Red Hat Product Errata RHSA-2010:0677 - Security Advisory
Issued:
2010-09-07
Updated:
2010-09-07

RHSA-2010:0677 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.7 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

  • When an application has a stack overflow, the stack could silently

overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code,
possibly leading to privilege escalation. It is known that the X Window
System server can be used to trigger this flaw. (CVE-2010-2240, Important)

Red Hat would like to thank the X.Org security team for reporting this
issue. Upstream acknowledges Rafal Wojtczuk as the original reporter.

Users should upgrade to these updated packages, which contain backported
patches to correct this issue. The system must be rebooted for this update
to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 i386
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7 ppc

Fixes

  • BZ - 606611 - CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.32.EL.src.rpm SHA-256: 35f73b8670ce7292543e762f975bf45616440776b6c9fcd30dce9931b6735fb1
x86_64
kernel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 38021e7b292494278c09c4851ea60e48ef3fa1c8d7e346dfeb838429d13ce1b2
kernel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 38021e7b292494278c09c4851ea60e48ef3fa1c8d7e346dfeb838429d13ce1b2
kernel-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: e83c73f154ece8936690b24285c3c2659bb86653b996fe6bda990da75fa25523
kernel-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: e83c73f154ece8936690b24285c3c2659bb86653b996fe6bda990da75fa25523
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: fc7c5b10a2832a3039df5efa56140836f0ee7d2d4810bc5248ca315998f738cb
kernel-largesmp-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: fc7c5b10a2832a3039df5efa56140836f0ee7d2d4810bc5248ca315998f738cb
kernel-largesmp-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 4791f38a5ef6f2c7660cf1396b83c9479b2441d5988a3e46418da8b648ec4788
kernel-largesmp-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 4791f38a5ef6f2c7660cf1396b83c9479b2441d5988a3e46418da8b648ec4788
kernel-smp-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: b5c01112fa4712ba0c67c626d589ee6e3d3ae345f7544ffff0e74ac4beb32428
kernel-smp-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: b5c01112fa4712ba0c67c626d589ee6e3d3ae345f7544ffff0e74ac4beb32428
kernel-smp-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 9b203095eb4f4571db277f4a4ffbaea8b9e388e3fcd66e850629ba5ed116118c
kernel-smp-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 9b203095eb4f4571db277f4a4ffbaea8b9e388e3fcd66e850629ba5ed116118c
kernel-xenU-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 1b294f155e3428e30cd656dcf12e1aa093e5bc5a7b08063aa634507d3a481d91
kernel-xenU-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 1b294f155e3428e30cd656dcf12e1aa093e5bc5a7b08063aa634507d3a481d91
kernel-xenU-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 090858e148a88840bf068892efc9401c6554d1ca2db6c7b9995714057084b7ba
kernel-xenU-devel-2.6.9-78.0.32.EL.x86_64.rpm SHA-256: 090858e148a88840bf068892efc9401c6554d1ca2db6c7b9995714057084b7ba
ia64
kernel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: 35d2dc0b5fcd9876ea91b464b28d7c429beae0ab84ce7379f0c2f1ad51177f09
kernel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: 35d2dc0b5fcd9876ea91b464b28d7c429beae0ab84ce7379f0c2f1ad51177f09
kernel-devel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: a817a6f5a68ef474560c9cfe7b524c4ebabbc117fa4746a06cd8345571711b7a
kernel-devel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: a817a6f5a68ef474560c9cfe7b524c4ebabbc117fa4746a06cd8345571711b7a
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.ia64.rpm SHA-256: 50c53913bbc04a45db7a55d1620b1b26d5c9085b3c839e68e939786ab938758d
kernel-largesmp-2.6.9-78.0.32.EL.ia64.rpm SHA-256: 50c53913bbc04a45db7a55d1620b1b26d5c9085b3c839e68e939786ab938758d
kernel-largesmp-devel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: f944730d73220bb39669634d6de6cbc6679b5a442b2d742779ddc09f043364f4
kernel-largesmp-devel-2.6.9-78.0.32.EL.ia64.rpm SHA-256: f944730d73220bb39669634d6de6cbc6679b5a442b2d742779ddc09f043364f4
i386
kernel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 17c68518296e7cb2c4be819e466b362b6a600d966af8a0bbe3102e0d77450e9c
kernel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 17c68518296e7cb2c4be819e466b362b6a600d966af8a0bbe3102e0d77450e9c
kernel-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 25255b610437b6a541bdcc945ce5fa82eac789594fdeaf2673a458e13a09470d
kernel-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 25255b610437b6a541bdcc945ce5fa82eac789594fdeaf2673a458e13a09470d
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-hugemem-2.6.9-78.0.32.EL.i686.rpm SHA-256: cb967a0457aa02577a27ef270e86fe23c9844aeb7ee4dd7b4f547bcfcef322a6
kernel-hugemem-2.6.9-78.0.32.EL.i686.rpm SHA-256: cb967a0457aa02577a27ef270e86fe23c9844aeb7ee4dd7b4f547bcfcef322a6
kernel-hugemem-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: eddd03541cc1bdc2c44df3401a02f4875ad2e2327bfa5f6be5a905a887ce6fc5
kernel-hugemem-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: eddd03541cc1bdc2c44df3401a02f4875ad2e2327bfa5f6be5a905a887ce6fc5
kernel-smp-2.6.9-78.0.32.EL.i686.rpm SHA-256: 02692b777136cf10c5baa313e227d3397fbcc4633008c87baaedb07eba89e363
kernel-smp-2.6.9-78.0.32.EL.i686.rpm SHA-256: 02692b777136cf10c5baa313e227d3397fbcc4633008c87baaedb07eba89e363
kernel-smp-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 6a4e8e6b350f75b786441a04ad1a344282cbb5810dc58e8cdafeeaa77200339d
kernel-smp-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 6a4e8e6b350f75b786441a04ad1a344282cbb5810dc58e8cdafeeaa77200339d
kernel-xenU-2.6.9-78.0.32.EL.i686.rpm SHA-256: 14352732e152fbc6d6887cdc16bae51a7644b306f8a8d951b39524d79010143a
kernel-xenU-2.6.9-78.0.32.EL.i686.rpm SHA-256: 14352732e152fbc6d6887cdc16bae51a7644b306f8a8d951b39524d79010143a
kernel-xenU-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 402b934053e9502e028701682a6581edc0a4f888b3061285e293ba799cc89a01
kernel-xenU-devel-2.6.9-78.0.32.EL.i686.rpm SHA-256: 402b934053e9502e028701682a6581edc0a4f888b3061285e293ba799cc89a01

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.32.EL.src.rpm SHA-256: 35f73b8670ce7292543e762f975bf45616440776b6c9fcd30dce9931b6735fb1
s390x
kernel-2.6.9-78.0.32.EL.s390x.rpm SHA-256: b064f18d3f07c7162a2d6765a3b22783e9623a4c9592a455faf074ee14e7732a
kernel-devel-2.6.9-78.0.32.EL.s390x.rpm SHA-256: 61582a46143825cd2ab2412cc678d5a27a5402b1574c50e6d8599ea4d361b4f4
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
s390
kernel-2.6.9-78.0.32.EL.s390.rpm SHA-256: a74e3864a328d7c7741213b60d26decb005ff26169136fbd6e2b19439ae28bca
kernel-devel-2.6.9-78.0.32.EL.s390.rpm SHA-256: 57cbd55838ac65534b009ca29b7e4f4a637c9f98f1f77e17d7b208b41dd5141a
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.32.EL.src.rpm SHA-256: 35f73b8670ce7292543e762f975bf45616440776b6c9fcd30dce9931b6735fb1
ppc
kernel-2.6.9-78.0.32.EL.ppc64.rpm SHA-256: 04c71d0cfcea56b76d5af1e2518fe90453cd2b1069d9c12ba338adf75e524d4c
kernel-2.6.9-78.0.32.EL.ppc64iseries.rpm SHA-256: 6fccae1b5862c2b4e2eb855a488dc887141503c8768f02b7cf98e6e05ac6a328
kernel-devel-2.6.9-78.0.32.EL.ppc64.rpm SHA-256: 024511bc18e95aaab9bdd4e94717acf387478f60446f7dfd16afeceecfe338b9
kernel-devel-2.6.9-78.0.32.EL.ppc64iseries.rpm SHA-256: 8d75ca13e7b1d0b11830adb91ff8b6a559a78674b91d410911fc1d2e2c0d82bf
kernel-doc-2.6.9-78.0.32.EL.noarch.rpm SHA-256: b89bc17e84eadb146cb500ffcb93d589e38a60695f725b6e7301d4642a1df7c0
kernel-largesmp-2.6.9-78.0.32.EL.ppc64.rpm SHA-256: 46ea0b5d446db2b404c44f630803713afbcf60049217debafe630b2ac5d94c13
kernel-largesmp-devel-2.6.9-78.0.32.EL.ppc64.rpm SHA-256: 725209bfb401938ddf48e75a5f953b9c467922ac4cd589238b94265cfcf6aa71

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.