[Ksplice][RHEL 4 Updates] New updates available via Ksplice (RHSA-2010:0606-1)

[Tim Abbott]

Synopsis: RHSA-2010:0606-1 can now be patched using Ksplice
CVEs: CVE-2010-2248 CVE-2010-2521
Red Hat Security Advisory Severity: Important

Systems running Red Hat Enterprise Linux 4 and CentOS 4 can now use
Ksplice to patch against the latest Red Hat Security Advisory,
RHSA-2010:0606-1.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack RHEL 4 and CentOS 4 users
install these updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* CVE-2010-2248: Remote denial of service in CIFS client.

A flaw was found in the CIFSSMBWrite() function in the Linux kernel
Common Internet File System (CIFS) implementation.  A remote attacker
could send a specially-crafted SMB response packet to a target CIFS
client, resulting in a kernel panic. (CVE-2010-2248, Important).


* CVE-2010-2521: Remote buffer overflow in NFSv4 server.

Buffer overflow flaws were found in the Linux kernel's implementation
of the server-side External Data Representation (XDR) for the Network
File System (NFS) version 4.  An attacker on the local network could
send a specially-crafted large compound request to the NFSv4 server,
which could possibly result in a kernel panic (denial of service) or,
potentially, code execution. (CVE-2010-2521, Important).


* Kernel panic caused by incorrect reference counting in NFS server.

The rpc_call_async() function in the SUN Remote Procedure Call (RPC)
subsystem in the Linux kernel had a reference counting bug. In certain
situations, some Network Lock Manager (NLM) messages may have
triggered this bug on NFSv2 and NFSv3 servers, leading to a kernel
panic (with "kernel BUG at fs/lockd/host.c:[xxx]!" logged to
"/var/log/messages").

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.