Linux kernel 20080714

abstract

Linux kernel
SuSE Linux Maintenance Web (dd4ff74b273d12c2372f78981ed28f80)

Applies to

Package: kernel-bigsmp kernel-bigsmp-debuginfo kernel-debug kernel-debug-debuginfo kernel-default kernel-default-debuginfo kernel-kdump kernel-kdump-debuginfo kernel-kdumppae kernel-kdumppae-debuginfo kernel-smp kernel-smp-debuginfo kernel-source kernel-source-debuginfo kernel-syms kernel-syms-debuginfo kernel-vmi kernel-vmi-debuginfo kernel-vmipae kernel-vmipae-debuginfo kernel-xen kernel-xen-debuginfo kernel-xenpae kernel-xenpae-debuginfo
Product(s):
SUSE Linux Enterprise Desktop 10 SP2 for x86
SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86
SLE SDK 10 SP2 for x86
SUSE Linux Enterprise Server 10 SP2 for x86
Patch: sledp2-kernel-5423

Release: 20080714
Obsoletes: none

details

Indications

Everyone using the Linux Kernel on x86 architecture should update.

Contraindications

None.

Problem description

This kernel update fixes the following security problems:

• CVE-2008-1615: On x86_64 a denial of service attack could be used by local attackers to immediately panic / crash the machine.
• CVE-2008-1669: Fixed a SMP ordering problem in fcntl_setlk could potentially allow local attackers to execute code by timing file locking.
• CVE-2008-2372: Fixed a resource starvation problem in the handling of ZERO mmap pages.
• CVE-2008-1673: The asn1 implementation in (a) the Linux kernel, as used in the cifs and ip_nat_snmp_basic modules does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
• CVE-2008-2812: Various tty / serial devices did not check functionpointers for NULL before calling them, leading to potential crashes or code execution. The devices affected are usually only accessible by the root user though.
• CVE-2008-2931: A missing permission check in mount changing was added which could have been used by local attackers to change the mountdirectory.

Additionally a very large number of bugs was fixed. Details can be found in the RPM changelog of the included packages.

OCFS2 has been upgraded to the 1.4.1 release:

• Endian fixes
• Use slab caches for DLM objects
• Export DLM state info to debugfs
• Avoid ENOSPC in rare conditions when free inodes are reserved by other nodes
• Error handling fix in ocfs2_start_walk_page_trans()
• Cleanup lockres printing
• Allow merging of extents
• Fix to allow changing permissions of symlinks
• Merged local fixes upstream (no code change)

Solution

Please install the updates provided at the location noted below.

Installation notes

This update is provided as an RPM package that can easily be installed onto a running system.

First, find out which kernel package to use, for example with

rpm -qf /boot/vmlinuz

Download the kernel image fitting your setup and install it with:

rpm -Fvh kernel-*.rpm

In case you are using LILO as bootmanager, please make sure that you also execute the command

lilo

after installing the update for the system to remain bootable. If you are using GRUB you don't need to do anything.

Finally, reboot the system with

shutdown -r now

to load the new kernel (replace "now" with the appropriate amount of time to allow local users to cleanly log out, for example "+5" for five minutes.)