Red Hat Product Errata RHSA-2009:1222 - Security Advisory

Issued:: 2009-08-24
Updated:: 2009-08-24

RHSA-2009:1222 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Topic

Updated kernel packages that fix two security issues and a bug are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

These updated packages fix the following security issues:

a flaw was found in the SOCKOPS_WRAP macro in the Linux kernel. This
macro did not initialize the sendpage operation in the proto_ops structure
correctly. A local, unprivileged user could use this flaw to cause a local
denial of service or escalate their privileges. (CVE-2009-2692, Important)
a flaw was found in the udp_sendmsg() implementation in the Linux kernel
when using the MSG_MORE flag on UDP sockets. A local, unprivileged user
could use this flaw to cause a local denial of service or escalate their
privileges. (CVE-2009-2698, Important)

Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google
Security Team for responsibly reporting these flaws.

These updated packages also fix the following bug:

in the dlm code, a socket was allocated in tcp_connect_to_sock(), but was
not freed in the error exit path. This bug led to a memory leak and an
unresponsive system. A reported case of this bug occurred after running
"cman_tool kill -n [nodename]". (BZ#515432)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server - Extended Update Support 5.3 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 ia64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 i386
Red Hat Enterprise Linux Server - AUS 5.3 x86_64
Red Hat Enterprise Linux Server - AUS 5.3 ia64
Red Hat Enterprise Linux Server - AUS 5.3 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.3 s390x
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.3 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

BZ - 515432 - dlm_send socket leak [rhel-5.3.z]
BZ - 516949 - CVE-2009-2692 kernel: uninit op in SOCKOPS_WRAP() leads to privesc
BZ - 518034 - CVE-2009-2698 kernel: udp socket NULL ptr dereference

CVEs

References

http://www.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
x86_64
kernel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 9404199926eda02e1bdde1e2ebc09edae9518195c6d7926cf02431f578cd013d
kernel-debug-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: d12bebe57c1fbd4cc67414a05a7f5776768ed400de873b62bd7d5fec26819f73
kernel-debug-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 46f046ec818176f249ca59bc78a375a26e9b295e6c6fe544c0e5a444ccffb3f3
kernel-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 79771570cf17b7dbc4698b6856da9e0d85f1158ce9ce21c1382cbdf9112a0f8d
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: be5d48ab76cd5d002a52470039bcd85a6de8e189876234adb6b4005563435662
kernel-xen-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: a5adb8708d81e7e3e5051bc13fc4651bdda8f1823b74dcf897553246bd74a38f
kernel-xen-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: ee1a606f319038a5b3cc2dd42b955788989c25662eb522ec9d9240e280ad7d04
ia64
kernel-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: 74c06450f7210e3528f605828fb65fd441ed9841e9bd05956e06aa301a003d0f
kernel-debug-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: 8a444e2a9133d5250e6d223724fdf4a4964389c5c6067991c01d2ec57cf7d0b7
kernel-debug-devel-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: ddded19afd0416f3470e4d2a4e1d57e88730e3a1b273169844612f61357e87f9
kernel-devel-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: 19561c40a0bef421d8b9de6a1619e69ed405a17f03f9660b36921bc20325629d
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: 4ff380fb6d0f90c67bd6699552169729dd87f2d04dc5614b4f892d0763f48d5e
kernel-xen-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: d12b8220c852c3662c6fa5099cdfbe73e5dd444aa5676238b18b76f9ded24b04
kernel-xen-devel-2.6.18-128.7.1.el5.ia64.rpm	SHA-256: 7949aa4a1d2494b348f1494aab5ff1fd9c241718820bb0d8620efd0f9d6d26a4
i386
kernel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 8262d3b8a2a2e62d2ce2d256a2e5428fcf0d839ffe723d557b379deae2913e17
kernel-PAE-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 48c9851d0443e74676ab2e0023ce3e040ccef83cee00ce72b89ffb624aa1185a
kernel-PAE-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 79b7a93a29981d19ee5b8eead52b18a87eb5c660a38891e34a99b6ef84755181
kernel-debug-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9841ec351adf0d472d49e30d59732418c2a764c64e97d4e185a9a6d37aada5c4
kernel-debug-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: a400a249bec2146ce6d48a4b097904f4f5b80e29fc545f31223bbd0cf0beed66
kernel-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: e4120f00bac835bd30c4cc785214747e1a9219bb9a6c2da733368ee127a9788a
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.i386.rpm	SHA-256: f2a22d61991076524220755c22cd3c80c8118cacf8fdf37a2e56bb6e843adc96
kernel-xen-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 4a8c11f364d4fca5d1b82a65705a6beda38311db0b743a79108099aba6d320bf
kernel-xen-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9780043f6e0315b26bcdfb1ec9020fc961af84e99ccefeb74d322264222fbf6a

Red Hat Enterprise Linux Workstation 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
x86_64
kernel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 9404199926eda02e1bdde1e2ebc09edae9518195c6d7926cf02431f578cd013d
kernel-debug-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: d12bebe57c1fbd4cc67414a05a7f5776768ed400de873b62bd7d5fec26819f73
kernel-debug-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 46f046ec818176f249ca59bc78a375a26e9b295e6c6fe544c0e5a444ccffb3f3
kernel-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 79771570cf17b7dbc4698b6856da9e0d85f1158ce9ce21c1382cbdf9112a0f8d
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: be5d48ab76cd5d002a52470039bcd85a6de8e189876234adb6b4005563435662
kernel-xen-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: a5adb8708d81e7e3e5051bc13fc4651bdda8f1823b74dcf897553246bd74a38f
kernel-xen-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: ee1a606f319038a5b3cc2dd42b955788989c25662eb522ec9d9240e280ad7d04
i386
kernel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 8262d3b8a2a2e62d2ce2d256a2e5428fcf0d839ffe723d557b379deae2913e17
kernel-PAE-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 48c9851d0443e74676ab2e0023ce3e040ccef83cee00ce72b89ffb624aa1185a
kernel-PAE-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 79b7a93a29981d19ee5b8eead52b18a87eb5c660a38891e34a99b6ef84755181
kernel-debug-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9841ec351adf0d472d49e30d59732418c2a764c64e97d4e185a9a6d37aada5c4
kernel-debug-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: a400a249bec2146ce6d48a4b097904f4f5b80e29fc545f31223bbd0cf0beed66
kernel-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: e4120f00bac835bd30c4cc785214747e1a9219bb9a6c2da733368ee127a9788a
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.i386.rpm	SHA-256: f2a22d61991076524220755c22cd3c80c8118cacf8fdf37a2e56bb6e843adc96
kernel-xen-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 4a8c11f364d4fca5d1b82a65705a6beda38311db0b743a79108099aba6d320bf
kernel-xen-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9780043f6e0315b26bcdfb1ec9020fc961af84e99ccefeb74d322264222fbf6a

Red Hat Enterprise Linux Desktop 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
x86_64
kernel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 9404199926eda02e1bdde1e2ebc09edae9518195c6d7926cf02431f578cd013d
kernel-debug-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: d12bebe57c1fbd4cc67414a05a7f5776768ed400de873b62bd7d5fec26819f73
kernel-debug-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 46f046ec818176f249ca59bc78a375a26e9b295e6c6fe544c0e5a444ccffb3f3
kernel-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 79771570cf17b7dbc4698b6856da9e0d85f1158ce9ce21c1382cbdf9112a0f8d
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: be5d48ab76cd5d002a52470039bcd85a6de8e189876234adb6b4005563435662
kernel-xen-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: a5adb8708d81e7e3e5051bc13fc4651bdda8f1823b74dcf897553246bd74a38f
kernel-xen-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: ee1a606f319038a5b3cc2dd42b955788989c25662eb522ec9d9240e280ad7d04
i386
kernel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 8262d3b8a2a2e62d2ce2d256a2e5428fcf0d839ffe723d557b379deae2913e17
kernel-PAE-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 48c9851d0443e74676ab2e0023ce3e040ccef83cee00ce72b89ffb624aa1185a
kernel-PAE-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 79b7a93a29981d19ee5b8eead52b18a87eb5c660a38891e34a99b6ef84755181
kernel-debug-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9841ec351adf0d472d49e30d59732418c2a764c64e97d4e185a9a6d37aada5c4
kernel-debug-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: a400a249bec2146ce6d48a4b097904f4f5b80e29fc545f31223bbd0cf0beed66
kernel-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: e4120f00bac835bd30c4cc785214747e1a9219bb9a6c2da733368ee127a9788a
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.i386.rpm	SHA-256: f2a22d61991076524220755c22cd3c80c8118cacf8fdf37a2e56bb6e843adc96
kernel-xen-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 4a8c11f364d4fca5d1b82a65705a6beda38311db0b743a79108099aba6d320bf
kernel-xen-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9780043f6e0315b26bcdfb1ec9020fc961af84e99ccefeb74d322264222fbf6a

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
s390x
kernel-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: e3d0d0253ed15b733757421907a92c6a5bac87668f31566e3f3814b39f010f86
kernel-debug-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: 139127262f5edb7eb9ee93d8c5fcb93ec3bfbdaab3d4915e0a9748c19e9a700c
kernel-debug-devel-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: 6acf4ae0ddfb9ac9eaa845c1d8bc7578359f37890359bc416f5e6e42ad78b346
kernel-devel-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: cc5deca74589e7fbc8571e9d22976023986b4aed3634b71c43130cc0278b0752
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: c47013e5bf204014a388572f60f978e29bed960b73b9aa51bf058392f3346122
kernel-kdump-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: 1c89de85020776c2361f7b1e63ef0a6a65e34ab29312fb935dc6d0b58bb7a71b
kernel-kdump-devel-2.6.18-128.7.1.el5.s390x.rpm	SHA-256: e6f7b3e30f27272f54fc46c3589c4893eb997ae0f09fb61858d187d0ee67f266

Red Hat Enterprise Linux for Power, big endian 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
ppc
kernel-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: a96972f384fe015af73984bff793c2aa073d1143838f0c0479162245cc595730
kernel-debug-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: 21fc1146884d2ed47ec18f4f583845402b7e97cc923c9804138141e201746d8a
kernel-debug-devel-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: 50ff5a974367d668f3af648189194028636472f5ad7ce627950588b27aa54c6b
kernel-devel-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: f06eab27b7aa36a0dc14efbb9be5d867a5eddcaed290c3a94ce8514435824b80
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.ppc.rpm	SHA-256: 09b39b4f40fd815f841fa780ba52210670a042955c2260e98d1ff4ab0ead83c4
kernel-headers-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: d3e4bb0f31c94a14ce7c164701cd236ec37d88385bc23196af34273d250ac45a
kernel-kdump-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: 1db74a350f324a462de51ed33c24d463528eb6939fc87119a5e84e5bb90413b3
kernel-kdump-devel-2.6.18-128.7.1.el5.ppc64.rpm	SHA-256: baef742526261778573f442d2c7d0f6484f39afe155804b91522f5f0e9a57c3f

Red Hat Enterprise Linux Server from RHUI 5

SRPM
kernel-2.6.18-128.7.1.el5.src.rpm	SHA-256: 62494a58e103b4af7b10304077bd2a80fd7e3be0a1286c9ae049f7d16bfeabe3
x86_64
kernel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 9404199926eda02e1bdde1e2ebc09edae9518195c6d7926cf02431f578cd013d
kernel-debug-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: d12bebe57c1fbd4cc67414a05a7f5776768ed400de873b62bd7d5fec26819f73
kernel-debug-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 46f046ec818176f249ca59bc78a375a26e9b295e6c6fe544c0e5a444ccffb3f3
kernel-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: 79771570cf17b7dbc4698b6856da9e0d85f1158ce9ce21c1382cbdf9112a0f8d
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: be5d48ab76cd5d002a52470039bcd85a6de8e189876234adb6b4005563435662
kernel-xen-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: a5adb8708d81e7e3e5051bc13fc4651bdda8f1823b74dcf897553246bd74a38f
kernel-xen-devel-2.6.18-128.7.1.el5.x86_64.rpm	SHA-256: ee1a606f319038a5b3cc2dd42b955788989c25662eb522ec9d9240e280ad7d04
i386
kernel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 8262d3b8a2a2e62d2ce2d256a2e5428fcf0d839ffe723d557b379deae2913e17
kernel-PAE-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 48c9851d0443e74676ab2e0023ce3e040ccef83cee00ce72b89ffb624aa1185a
kernel-PAE-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 79b7a93a29981d19ee5b8eead52b18a87eb5c660a38891e34a99b6ef84755181
kernel-debug-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9841ec351adf0d472d49e30d59732418c2a764c64e97d4e185a9a6d37aada5c4
kernel-debug-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: a400a249bec2146ce6d48a4b097904f4f5b80e29fc545f31223bbd0cf0beed66
kernel-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: e4120f00bac835bd30c4cc785214747e1a9219bb9a6c2da733368ee127a9788a
kernel-doc-2.6.18-128.7.1.el5.noarch.rpm	SHA-256: 8e1c76f3c74a1a8afdb439d0008d3d8eb572d4d58030b88169f79cb6e3a457f8
kernel-headers-2.6.18-128.7.1.el5.i386.rpm	SHA-256: f2a22d61991076524220755c22cd3c80c8118cacf8fdf37a2e56bb6e843adc96
kernel-xen-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 4a8c11f364d4fca5d1b82a65705a6beda38311db0b743a79108099aba6d320bf
kernel-xen-devel-2.6.18-128.7.1.el5.i686.rpm	SHA-256: 9780043f6e0315b26bcdfb1ec9020fc961af84e99ccefeb74d322264222fbf6a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Support

Services

Knowledge

Ecosystem

Red Hat Customer Portal Labs

Additional Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Discussions

Blogs

Customer Events

Stories