[Ksplice][RHEL 5 Updates] New updates available via Ksplice (RHSA-2010:0147-1)

Nelson Elhage nelhage at ksplice.com
Wed Mar 17 13:01:35 PDT 2010 

Synopsis: RHSA-2010:0147-1 can now be patched using Ksplice
CVEs: CVE-2009-4308 CVE-2010-0007 CVE-2010-0415 CVE-2010-0437
Red Hat Security Advisory Severity: Important

Systems running Red Hat Enterprise Linux 5 and CentOS 5 can now use
Ksplice to patch against the latest Red Hat Security Advisory,
RHSA-2010:0147-1.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack RHEL 5 and CentOS 5 users
install these updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* Kernel crash forwarding network traffic.

A programming error in the Generic Receive Offload implementation in
the linux kernel could generate invalid packet structures with certain
network cards, resulting in a kernel crash (BUG) if those packets are
then forwarded to another network interface.


* CVE-2010-0437: NULL pointer dereference in ip6_dst_lookup_tail.

A NULL pointer dereference flaw was found in the ip6_dst_lookup_tail()
function in the Linux kernel. An attacker on the local network could
trigger this flaw by sending IPv6 traffic to a target system, leading
to a system crash (kernel OOPS) if dst->neighbour is NULL on the
target system when receiving an IPv6 packet. (CVE-2010-0437,
Important)


* CVE-2010-0007: Missing capabilities check in ebtables module.

The ebtables module in the netfilter framework in the Linux kernel did
not require the CAP_NET_ADMIN capability for setting or modifying
rules, which allows local users to bypass intended access restrictions
and configure arbitrary network-traffic filtering via a modified
ebtables application. (CVE-2010-0007, Low)


* CVE-2010-0415: Information Leak in sys_move_pages

A missing boundary check was found in the do_move_pages() function in
the memory migration functionality in the Linux kernel. A local user
could use this flaw to cause a local denial of service or an
information leak.  (CVE-2010-0415, Important)


* CVE-2009-4308: NULL pointer dereference in ext4 decoding EROFS w/o a journal.

The ext4_decode_error function in fs/ext4/super.c in the ext4
filesystem in the Linux kernel before 2.6.32 allows user-assisted
remote attackers to cause a denial of service (NULL pointer
dereference), and possibly have unspecified other impact, via a
crafted read-only filesystem that lacks a journal. (CVE-2009-4308,
Moderate)

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Ksplice-EL5-Updates mailing list