Security update for Linux kernel
Knowledgebase
(Last modified: 31JAN2005)
solutions Security update for Linux kernel SuSE Linux Maintenance Web (6c7439aa4c1c8463a80d807d6dccf9f9)
kernel-smp
kernel-source
kernel-syms
Product(s): SUSE CORE 9 for AMD64 and Intel EM64T
Patch: patch-9826
Release: 20050131
Obsoletes: 114f15c90aac724a4d2fb27820a6ddc9
303377550ee97916c59afca6d7adf50f
c04aa0719a661fe434fc56b65125c187
- An NFS Direct I/O local denial of service could allow a local attacker to crash the machine.
- A previous smbfs security fix was faulty, writes did no longer work on smbfs shares.
- Unsigned vs signed problems in the generic scsi ioctl handler were reported by grsecurity. They have no impact due to the compiler using unsigned arithmetic, but are fixed nevertheless.
- ppos /proc file race conditions in the mapped_base and oom_adjust proc files were fixed.
- A bug in the pciconfig sysfs interface could cause incorrect values to be read from and written to PCI config space.
- A locking problem in CKRM could lead to a crash.
- In low memory situations, large writes would not be serviced in a timely fashion.
- The initialization of the bio->bi_bdev field was incorrect.
- VFS callouts for flock were added.
- MD on top of Device Mapper based devices was not working and lead to kernel crashes.
- Non-fatal errors encountered during readahead operations caused the device mapper multipath to fail the hardware path.
- A race condition in the kernel timer code could lead to kernel crashes under high load.
- An inetaddr notification problem with SCTP could lead to machine crashes.
- Lots of bugs and problems were fixed in the NSS Netware Storage System module.
- Several bugs in the DRBD device driver were fixed.
- CPU detection was moved to an earlier stage so that clustered APIC mode can be turned off reliably on AMD hardware.
- The 32bit vsyscall page was incorrectly marked GLOBAL which could lead to TLB corruptions.
- The number of MP busses was too low.
- A signedness issues in the signal register set lead to incorrect evaluation of systemcall results.
- A TLB context switch bug was partially fixed.
First, find out which kernel package to download and use, for example with
rpm -qf /boot/vmlinuz
Download the kernel image fitting your setup and install it with either:
- rpm -Fvh kernel-syms*.rpm kernel-default*.rpm for the default kernel image, or
- rpm -Fvh kernel-syms*.rpm kernel-smp*.rpm for the SMP kernel image
Finally, reboot the system with
shutdown -r now
to load the new kernel (replace "now" with the appropriate amount of time to allow local users to cleanly log out, for example "+5" for five minutes.)
Download Source Packages
Download the source code of the patches for maintained products.
Disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.