Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2008:0857 - Security Advisory
Issued:
2008-10-07
Updated:
2008-10-07

RHSA-2008:0857 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that fix several security issues and several bugs
are now available for Red Hat Enterprise MRG 1.0.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

A possible integer overflow was found in the Linux kernel Stream Control
Transmission Protocol (SCTP) implementation. This could allow an attacker
to cause a denial of service. (CVE-2008-3526, Important)

A deficiency was found in the Linux kernel Stream Control Transmission
Protocol (SCTP) Authentication Extension implementation. All the SCTP-AUTH
socket options could cause a kernel panic if the API was used when the
extension is disabled. (CVE-2008-3792, Important)

Missing boundary checks were reported in the Linux kernel SCTP
implementation. This could, potentially, cause information disclosure via a
specially crafted SCTP_HMAC_IDENT IOCTL request. (CVE-2008-4113,
CVE-2008-4445, Important)

Tobias Klein reported a missing check in the Linux kernel's Open Sound
System (OSS) implementation. This deficiency could lead to a possible
information leak. (CVE-2008-3272, Moderate)

A deficiency was found in the Linux kernel virtual filesystem (VFS)
implementation. This could allow a local unprivileged user to make a series
of file creations within deleted directories, possibly causing a denial of
service. (CVE-2008-3275, Moderate)

A flaw was found in the Linux kernel Network File System daemon (nfsd) when
NFSv4 was enabled. Remote attackers could use this to cause a denial of
service via a buffer overflow. (CVE-2008-3915, Moderate)

A possible integer overflow was discovered in the Linux kernel Datagram
Congestion Control Protocol (DCCP) implementation. This could allow a
remote attacker to cause a denial of service on a victim's machine.
(CVE-2008-3276, Low)

A deficiency was found in the Linux kernel tmpfs implementation. This could
allow a local unprivileged user to make a certain sequence of file
operations, possibly causing a denial of service. (CVE-2008-3534, Low)

An off-by-one error was found in the iov_iter_advance function. This could
allow a local unprivileged user to cause a denial of service as
demonstrated by a testcase from the Linux Test Project. (CVE-2008-3535,
Low)

These updated packages also fix the following bugs:

  • fixed a warning in the openib code.
  • increased MAX_STACK_TRACE_ENTRIES on the debug kernel variant.
  • enqueue deprioritized RT tasks to head of prio array.
  • use timer_pending() to test ipv6 FIB timers.
  • added a lower-bound check for the length field in PPPOE headers.
  • pppoe: unshare skb to avoid possible data loss.
  • using growisofs could cause oops due to the lack of proper sanity checks.
  • random seed improvement.
  • enabled the "Panic on Oops" feature.
  • fixed a portability issue in parse_pmtmr() due to variable type.
  • fixed sanity check in cifs/asn1.c.
  • fixed a bug introduced by a previous fix, related to the inode code.
  • added better sanity checks to dlm code.
  • dynamic ftrace enhancements. The daemon is no longer used.
  • fixed a format string bug in cpufreq.
  • avoid a potential kernel stack overflow in binfmt_misc.c
  • fixed the long boot-up time when CONFIG_PROVE_LOCKING is enabled.
  • use a better random seed for NAT port randomization.
  • a compat_semaphore was being handled as a regular semaphore due to

casting (qla2xxx driver).

All users of Red Hat Enterprise MRG should upgrade to these new packages,
which address these vulnerabilities and fix these bugs.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • MRG Realtime 1 x86_64
  • MRG Realtime 1 i386

Fixes

  • BZ - 447942 - openib broken in 2.6.24.7-55.el5rt
  • BZ - 448574 - [MRG] Hit BUG: MAX_STACK_TRACE_ENTRIES too low! when booting kernel-rt-debug-2.6.24.4-32ibmrt2.2
  • BZ - 454270 - SCHED_FIFO spec violation
  • BZ - 457012 - ipv6: use timer pending to fix bridge reference count problem [mrg-1]
  • BZ - 457014 - pppoe: Check packet length on all receive paths [mrg-1]
  • BZ - 457019 - pppoe: Unshare skb before anything else [mrg-1]
  • BZ - 457027 - ide-cd: fix oops when using growisofs [mrg-1]
  • BZ - 457507 - CVE-2008-3534 kernel: tmpfs: fix kernel BUG in shmem_delete_inode
  • BZ - 457703 - CVE-2008-3535 kernel: fix off-by-one error in iov_iter_advance()
  • BZ - 457858 - CVE-2008-3275 Linux kernel local filesystem DoS
  • BZ - 457995 - CVE-2008-3272 kernel snd_seq_oss_synth_make_info leak
  • BZ - 458016 - kernel: random32: seeding improvement [mrg-1]
  • BZ - 458104 - kernel should panic on oops
  • BZ - 458340 - parse_pmtmr() receives a (possible) ulong then stores that in a u32 [mrg-1]
  • BZ - 458350 - fs/cifs/asn1.c:403: warning: comparison is always false due to limited range of data type
  • BZ - 458487 - [Realtime][Kernel] kernel BUG at fs/inode.c:262!
  • BZ - 458755 - kernel: dlm: fix possible use-after-free [mrg-1]
  • BZ - 458756 - kernel: dlm: check for null in device_write [mrg-1]
  • BZ - 458758 - kernel: dlm: dlm/user.c input validation fixes [mrg-1]
  • BZ - 459141 - Add ftrace boot time nop replacement
  • BZ - 459226 - CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow
  • BZ - 459459 - kernel: cpufreq: fix format string bug [mrg-1]
  • BZ - 459462 - kernel: binfmt_misc.c: avoid potential kernel stack overflow [mrg-1]
  • BZ - 459478 - [FOCUS] Long boot time and strange Hardware Clock message
  • BZ - 459942 - kernel: nf_nat: use secure_ipv4_port_ephemeral() for NAT port randomization [mrg-1]
  • BZ - 459955 - CVE-2008-3792 kernel: sctp: fix potential panics in the SCTP-AUTH API
  • BZ - 460093 - CVE-2008-3526 Linux kernel sctp_setsockopt_auth_key() integer overflow
  • BZ - 460455 - [FOCUS][24] R2:SAN:Hang triggered by filesystem testing on SAN
  • BZ - 461101 - CVE-2008-3915 kernel: nfsd: fix buffer overrun decoding NFSv4 acl
  • BZ - 462599 - CVE-2008-4445 kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option
  • BZ - 464514 - CVE-2008-4113 kernel: sctp_getsockopt_hmac_ident information disclosure

CVEs

  • CVE-2008-4445
  • CVE-2008-4113
  • CVE-2008-3535
  • CVE-2008-3534
  • CVE-2008-3915
  • CVE-2008-3276
  • CVE-2008-3792
  • CVE-2008-3526
  • CVE-2008-3272
  • CVE-2008-3275

References

  • http://www.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Realtime 1

SRPM
x86_64
i386

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter