Red Hat Product Errata RHSA-2010:0019 - Security Advisory
Issued:
2010-01-07
Updated:
2010-01-07

RHSA-2010:0019 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

  • a flaw was found in the IPv6 Extension Header (EH) handling

implementation in the Linux kernel. The skb->dst data structure was not
properly validated in the ipv6_hop_jumbo() function. This could possibly
lead to a remote denial of service. (CVE-2007-4567, Important)

  • a flaw was found in each of the following Intel PRO/1000 Linux drivers in

the Linux kernel: e1000 and e1000e. A remote attacker using packets larger
than the MTU could bypass the existing fragment check, resulting in
partial, invalid frames being passed to the network stack. These flaws
could also possibly be used to trigger a remote denial of service.
(CVE-2009-4536, CVE-2009-4538, Important)

  • a flaw was found in the Realtek r8169 Ethernet driver in the Linux

kernel. Receiving overly-long frames with network cards supported by this
driver could possibly result in a remote denial of service. (CVE-2009-4537,
Important)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 548641 - CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash
  • BZ - 550907 - CVE-2009-4537 kernel: r8169 issue reported at 26c3
  • BZ - 551214 - CVE-2009-4538 kernel: e1000e frame fragment issue
  • BZ - 552126 - CVE-2009-4536 kernel: e1000 issue reported at 26c3

Red Hat Enterprise Linux Server 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
x86_64
kernel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 6eb0694eea79e532bf8c13973b6e54cd4d152f9ecfb59bcc5c508e29809008f0
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 23f75e000ad8056398cb5bb186566db00f3fb6d68dcf77915574cfb6fa3b3336
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: c96a6f0a9287734a5ef660d7253ddd467a6ff77d949e68edcc6888c3c5b7b3c0
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: e0fb9850fa27dcc244bf9f3f692c61caaa04af3fed7ff2ef9c3da875db8a010e
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: a92a30358808d97801383be47bef41ceae17f2b9171f0850e9aed53ac8589e3b
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 848c88d9f1568b3968a92e91d06a78e27b0fcde9c79005e65d7e690fa69bb010
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: fb150acb2be4a781d8fed79395e03977860b529d592141d05be1c262f71e2891
ia64
kernel-2.6.18-164.10.1.el5.ia64.rpm SHA-256: c05149548d9614d55dcaa7159a889907dd5b9182e0bea45ea552a0b01d51d477
kernel-debug-2.6.18-164.10.1.el5.ia64.rpm SHA-256: 1ad54ef921083693fbf7412a3b5e97bab267391fa7c9d30b8db6ba7b2defc9cf
kernel-debug-devel-2.6.18-164.10.1.el5.ia64.rpm SHA-256: f2e1184bbe8430df7dce6e34adf1f10a7716a30bcfb7a2326196f62461c432f4
kernel-devel-2.6.18-164.10.1.el5.ia64.rpm SHA-256: ccdd6cd3ad1a8abf550822dfa8562e708ab9c054edb5abeb0e9728fcea370992
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.ia64.rpm SHA-256: c60b47d3414bbdfe8091269d9f6eee54b1a14060f11b925b68d74ea7b6b0b079
kernel-xen-2.6.18-164.10.1.el5.ia64.rpm SHA-256: 89ae0b012a6c74ed3fee38acc723506c41026d58803dc7e23ffca5c2bd590164
kernel-xen-devel-2.6.18-164.10.1.el5.ia64.rpm SHA-256: c1ec5c138482010aba943a6bdcd55afc6b76f4d17dc38e8d2637c1ec27d82d69
i386
kernel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 6f2929a957a3fbb646ee7e0fcba33d32f21bc752f1d0fdce64c3c5f136b12ff2
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm SHA-256: f674e980b7d20522887c665c1bb6ce6e85b216e76f9bf1991c45f163fd8ecf6a
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 3e4daac2da0811a4f091dfaf5b5b2ba2be7c8474f8325283e92f9ae121c947c7
kernel-debug-2.6.18-164.10.1.el5.i686.rpm SHA-256: 7544748fcd57dab7180c0a809d0c111c30c98948569dc4b3c486d8a20dc9aaf9
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 9948974e35fbc2e97ec152636086025419e72ed08d36746dfc4b4e17e1753e76
kernel-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 8b856f0c4ffbbe67d4f693f16475320962b374cc33109bcdfbb2421d01d16459
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.i386.rpm SHA-256: c11017f04e2a9349c703f9fbae55911ba9ee6bd1d3e028f1c2bd0baec44df6e8
kernel-xen-2.6.18-164.10.1.el5.i686.rpm SHA-256: 08a533ac6aeaf7d8387aa2730bb637585bbe5ff9a3dca6f72664455315b6d6b5
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 1d5e55871337a118e66d25e224058c8efa43a2c59fa9c8b14d9e1d863e68be02

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
x86_64
kernel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 6eb0694eea79e532bf8c13973b6e54cd4d152f9ecfb59bcc5c508e29809008f0
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 23f75e000ad8056398cb5bb186566db00f3fb6d68dcf77915574cfb6fa3b3336
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: c96a6f0a9287734a5ef660d7253ddd467a6ff77d949e68edcc6888c3c5b7b3c0
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: e0fb9850fa27dcc244bf9f3f692c61caaa04af3fed7ff2ef9c3da875db8a010e
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: a92a30358808d97801383be47bef41ceae17f2b9171f0850e9aed53ac8589e3b
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 848c88d9f1568b3968a92e91d06a78e27b0fcde9c79005e65d7e690fa69bb010
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: fb150acb2be4a781d8fed79395e03977860b529d592141d05be1c262f71e2891
i386
kernel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 6f2929a957a3fbb646ee7e0fcba33d32f21bc752f1d0fdce64c3c5f136b12ff2
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm SHA-256: f674e980b7d20522887c665c1bb6ce6e85b216e76f9bf1991c45f163fd8ecf6a
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 3e4daac2da0811a4f091dfaf5b5b2ba2be7c8474f8325283e92f9ae121c947c7
kernel-debug-2.6.18-164.10.1.el5.i686.rpm SHA-256: 7544748fcd57dab7180c0a809d0c111c30c98948569dc4b3c486d8a20dc9aaf9
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 9948974e35fbc2e97ec152636086025419e72ed08d36746dfc4b4e17e1753e76
kernel-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 8b856f0c4ffbbe67d4f693f16475320962b374cc33109bcdfbb2421d01d16459
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.i386.rpm SHA-256: c11017f04e2a9349c703f9fbae55911ba9ee6bd1d3e028f1c2bd0baec44df6e8
kernel-xen-2.6.18-164.10.1.el5.i686.rpm SHA-256: 08a533ac6aeaf7d8387aa2730bb637585bbe5ff9a3dca6f72664455315b6d6b5
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 1d5e55871337a118e66d25e224058c8efa43a2c59fa9c8b14d9e1d863e68be02

Red Hat Enterprise Linux Desktop 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
x86_64
kernel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 6eb0694eea79e532bf8c13973b6e54cd4d152f9ecfb59bcc5c508e29809008f0
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 23f75e000ad8056398cb5bb186566db00f3fb6d68dcf77915574cfb6fa3b3336
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: c96a6f0a9287734a5ef660d7253ddd467a6ff77d949e68edcc6888c3c5b7b3c0
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: e0fb9850fa27dcc244bf9f3f692c61caaa04af3fed7ff2ef9c3da875db8a010e
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: a92a30358808d97801383be47bef41ceae17f2b9171f0850e9aed53ac8589e3b
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 848c88d9f1568b3968a92e91d06a78e27b0fcde9c79005e65d7e690fa69bb010
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: fb150acb2be4a781d8fed79395e03977860b529d592141d05be1c262f71e2891
i386
kernel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 6f2929a957a3fbb646ee7e0fcba33d32f21bc752f1d0fdce64c3c5f136b12ff2
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm SHA-256: f674e980b7d20522887c665c1bb6ce6e85b216e76f9bf1991c45f163fd8ecf6a
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 3e4daac2da0811a4f091dfaf5b5b2ba2be7c8474f8325283e92f9ae121c947c7
kernel-debug-2.6.18-164.10.1.el5.i686.rpm SHA-256: 7544748fcd57dab7180c0a809d0c111c30c98948569dc4b3c486d8a20dc9aaf9
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 9948974e35fbc2e97ec152636086025419e72ed08d36746dfc4b4e17e1753e76
kernel-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 8b856f0c4ffbbe67d4f693f16475320962b374cc33109bcdfbb2421d01d16459
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.i386.rpm SHA-256: c11017f04e2a9349c703f9fbae55911ba9ee6bd1d3e028f1c2bd0baec44df6e8
kernel-xen-2.6.18-164.10.1.el5.i686.rpm SHA-256: 08a533ac6aeaf7d8387aa2730bb637585bbe5ff9a3dca6f72664455315b6d6b5
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 1d5e55871337a118e66d25e224058c8efa43a2c59fa9c8b14d9e1d863e68be02

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
s390x
kernel-2.6.18-164.10.1.el5.s390x.rpm SHA-256: d3688048399309999180e6f25ad5fa1008ae51cc1ebc47dbbe23098ed971895c
kernel-debug-2.6.18-164.10.1.el5.s390x.rpm SHA-256: 860723a2e28d4ea0e83a9626f59629967f777fa7533bd7be8725edb6d1179347
kernel-debug-devel-2.6.18-164.10.1.el5.s390x.rpm SHA-256: bdcccf222c9536ae73b72d26ffec5e75c98f7322cf248b5076fd4d5516c126e3
kernel-devel-2.6.18-164.10.1.el5.s390x.rpm SHA-256: 4b8a9df3f3e002c8ccd7989b79e1f1ff25c78f85fe3805fa5b19b2c667d16afe
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.s390x.rpm SHA-256: dc86d39615d4848435a4f49e36931e2b4b23275fd965461eaec3b09b50ed2fbe
kernel-kdump-2.6.18-164.10.1.el5.s390x.rpm SHA-256: e0361f23edc97b65254bf870c8aad773a80168ab43dd9939b61f03fcfc80756f
kernel-kdump-devel-2.6.18-164.10.1.el5.s390x.rpm SHA-256: 5c4785fb900579af1ef33f2698e8ffd8e2606215eb86c63271451e0d0d33b4cd

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
ppc
kernel-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: 4a2b2b76f237957c1fc2be8bad832231aa7063b1bd00dae9e4e4175a659ada67
kernel-debug-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: 7f469db6280b448721a28a6b0d787a6f6d6b71222042f004f1e17e825d892a58
kernel-debug-devel-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: bc7293bcd7c290e71b74dc7155c8bfb18117def3d77e10cf1a62fdf7786ef29a
kernel-devel-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: 220527c7e5fb5311181480ec7cd88293b2ccefd9ab4cd46fa81bc6240fc1f591
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.ppc.rpm SHA-256: 7b4673310804b3847c63aaa1b75a54f58018a4269879522ce2a723cc7d8ddec0
kernel-headers-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: c5f63f2de9e12e3177876bd4e3159e147db5e3855907899ab19029769b636607
kernel-kdump-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: 63e44372114082907193204fe6c1515c2b7cc1dd672083a01cc850b8734aff5e
kernel-kdump-devel-2.6.18-164.10.1.el5.ppc64.rpm SHA-256: 8e8b39d6ec2cef9a4f9270d98921d80d00aa51d7d414b09cdca200e55b69600e

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
kernel-2.6.18-164.10.1.el5.src.rpm SHA-256: fcd26b5a922cc5110a7fdc29ab8dff157e14489472188e466bba2a53d8d702f6
x86_64
kernel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 6eb0694eea79e532bf8c13973b6e54cd4d152f9ecfb59bcc5c508e29809008f0
kernel-debug-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 23f75e000ad8056398cb5bb186566db00f3fb6d68dcf77915574cfb6fa3b3336
kernel-debug-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: c96a6f0a9287734a5ef660d7253ddd467a6ff77d949e68edcc6888c3c5b7b3c0
kernel-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: e0fb9850fa27dcc244bf9f3f692c61caaa04af3fed7ff2ef9c3da875db8a010e
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: a92a30358808d97801383be47bef41ceae17f2b9171f0850e9aed53ac8589e3b
kernel-xen-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: 848c88d9f1568b3968a92e91d06a78e27b0fcde9c79005e65d7e690fa69bb010
kernel-xen-devel-2.6.18-164.10.1.el5.x86_64.rpm SHA-256: fb150acb2be4a781d8fed79395e03977860b529d592141d05be1c262f71e2891
i386
kernel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 6f2929a957a3fbb646ee7e0fcba33d32f21bc752f1d0fdce64c3c5f136b12ff2
kernel-PAE-2.6.18-164.10.1.el5.i686.rpm SHA-256: f674e980b7d20522887c665c1bb6ce6e85b216e76f9bf1991c45f163fd8ecf6a
kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 3e4daac2da0811a4f091dfaf5b5b2ba2be7c8474f8325283e92f9ae121c947c7
kernel-debug-2.6.18-164.10.1.el5.i686.rpm SHA-256: 7544748fcd57dab7180c0a809d0c111c30c98948569dc4b3c486d8a20dc9aaf9
kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 9948974e35fbc2e97ec152636086025419e72ed08d36746dfc4b4e17e1753e76
kernel-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 8b856f0c4ffbbe67d4f693f16475320962b374cc33109bcdfbb2421d01d16459
kernel-doc-2.6.18-164.10.1.el5.noarch.rpm SHA-256: e32d25803ea6483768d43efa45ac19548429f8705810555f0d388e23a6d3b54a
kernel-headers-2.6.18-164.10.1.el5.i386.rpm SHA-256: c11017f04e2a9349c703f9fbae55911ba9ee6bd1d3e028f1c2bd0baec44df6e8
kernel-xen-2.6.18-164.10.1.el5.i686.rpm SHA-256: 08a533ac6aeaf7d8387aa2730bb637585bbe5ff9a3dca6f72664455315b6d6b5
kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm SHA-256: 1d5e55871337a118e66d25e224058c8efa43a2c59fa9c8b14d9e1d863e68be02

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.