cb2bb90af50932b58

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kernel-2.6.9-22.0.2.EL.src.rpm	SHA-256: 231bbaf82f6ca5c00bd14abb24b203ca2698f93470dc7516320a68ee10212923
s390x
kernel-2.6.9-22.0.2.EL.s390x.rpm	SHA-256: 5bc587e301d8175f234ea8efaba4cdc7c29150c318055268455d0a6e92c78783
kernel-devel-2.6.9-22.0.2.EL.s390x.rpm	SHA-256: a19c4d880b4a662dd15edfec15768e9e33adf2642c9013a928aa0966d8354bb0
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde
s390
kernel-2.6.9-22.0.2.EL.s390.rpm	SHA-256: 7863cb11d4381a78aec486f057d94920586f3064a644bd6845029cf6251f8899
kernel-devel-2.6.9-22.0.2.EL.s390.rpm	SHA-256: 84b1bf64652ccb58055a638da4608bcbf6896707df3ccb5ef0a738d22aa30adb
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kernel-2.6.9-22.0.2.EL.src.rpm	SHA-256: 231bbaf82f6ca5c00bd14abb24b203ca2698f93470dc7516320a68ee10212923
ppc
kernel-2.6.9-22.0.2.EL.ppc64.rpm	SHA-256: 5a033a325afdaa3383bca7f4df83651fa0eaac859f2159851a0f1de619df15c5
kernel-2.6.9-22.0.2.EL.ppc64iseries.rpm	SHA-256: 9241a31f1f5625ef9d36cdb3a8f1ef07f1298ab5a04d5eebead8038cc9429036
kernel-devel-2.6.9-22.0.2.EL.ppc64.rpm	SHA-256: 587ed74dfbcbb3e5203c1bc5cea56f6685e1e50b60a85da9de35befa4403ebba
kernel-devel-2.6.9-22.0.2.EL.ppc64iseries.rpm	SHA-256: d036993d76a7fac52a16ac2b56a577e17363c5eefdbe4027df9bf2f33035288d
kernel-doc-2.6.9-22.0.2.EL.noarch.rpm	SHA-256: 4685ce91c54d849a4ada3d1ad4534252a418084e029444b0949a8569dc90acde

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation