RHSA-2009:0225 - Security Advisory

Topic

Updated kernel packages that fix three security issues, address several
hundred bugs and add numerous enhancements are now available as part of the
ongoing support and maintenance of Red Hat Enterprise Linux version 5. This
is the third regular update.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The Linux kernel (the core of the Linux operating system)

These updated packages contain 730 bug fixes and enhancements for the Linux
kernel. Space precludes a detailed description of each of these changes in
this advisory and users are therefore directed to the release notes for Red
Hat Enterprise Linux 5.3 for information on 97 of the most significant of
these changes.

Details of three security-related bug fixes are set out below, along with
notes on other broad categories of change not covered in the release notes.
For more detailed information on specific bug fixes or enhancements, please
consult the Bugzilla numbers listed in this advisory.

• when fput() was called to close a socket, the __scm_destroy() function

in the Linux kernel could make indirect recursive calls to itself. This
could, potentially, lead to a denial of service issue. (CVE-2008-5029,
Important)

• a flaw was found in the Asynchronous Transfer Mode (ATM) subsystem. A

local, unprivileged user could use the flaw to listen on the same socket
more than once, possibly causing a denial of service. (CVE-2008-5079,
Important)

• a race condition was found in the Linux kernel "inotify" watch removal

and umount implementation. This could allow a local, unprivileged user
to cause a privilege escalation or a denial of service. (CVE-2008-5182,
Important)

• Bug fixes and enhancements are provided for:
• support for specific NICs, including products from the following

manufacturers:
Broadcom
Chelsio
Cisco
Intel
Marvell
NetXen
Realtek
Sun

• Fiber Channel support, including support for Qlogic qla2xxx,

qla4xxx, and qla84xx HBAs and the FCoE, FCP, and zFCP protocols.

• support for various CPUs, including:

AMD Opteron processors with 45 nm SOI ("Shanghai")
AMD Turion Ultra processors
Cell processors
Intel Core i7 processors

• Xen support, including issues specific to the IA64 platform, systems

using AMD processors, and Dell Optiplex GX280 systems

• ext3, ext4, GFS2, NFS, and SPUFS
• Infiniband (including eHCA, eHEA, and IPoIB) support
• common I/O (CIO), direct I/O (DIO), and queued direct I/O (qdio) support
• the kernel distributed lock manager (DLM)
• hardware issues with: SCSI, IEEE 1394 (FireWire), RAID (including issues

specific to Adaptec controllers), SATA (including NCQ), PCI, audio, serial
connections, tape-drives, and USB

• ACPI, some of a general nature and some related to specific hardware

including: certain Lenovo Thinkpad notebooks, HP DC7700 systems, and
certain machines based on Intel Centrino processor technology.

• CIFS, including Kerberos support and a tech-preview of DFS support
• networking support, including IPv6, PPPoE, and IPSec
• support for Intel chipsets, including:

Intel Cantiga chipsets
Intel Eagle Lake chipsets
Intel i915 chipsets
Intel i965 chipsets
Intel Ibex Peak chipsets
Intel chipsets offering QuickPath Interconnects (QPI)

• device mapping issues, including some in device mapper itself
• various issues specific to IA64 and PPC
• CCISS, including support for Compaq SMART Array controllers P711m and

P712m and other new hardware

• various issues affecting specific HP systems, including:

DL785G5
XW4800
XW8600
XW8600
XW9400

• IOMMU support, including specific

issues with AMD and IBM Calgary hardware

• the audit subsystem
• DASD support
• iSCSI support, including issues specific to Chelsio T3 adapters
• LVM issues
• SCTP management information base (MIB) support
• issues with: autofs, kdump, kobject_add, libata, lpar, ptrace, and utrace
• IBM Power platforms using Enhanced I/O Error Handling (EEH)
• EDAC issues for AMD K8 and Intel i5000
• ALSA, including support for new hardware
• futex support
• hugepage support
• Intelligent Platform Management Interface (IPMI) support
• issues affecting NEC/Stratus servers
• OFED support
• SELinux
• various Virtio issues

All users are advised to upgrade to these updated packages, which resolve
these issues and add these enhancements.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 228836 - acpi processor module displays errors if hyperthreading disabled
• BZ - 231369 - GFS2 will panic if you misspell any mount options
• BZ - 236750 - When bonding is used and IPV6 is enabled the message of 'kernel: bond0: duplicate address detected!' is output
• BZ - 239604 - [RHEL5] console: kobject_add failed
• BZ - 243526 - IPv6 default route does not work
• BZ - 244135 - audit tty input
• BZ - 249726 - Misspellings in RPM description, suggested clarifications
• BZ - 250104 - RHEL5 Kernel patches for blktap statistics
• BZ - 254195 - use after free in nlm subsystem
• BZ - 350281 - IPSec Packet has no Non-ESP marker
• BZ - 370471 - [RFE] Add support for Wacom PTZ-431W to kernel
• BZ - 376831 - Read from /proc/ppc64/rtas/error_log does not honor O_NONBLOCK
• BZ - 382491 - duplicate packet from ipt_CLUSTERIP module
• BZ - 390601 - [RHEL5] EDAC k8 MC0: extended error code: GART error
• BZ - 406051 - Marvell NIC using skge driver loses promiscuous mode on rewiring
• BZ - 412691 - kernel-xen panic when X shuts down
• BZ - 420961 - Driver sky2 lost support for Marvell 88E8056 network controller
• BZ - 423521 - memory leak on size-8192 buckets with NFSV4
• BZ - 425341 - Please add vscnprintf and down_write_trylock to KABI Whitelist
• BZ - 425955 - resize2fs online resize fails with small journal
• BZ - 426096 - Xenoprof check_ctrs/start/stop fixes for intel family 6
• BZ - 426895 - fix default route doesn't work.
• BZ - 428275 - Need EOE (End of Event) audit message sent from kernel.
• BZ - 428277 - Audit subsystem SIGUSR2 support
• BZ - 428696 - nVidia MCP55 MCP55 Ethernet (rev a3) not functional on kernel 2.6.18-53.1.4
• BZ - 428720 - [RHEL5 U2] Connectathon RHEL5 client to RHEL4 server, Connectathon failure
• BZ - 429054 - soft lockup while unmounting a read-only filesystem with errors
• BZ - 429142 - RHEL5.2: ecryptfs oops after lower persistent file creation failure
• BZ - 429337 - Make dm interfaces available for external modules.
• BZ - 429941 - [RHEL5 U2] Audit fails to shutdown properly
• BZ - 429950 - [firewire] unable to use disk (giving up on config rom)
• BZ - 429951 - [firewire] unable to use disk (fw_sbp2: failed to login to ...)
• BZ - 430300 - [firewire] ohci iso receive support incomplete
• BZ - 431183 - utrace: PTRACE_POKEUSR_AREA corrupts ACR0
• BZ - 431365 - SCSI IO errors do not propagate properly with certain SCSI devices
• BZ - 431868 - mounting CIFS subshare doesn't autoconvert prepath delimiters
• BZ - 432057 - GFS2: d_doio stuck in readv() waiting for pagelock.
• BZ - 432867 - memory corruption due to portmap call succeeding after parent rpc_clnt has been freed
• BZ - 433661 - kernel panic with voip traffic (h323)
• BZ - 434538 - sr #1768018 : numlock led does not reflect the status of numlock
• BZ - 434800 - xenkbd can crash when probe fails
• BZ - 434998 - utrace: ERESTARTSYS from calling a function from a debugger
• BZ - 435110 - fix up remaining sctp MIB problems
• BZ - 435115 - kernel freezes when running script which features ecryptfs parts of kernel
• BZ - 435144 - whitelist: iounmap(ia64) - Failed ABI dependencies for IA64 mpt SCSI drivers
• BZ - 435291 - LTC41974-Pages of a memory mapped NFS file get corrupted.
• BZ - 436004 - 50-75 % drop in nfs-server rewrite performance compared to rhel 4.6+
• BZ - 436068 - [Areca 5.3 feat] Update arcmsr to version 1.20.00.15.RH1
• BZ - 436686 - tg3.c does not build on sparc with > 2.6.18-53.el5
• BZ - 436966 - e1000_clean_tx_irq: Detected Tx Unit Hang - 82546EB
• BZ - 437129 - Rpm install fails due to missing symbols required in myri10ge-kmod x86_64 rpm
• BZ - 437479 - remove extraneous error field from nfs_readdir_descriptor_t
• BZ - 437544 - fix bad merge in nfs3_write_done and nfs3_commit_done
• BZ - 437579 - batch kprobe unregister
• BZ - 437803 - gfs2 crash - BUG: unable to handle kernel NULL pointer dereference at virtual address
• BZ - 437882 - utrace: orig_rax 0x00000000ffffffff not recognized as -1
• BZ - 437958 - /proc/<pid>/environ not always accessible when receiving PTRACE_EVENT_EXIT
• BZ - 438153 - Poor LVM mirroring performance
• BZ - 438230 - ia64: suspecious compile warning in brew
• BZ - 438423 - backport patch to RHEL5 have it flip to synchronous writes when there is a write error
• BZ - 438761 - LTC:5.4:201049:DM-MP SCSI Hardware Handlers
• BZ - 439193 - Assertion failure in journal_next_log_block
• BZ - 439194 - Assertion failure in journal_start() at fs/jbd/transaction.c:274: 'handle->h_transaction->t_journal == journal'
• BZ - 439899 - [RFE] Add uvcvideo module to the kernel.
• BZ - 439917 - kernel: splice: fix bad unlock_page() in error case [rhel-5.3]
• BZ - 439918 - kernel: dio: zero struct dio with kzalloc instead of manually [rhel-5.3]
• BZ - 440261 - xen/ia64 asm missing srlz instruction
• BZ - 440413 - ecryptfs module incorrectly checks error codes in process_request_key_err
• BZ - 440506 - panic in aoe:aoecmd_ata_rsp during direct I/O to lvm [snap,mirror,stripe]
• BZ - 441615 - HP DC7700 ACPI problem
• BZ - 441640 - RHEL 5.1 will incorrectly mark SCSI devices as offline due to improper error handling
• BZ - 441716 - Fake ARP dropped after migration leading to loss of network connectivity
• BZ - 441832 - mptscsi race between hotremove and mptscsih_bus_reset
• BZ - 442426 - do not limit locked memory when RLIMIT_MEMLOCK is RLIM_INFINITY
• BZ - 442577 - Backport fix for possible data corruption in mark_buffer_dirty on SMP
• BZ - 442661 - [5.2][kdump][xen] crash failed to read vmcore from Dom0 Kernel
• BZ - 442723 - Xen Support more than 16 disk devices (kernel)
• BZ - 442736 - launching too many guests panics with "No available IRQ to bind to: increase NR_IRQS!"
• BZ - 442820 - IPV6DOD: ESP with 3des-cbc for encrypt and authentication set to "null"
• BZ - 442906 - libata: sata_nv - disable ADMA by default
• BZ - 442991 - Include xenpv-driver in bare metal kernel rpm.
• BZ - 443043 - fix setuid/setgid clearing by knfsd
• BZ - 443395 - cp -p does not copy mtime to CIFS share
• BZ - 443522 - ls shows two /proc/[pid]/limits files for every process
• BZ - 443618 - [REG][Xen][5.2beta] cannot open a vmcore of xen-kdump with crash
• BZ - 443627 - kernel dm snapshot: PPC64: kernel OOPS during activation of snapshot with small chunksize
• BZ - 443645 - ST Driver causing kernel panic condition
• BZ - 443853 - RHEL 5.3 NULL pointer dereferenced in powernowk8_init
• BZ - 443896 - RFE: [Ext4 enabler] backport vfs helpers to facilitate ext4 backport and testing
• BZ - 444582 - IPV6DOD: all MCAST_* socket options fail with 32-bit app, 64-bit kernel due to padding
• BZ - 444589 - xentop - incompatibility between HV and userspace toolset
• BZ - 444611 - kernel doesn't honor ADDR_NO_RANDOMIZE for stack
• BZ - 444759 - high I/O wait using 3w-9xxx
• BZ - 444776 - iBFT target info not parsed properly by the iscsi_ibft module
• BZ - 444865 - oops in cifs module while trying to stop a thread (kthread_stop) during filesystem mount
• BZ - 444961 - softlockup when repeatedly dropping caches
• BZ - 445095 - BusLogic module can't compile in the rhel 5.2 beta kernel
• BZ - 445211 - [RFE] DTR/DSR flow control
• BZ - 445422 - Feature: allow panic on softlockup warnings
• BZ - 445522 - clean up CIFS build warnings
• BZ - 445649 - [PATCH][RHEL5.1] Performance Improvement of fdatasync(2) in case of Overwrite
• BZ - 445674 - Direct I/O cache invalidation after sync writes
• BZ - 445787 - debugfs: file/directory creation error
• BZ - 446068 - [RHEL5] k8_edac: typo in 'EDAC k8 MC0: GART TLB errorr: '
• BZ - 446076 - [RHEL5 U2] iwl4965 -> compat module taints kernel
• BZ - 446142 - CIFS: slab error in kmem_cache_destroy(): cache `cifs_request': Can't free all objects
• BZ - 446188 - BUG: Don't reserve crashkernel memory > 4 GB on ia64
• BZ - 446250 - IPV6DOD: xfrm reverse icmp feature does not seem to work correctly.
• BZ - 446599 - jbd races lead to EIO for O_DIRECT
• BZ - 446707 - Add support for filetype option in audit subsystem
• BZ - 446962 - Access to firewire devices is still allowed after the device is removed from the bus.
• BZ - 447400 - CIFS VFS: Send error in FindClose = -9
• BZ - 447586 - DM failing path due to a communication failure on a single i/o
• BZ - 447742 - JBD: Fix typo that could result in filesystem corruption.
• BZ - 447748 - GFS2: lock_dlm is not always delivering callbacks in the right order
• BZ - 448328 - ssh connection hangs when running command producing large text output after running "service iptables restart"
• BZ - 448762 - FEAT: Update ieee80211 component and associated drivers
• BZ - 448763 - FEAT: Add rt2x00 drivers
• BZ - 448764 - FEAT: Add rtl818x drivers
• BZ - 449668 - RHEL5.3: update ecryptfs kernelspace to 2.6.26 codebase
• BZ - 449787 - FEAT: RHEL5.3 update acpi-cpufreq driver
• BZ - 449945 - Guest OS install causes host machine to crash
• BZ - 449948 - Add gate.lds to Documentation/dontdiff
• BZ - 450130 - dlm: fixes for mixed endian cluster
• BZ - 450132 - dlm: fixes for recovery of user lockspace
• BZ - 450133 - dlm: keep cached master rsbs during recovery
• BZ - 450135 - dlm: save master info after failed no-queue request
• BZ - 450136 - dlm: check for null in device_write [rhel-5.3]
• BZ - 450137 - dlm: fix basts for granted CW waiting PR/CW
• BZ - 450138 - dlm: move plock code from gfs2
• BZ - 450184 - Ensure that 'noac' and/or 'actimeo=0' turn off attribute caching
• BZ - 450219 - bonding driver can leave rtnl_lock unbalanced
• BZ - 450276 - GFS2: cannot use fifo nodes (named pipes)
• BZ - 450566 - FEAT: RHEL5.3 backport fallocate syscall
• BZ - 450786 - [Stratus 5.3 bug] kernel NULL pointer dereference at usbdev_read
• BZ - 450855 - Unbalance reference count in ndisc_recv_ns
• BZ - 450921 - s2io intr_type documentation inaccurate
• BZ - 451007 - FEAT: RHEL 5.3 HDA ALSA driver update from mainstream
• BZ - 451008 - Rpmbuild generates incorrect packages due to typos in the kernel-2.6.spec file.
• BZ - 451157 - [Stratus 5.3][2/2] ttyS1 lost interrupt and it stops transmitting
• BZ - 451196 - ip tunnel can't be bound to another device
• BZ - 451317 - deadlock when rpc_malloc tries to flush NFS pages
• BZ - 451586 - RHEL5.3: SB600/700 SATA controller PMP support
• BZ - 451591 - Handle invalid ACPI SLIT table
• BZ - 451593 - Multiple outstanding ptc.g instruction support
• BZ - 451745 - a check for a buggy HP SAL caused problems booting as a guest in a virtual machine
• BZ - 451945 - Update 3w-xxxx to version 1.26.03.000-2.6.18RH
• BZ - 451946 - Update 3w-9xxx to version 2.26.08.003-2.6.18RH
• BZ - 452004 - gfs2: BUG: unable to handle kernel paging request at ffff81002690e000
• BZ - 452175 - kernel BUG at arch/i386/mm/highmem-xen.c:43! with errata/RHBA-2008-0314 installed
• BZ - 452535 - CONFIG_AUDITSYSCALL requires SELinux
• BZ - 452577 - Actual & placeholder funcs have differing param counts
• BZ - 452761 - r8169 driver broken in 2.6.18-92+ kernels.
• BZ - 453038 - Missing functions in UP kernel
• BZ - 453094 - deadlock when lockd tries to take f_sema that it already has
• BZ - 453394 - [RHEL5.2]: Running strace with a bad syscall doesn't return -ENOSYS
• BZ - 453441 - [QLogic 5.3 bug] qla2xxx- provide additional statistics to user
• BZ - 453462 - update CIFS for RHEL5.3
• BZ - 453472 - [aacraid] aac_srb: aac_fib_send failed with status 8195
• BZ - 453563 - RTL8111/8168B network card does not work
• BZ - 453574 - virtual ethernet device stops working on reception of duplicate backend state change signals
• BZ - 453680 - Error in the uhci code causes usb not to work with iommu=calgary boot option
• BZ - 453685 - [QLogic 5.3 feat] [1/n] qla2xxx- Upstream updates: 8.01.07-k7
• BZ - 453711 - [5.2][nfs] ls -l shows outdated timestamp
• BZ - 453990 - [RHEL5.3] LTP test failure in inotify02 testcase
• BZ - 454711 - 'xm info' does not show correct info in 'node_to_cpu' field on ia64
• BZ - 454792 - document divider= option in kernel docs
• BZ - 455060 - PTRACE_KILL does not kill the child process, rather than the child starts running freely.
• BZ - 455230 - v4l2 ioctl debug messages cannot be turned off
• BZ - 455238 - IPsec memory leak
• BZ - 455308 - Altix Partitioned System
• BZ - 455424 - x86: show apicid for cpu in proc
• BZ - 455425 - x86: don't call MP_processor_info for disabled cpu
• BZ - 455427 - x86: don't call MP_processor_info for disabled cpu (64bit)
• BZ - 455434 - x86: fix PAE pmd_bad bootup warning
• BZ - 455447 - FEAT: RHEL 5.3: (1/2) Increase deep idle state residency on idle platforms using Nehalem class processors
• BZ - 455449 - FEAT: RHEL 5.3: (2/2) Increase deep idle state residency on idle platforms using Nehalem class processors
• BZ - 455452 - RFE: delalloc helpers for ext4
• BZ - 455460 - kernel NULL pointer dereference in kobject_get_path
• BZ - 455471 - [NEC/Stratus 5.3 bug] various crashes in md - rdev removed in the middle of ITERATE_RDEV
• BZ - 455478 - 2.6.26 backport of "check physical address range in ioremap" into RHEL5-U3
• BZ - 455491 - backport of fix endless page faults in mount_block_root for Linux 2.6 from 2.6.26 to RHEL5-U3
• BZ - 455504 - Backport of don't use large pages to map the first 2/4MB of memory form 2.6.26 to RHEL5-U3
• BZ - 455729 - close system call returns -ERESTARTSYS
• BZ - 455813 - Under heavy memory usage dma_alloc_coherent does not return aligned address
• BZ - 455900 - [QLogic 5.3 feat] qla2xxx - mgmt. API, CT pass thru
• BZ - 456052 - kernel: fix array out of bounds when mounting with selinux options [rhel-5.3]
• BZ - 456169 - Need to add 3 dlm symbols to the kernel whitelist
• BZ - 456215 - RHEL 5.3 HDA ALSA driver update from upstream 2008-07-22 (fixes and support for new hw)
• BZ - 456218 - kernel: serial open/close loop disables irq [rhel-5.3]
• BZ - 456300 - IPMI: Restrict keyboard io port reservation
• BZ - 456334 - GFS2: glock dumping misses out some glocks
• BZ - 456453 - GFS2: d_rwdirectempty fails with short read
• BZ - 456638 - [Kdump] not work on HP-XW8600
• BZ - 456900 - [QLogic 5.3 feat] [0/n] qla2xxx- Netlink, FCoE management API
• BZ - 457006 - ipv6: use timer pending to fix bridge reference count problem [rhel-5.3]
• BZ - 457013 - pppoe: Check packet length on all receive paths [rhel-5.3]
• BZ - 457018 - pppoe: Unshare skb before anything else [rhel-5.3]
• BZ - 457025 - ide-cd: fix oops when using growisofs [rhel-5.3]
• BZ - 457058 - ecryptfs page-sized memory allocations can corrupt memory
• BZ - 457137 - [IA64] Fix SMP-unsafe with XENMEM_add_to_physmap on HVM
• BZ - 457143 - RHEL5.3: misc ecryptfs fixes from 2.6.27
• BZ - 457300 - hang in ad_rx_machine due to second attempt to lock spin_lock
• BZ - 457569 - dlm get_comm() uses NULL pointer
• BZ - 457798 - GFS2 : gfs2meta is FUBAR
• BZ - 457892 - RTL8101E performance problem
• BZ - 457958 - Backport NetXen nic driver from upstream kernel to RHEL5.3
• BZ - 457961 - kprobes remove causing kernel panic on ia64 with 2.6.18-92.1.10.el5 kernel
• BZ - 458019 - kernel: random32: seeding improvement [rhel-5.3]
• BZ - 458270 - [TAHI] DAD test failure when ipv6_autoconf=yes
• BZ - 458289 - GFS2: rm on multiple nodes causes panic
• BZ - 458360 - enable userspace kernel header check
• BZ - 458368 - [5.0] kdump hangs up by Sysrq+C trigger
• BZ - 458441 - Make oprofile recognize Nehalem
• BZ - 458620 - Problem with aic79xx
• BZ - 458684 - GFS2: glock deadlock in page fault path
• BZ - 458718 - FEAT: RHEL 5.3 ext4 tech preview
• BZ - 458749 - autofs problem with symbolic links
• BZ - 458760 - kernel: dlm: dlm/user.c input validation fixes [rhel-5.3]
• BZ - 458774 - Kernel BUG at fs/nfs/namespace.c:103 (:nfs:nfs_follow_mountpoint)
• BZ - 458824 - Oprofile need to enable/disable all the counters for intel family 6
• BZ - 458936 - write barriers not supported, ext3 does not complain
• BZ - 458988 - Panic while using pci=use_crs for resource allocation
• BZ - 459062 - pppoe: Fix skb_unshare_check call position [rhel-5.3]
• BZ - 459092 - kernel dm mpath: fix several problems in dm-mapth target error paths
• BZ - 459095 - kernel dm crypt: use cond_resched
• BZ - 459107 - [RHEL5.3]: Hang when booting an i386 domU on an i386 HV
• BZ - 459221 - RHEL5.3: Patch to support new AMD HDMI Audio
• BZ - 459337 - dm-snap.c: Data read from snapshot may be corrupt if origin is being written to simultaneously
• BZ - 459436 - ext4 assembly bitops failures on s390
• BZ - 459460 - kernel: cpufreq: fix format string bug [rhel-5.3]
• BZ - 459463 - kernel: binfmt_misc.c: avoid potential kernel stack overflow [rhel-5.3]
• BZ - 459527 - Performance degradation due to excessive spinlocking in the block layer when using logical volume that spans too many physical volumes
• BZ - 459556 - [TAHI] no echo reply for loopback address
• BZ - 459585 - dlm_recoverd in D state when using IPv6 to comunicate between nodes
• BZ - 459722 - [QLogic 5.3 feat] [3/n] qla2xxx - Upstream updates: 8.02.00-k5 to 8.02.00-k6
• BZ - 459738 - GFS2: Multiple writer performance issue.
• BZ - 459786 - utrace signal handling bug interferes with systemtap uprobes
• BZ - 459812 - IPsec crash with MAC longer than 16 bytes
• BZ - 459876 - network hangs and BUG() message at boot with -105.el5debug kernel
• BZ - 460047 - Kernel obsoletes existing Driver Updates on install
• BZ - 460063 - CIFS option forcedirectio fails to allow the appending of text to files.
• BZ - 460103 - kernel: alsa: asoc: fix double free and memory leak in many codec drivers [rhel-5.3]
• BZ - 460135 - CIFS: enable DFS support as tech-preview in RHEL5.3
• BZ - 460195 - Need SCSI transport and LLD netlink support.
• BZ - 460593 - backport upstream kernel support for private futexes to RHEL 5.3 kernel
• BZ - 460845 - Nested LVM can cause deadlock due to kcopyd
• BZ - 460846 - Deadlock possibility with nested LVMs with snapshots
• BZ - 460857 - kernel: devmem: add range_is_allowed() check to mmap_mem() [rhel-5.3]
• BZ - 461184 - Significant regression in time() performance
• BZ - 461414 - [QLogic 5.3 bug] qla2xxx/qla84xx: Fix 128Kb limitation in netlink messages;
• BZ - 461532 - /proc/xen on bare-metal and FV guests causes multiple issues
• BZ - 461537 - crypto: hmac(md5) self-test panics system
• BZ - 461671 - [RHEL5] nmi: crash during kdump kernel boot
• BZ - 461866 - net: Enable TSO if supported by at least one device
• BZ - 462109 - [qlogic 5.3 bug] qla2xxx - Set rport dev loss timeout consistently
• BZ - 462117 - [QLogic 5.3 bug] qla2xxx - Additional residual-count corrections during UNDERRUN handling.
• BZ - 462354 - dlm: add old plock interface
• BZ - 462416 - [QLogic 5.3 bug] Update qla2xxx - PCI EE error handling support
• BZ - 462441 - Fix NUL handling in TTY input auditing
• BZ - 462500 - BUG: warning when pata_sil680 loaded
• BZ - 462622 - spufs in RHEL5.3: missing context switch notification log
• BZ - 462663 - Netboot image for ppc too large
• BZ - 462743 - libata: rmmod pata_sil680 never returns from ata_port_detach
• BZ - 463206 - Regression: Tape commands are possibly retried if there is a loss of connectivity while it is running
• BZ - 463277 - RHEL5.3: ext4 warning on x86 build
• BZ - 463416 - RHEL 5.3: fix scsi regression causing udev to hang loading sr_mod
• BZ - 463470 - Regression: multipath was setting the REQ_FAILFAST flags which caused a performance drop
• BZ - 463478 - RHEL5.3: ecryptfs memory corruption
• BZ - 463500 - [RHEL5.3] Kernel-xen Oops EIP is at range_straddles_page_boundary+0x2c/0xd9
• BZ - 463503 - EEPROM/NVM of the e1000e becomes corrupted
• BZ - 464445 - xm trigger <domain> init causes kernel panic.
• BZ - 464681 - [QLogic 5.3 bug] qla2xxx/qla84xxx: Advertise qla84xx firmware rev. fix netlink code
• BZ - 464868 - incorrect ATA7 handing in kernel causing ABRT errors
• BZ - 465023 - [QLogic 5.3 bug] Update qla2xxx version to meet open source standards.
• BZ - 465396 - [5.3] makedumpfile: Can't get necessary symbols for excluding free pages.
• BZ - 465825 - panic in kcopyd during snapshot I/O
• BZ - 465856 - GFS2: recovery stuck
• BZ - 466167 - RHEL5.3: posix-timers race condition causes timer to seize up
• BZ - 466240 - Question for LUKS device passhprase unreadable when using Xen
• BZ - 466246 - Interactive installation fails with ext4dev root partition
• BZ - 466307 - /dev/agpart missing for intel i965 HW/82G965 Graphics
• BZ - 466422 - RHEL5.3: Modify SATA IDE mode quirk
• BZ - 466774 - [RHEL5.3] kernel kernel BUG at kernel/exit.c:1129!
• BZ - 467153 - [QLogic 5.3 bug] latest qlogic driver takes several minutes to find LUNs on older qla2xx controller
• BZ - 467216 - avc: denied { sys_resource } when using ext4dev partitions
• BZ - 467244 - On RHEL 5.2 32 bit rmmod bonding results in a kernel panic when configured in balance-tlb mode
• BZ - 467689 - GFS2: Hang when shrink_slab calls gfs2_delete_inode (the GFP_NOFS bit)
• BZ - 467845 - RHEL 5.3: allow tcp socket buffers grow to larger than a page size
• BZ - 467927 - [RHEL5] patch enabling deep C states makes a RHTS machine hang on boot
• BZ - 468034 - RHEL 5.3: minor virtio_net_fixes
• BZ - 468083 - kernel-xen doesn't boot on Dell Optiplex GX280
• BZ - 468148 - getsockopt() returning incorrectly in PPC
• BZ - 468187 - [autofs4] Incorrect "active offset mount" messages in syslog
• BZ - 468192 - writing data to file can fail and cause panic sometimes when using xattr on ecryptfs
• BZ - 468538 - dlm: add dlm_posix_set_fsid to kABI
• BZ - 468547 - RHEL5.3: Regression in ext3/jbd
• BZ - 468555 - [QLogic 5.3 bug] qla2xxx - restore disable by default of MSI, MSI-X
• BZ - 468573 - [QLogic 5.3 bug] qla2xxx - Correct Atmel flash-part handling
• BZ - 468870 - initscripts upgrade from 8.45.17 to 8.45.19 breaks arp_ip_target
• BZ - 468873 - [QLogic 5.3 bug] qla2xxx - fails to report Option Rom version information
• BZ - 468915 - [Stratus/NEC 5.3 bug] System can crash when removing input device
• BZ - 468922 - bnx2x + 57711 MCA on BL870c
• BZ - 468967 - iwlagn (Montevina & Santa Rosa) fails to get associated with AP by NetworkManager frequently
• BZ - 469414 - [QLogic 5.3 bug] qla3xxx, qla4xxx- Update version numbers and use new format.
• BZ - 469444 - [All Partners 5.3 bug] allow both ACPI code paths to use the same blacklist dmi_table correctly
• BZ - 469710 - Various firewire bugs fixed upstream
• BZ - 469711 - firewire module unload hangs
• BZ - 469715 - libata: avoid overflow in ata_tf_to_lba48() when tf->hba_lbal> 127
• BZ - 469754 - kernel panic seen in ptrace_induce_signal in run of rhts test /tools/gdb/gdb-any/
• BZ - 469774 - RHEL53 Beta1: network installation through cxgb3 interface failed if the adapter firmware doesn't match the cxgb3 device driver requst firmware level in rhel53.
• BZ - 470201 - CVE-2008-5029 kernel: Unix sockets kernel panic
• BZ - 470267 - cifs: data corruption due to interleaved partial writes timing out
• BZ - 470449 - system-config-soundcard is not working on RHEL5.3 GA-snapshot1
• BZ - 470610 - [Emulex 5.3 bug] Update lpfc to version 8.2.0.33.3p
• BZ - 470625 - Netdump not functioning w/ bnx2 >= v1.8h (Broadcom Netxtreme II Network Card)
• BZ - 471112 - gdb on ppc hangs, then panics with a kill -9
• BZ - 471269 - [QLogic 5.3 bug] qla2xxx - No NPIV for Loop connections.
• BZ - 471576 - libata: Avoid overflow in ata_tf_read_block() when tf->hba_lbal > 127
• BZ - 471639 - max_phys_segments violation with dm-linear + md raid1 + cciss
• BZ - 471801 - statically linked uuid segfaults in uuid_generate() on Xen kernel
• BZ - 471871 - dlm: fix up memory allocation flags
• BZ - 471903 - [Broadcom 5.3 bug] bnx2: add PCI-IDs for 5716s
• BZ - 471933 - [Brocade/Dell 5.3 bug] hts failing memory test with EDAC i5000 Non-Fatal error
• BZ - 472095 - RHEL5.3 e1000e: enable ECC correction on 82571 silicon
• BZ - 472325 - CVE-2008-5182 kernel: fix inotify watch removal/umount races
• BZ - 472382 - [QLogic 5.3 bug] qla2xx/qla84xx - Failure to establish link.
• BZ - 472504 - Need to build xen-platform-pci as a module and not into the kernel
• BZ - 472844 - kernel panic when modprobe -r acpi_cpufreq on centrino platform with kernel newer than 2.6.18-118
• BZ - 473110 - RHEL 5.3: allow tun/tap support larger MTU sizes
• BZ - 473114 - RHEL 5.3: allow virtio_net support larger MTU sizes
• BZ - 473120 - RHEL 5.3: implement virtio_net mergeable receive buffer allocate scheme
• BZ - 473696 - CVE-2008-5079 Linux Kernel 'atm module' Local Denial of Service
• BZ - 474465 - RHEL5.3: Calgary DMA errors on IBM systems
• BZ - 474736 - [QLogic 5.3 bug] qla4xxx - Add checks for <TargetName, ISID, TargetPortGroupTag>
• BZ - 474935 - fcoe: fix terminate_rport_io related problems
• BZ - 475652 - kdump panic introduced by hpet fix on systems without HPET
• BZ - 475778 - [RHEL 5.3 Xen]: Guest hang on FV save/restore
• BZ - 476184 - RHEL5.3 pv guests crash randomly on reboot orders.

CVEs

• CVE-2008-5029
• CVE-2008-5300
• CVE-2008-5079
• CVE-2008-5182

References

• http://www.redhat.com/security/updates/classification/#important