Issued:
2010-09-28
Updated:
2010-09-28

RHSA-2010:0719 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.7 Extended Update Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

  • The compat_alloc_user_space() function in the Linux kernel 32/64-bit

compatibility layer implementation was missing sanity checks. This function
could be abused in other areas of the Linux kernel if its length argument
can be controlled from user-space. On 64-bit systems, a local, unprivileged
user could use this flaw to escalate their privileges. (CVE-2010-3081,
Important)

Red Hat would like to thank Ben Hawkes for reporting this issue.

Refer to Knowledgebase article DOC-40265 for further details:
https://access.redhat.com/kb/docs/DOC-40265

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

To install kernel packages manually, use "rpm -ivh [package]". Do not
use "rpm -Uvh" as that will remove the running kernel binaries from
your system. You may use "rpm -e" to remove old kernels after
determining that the new kernel functions properly on your system.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 i386
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7 ppc

Fixes

  • BZ - 634457 - CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.33.EL.src.rpm SHA-256: 78bfe08c8695a0d526c34b740636eb1b5d8e3a47483674218de82ea28aea1253
x86_64
kernel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 92342524c94e1cf631991e5da8757b51b362b110bf3931ae2a35ea19d3ea5df6
kernel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 92342524c94e1cf631991e5da8757b51b362b110bf3931ae2a35ea19d3ea5df6
kernel-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 5a7f9aed07bbd2d1050b0b43b7f84a8e69b63e484ad47477c5017c390d232c76
kernel-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 5a7f9aed07bbd2d1050b0b43b7f84a8e69b63e484ad47477c5017c390d232c76
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-largesmp-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 98aff977f7c74d4f1a7b4f294d0250079a5aa3e0168c4c3b250fcc2af7dd9fa5
kernel-largesmp-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 98aff977f7c74d4f1a7b4f294d0250079a5aa3e0168c4c3b250fcc2af7dd9fa5
kernel-largesmp-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 4597c884b3e73ab7eb8096c67a798e499172df078789ec64b441889aab0f14c7
kernel-largesmp-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 4597c884b3e73ab7eb8096c67a798e499172df078789ec64b441889aab0f14c7
kernel-smp-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 6257d74da5588a4bc95fe4305998f121939b8c1225b08bbe555113ab7b6a43d1
kernel-smp-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 6257d74da5588a4bc95fe4305998f121939b8c1225b08bbe555113ab7b6a43d1
kernel-smp-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 52c7710b3c9549798c189eba019f2d8f358df6b43a6ee251d42a7cec5c563096
kernel-smp-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 52c7710b3c9549798c189eba019f2d8f358df6b43a6ee251d42a7cec5c563096
kernel-xenU-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: bd6b535d22f2d685c2b8509039ead9b10a91906b33c612207576cb925c9ff13e
kernel-xenU-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: bd6b535d22f2d685c2b8509039ead9b10a91906b33c612207576cb925c9ff13e
kernel-xenU-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 06d2940ba32059462c650661b7da8baef6d129df01402fcf79a227ddf62e40ed
kernel-xenU-devel-2.6.9-78.0.33.EL.x86_64.rpm SHA-256: 06d2940ba32059462c650661b7da8baef6d129df01402fcf79a227ddf62e40ed
ia64
kernel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 968bd3cb94e07f04b4a682cd6d387e2479caa76fde46e21c3898820f3a4ef542
kernel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 968bd3cb94e07f04b4a682cd6d387e2479caa76fde46e21c3898820f3a4ef542
kernel-devel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 4fbf79a7e3825d722a9ffcb99d15759271ae967ff11dfe84606fb01c7069330b
kernel-devel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 4fbf79a7e3825d722a9ffcb99d15759271ae967ff11dfe84606fb01c7069330b
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-largesmp-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 74c0b324232e92b5f6c073d958cf9908e4c783d832d292ac13c5d7a43a47b16e
kernel-largesmp-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 74c0b324232e92b5f6c073d958cf9908e4c783d832d292ac13c5d7a43a47b16e
kernel-largesmp-devel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 35fa21f8a31e30789dd0738f5d6893d279ca20b0668928ced408eb4521ef5765
kernel-largesmp-devel-2.6.9-78.0.33.EL.ia64.rpm SHA-256: 35fa21f8a31e30789dd0738f5d6893d279ca20b0668928ced408eb4521ef5765
i386
kernel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 72226d8b9a7f9f2575140bf93e61b2026b673100440ac077227d8f2eb0dcb853
kernel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 72226d8b9a7f9f2575140bf93e61b2026b673100440ac077227d8f2eb0dcb853
kernel-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 878d1e346d4299619583102aa20d50a976385fe02bef5103c982cb0023fbab5a
kernel-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 878d1e346d4299619583102aa20d50a976385fe02bef5103c982cb0023fbab5a
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-hugemem-2.6.9-78.0.33.EL.i686.rpm SHA-256: d952c068d2ef795304d0bcd2b86cd72d6168548dac8054c546adabfff8390a09
kernel-hugemem-2.6.9-78.0.33.EL.i686.rpm SHA-256: d952c068d2ef795304d0bcd2b86cd72d6168548dac8054c546adabfff8390a09
kernel-hugemem-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 78f199afc8397ec9914687d58fc034d57aeb2647886bf5cb2f6229220c0fad5b
kernel-hugemem-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: 78f199afc8397ec9914687d58fc034d57aeb2647886bf5cb2f6229220c0fad5b
kernel-smp-2.6.9-78.0.33.EL.i686.rpm SHA-256: f41c92cd62c0f6ace5c9cd6a0056626986b64a99045bc1d125f5f729122fef7c
kernel-smp-2.6.9-78.0.33.EL.i686.rpm SHA-256: f41c92cd62c0f6ace5c9cd6a0056626986b64a99045bc1d125f5f729122fef7c
kernel-smp-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: c93c5eb5dc6198189f798ebe1e6fb4be5fab325d6713d83a4eac1cf9aee2f8c5
kernel-smp-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: c93c5eb5dc6198189f798ebe1e6fb4be5fab325d6713d83a4eac1cf9aee2f8c5
kernel-xenU-2.6.9-78.0.33.EL.i686.rpm SHA-256: 46a4acf89b015a4d8b39f7ab4c6ad7365c5b4d59a3e9302d6e47147bb1d75df2
kernel-xenU-2.6.9-78.0.33.EL.i686.rpm SHA-256: 46a4acf89b015a4d8b39f7ab4c6ad7365c5b4d59a3e9302d6e47147bb1d75df2
kernel-xenU-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: f1e21b17420547ef79453345cb82e0c0ecadd28b196ab24cbbeb6063c76d7e5f
kernel-xenU-devel-2.6.9-78.0.33.EL.i686.rpm SHA-256: f1e21b17420547ef79453345cb82e0c0ecadd28b196ab24cbbeb6063c76d7e5f

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.33.EL.src.rpm SHA-256: 78bfe08c8695a0d526c34b740636eb1b5d8e3a47483674218de82ea28aea1253
s390x
kernel-2.6.9-78.0.33.EL.s390x.rpm SHA-256: 5485030883fab77a99ab7e1c320e740e1d715bd6f23d689bcab109eeb63df54d
kernel-devel-2.6.9-78.0.33.EL.s390x.rpm SHA-256: 867fc28f34eb5265354fcad179530d10152a38969c4a3b0ce4d5c48f05af9f1a
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
s390
kernel-2.6.9-78.0.33.EL.s390.rpm SHA-256: 88373418cdb1c8fdca67a5cf8b43cd37cc859ecf6b71201954a3ce167863766f
kernel-devel-2.6.9-78.0.33.EL.s390.rpm SHA-256: da5fd4c79bae4a1b12c14117c4b16bba3a4f74ad29a29056a7d38b2ee93c6728
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7

SRPM
kernel-2.6.9-78.0.33.EL.src.rpm SHA-256: 78bfe08c8695a0d526c34b740636eb1b5d8e3a47483674218de82ea28aea1253
ppc
kernel-2.6.9-78.0.33.EL.ppc64.rpm SHA-256: 5713ba18e9c84f961b30322403b792ce64a91a99a7bc224e2d699bafcf159ac3
kernel-2.6.9-78.0.33.EL.ppc64iseries.rpm SHA-256: e05f3a35b8fbf906cfacb66a826fbfc9824b87aa831a242f83315a4f6c567d55
kernel-devel-2.6.9-78.0.33.EL.ppc64.rpm SHA-256: 7ffddd0765189bef29b21718de46d4a83d8b3b37c64b0fbf7821652af7a4df26
kernel-devel-2.6.9-78.0.33.EL.ppc64iseries.rpm SHA-256: eaf51c5fa0da352e7ceddf56a98bc142edf845d796cb5b7de685b9485fde49a3
kernel-doc-2.6.9-78.0.33.EL.noarch.rpm SHA-256: 88c421594ddaeb6205d97fdf20d1b765a83f45cf71d4639b034f9f42665a8839
kernel-largesmp-2.6.9-78.0.33.EL.ppc64.rpm SHA-256: 7c196cdf440e31448aacf4ef9aa7bbc387c6825bcd496098599777e06fcc42d9
kernel-largesmp-devel-2.6.9-78.0.33.EL.ppc64.rpm SHA-256: c5ede6bfc03631835156fba2618e3ab2fe14b7db174a38a89e57fa42c9c18dfb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.