[SECURITY] Fedora 8 Update: kernel-

updates at fedoraproject.org updates at fedoraproject.org
Thu Oct 23 16:38:12 UTC 2008

Fedora Update Notification
2008-10-23 16:03:13

Name        : kernel
Product     : Fedora 8
Version     :
Release     : 49.fc8
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

Update Information:

Update kernel from version to
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-    CVE-2008-3831
An IOCTL in the i915 driver was not properly restricted to users with the
proper capabilities to use it.    CVE-2008-4410  The vmi_write_ldt_entry
function in arch/x86/kernel/vmi_32.c in the Virtual  Machine Interface (VMI) in
the Linux kernel invokes write_idt_entry  where write_ldt_entry was
intended, which allows local users to cause a  denial of service (persistent
application failure) via crafted function calls,  related to the Java Runtime
Environment (JRE) experiencing improper LDT  selector state, a different
vulnerability than CVE-2008-3247.    CVE-2008-3525  The sbni_ioctl function in
drivers/net/wan/sbni.c in the wan subsystem in  the Linux kernel does
not check for the CAP_NET_ADMIN capability  before processing a (1)
SIOCDEVEMANSIPATE ioctl request, which allows local  users to bypass intended
capability restrictions.    CVE-2008-4554  The do_splice_from function in
fs/splice.c in the Linux kernel before 2.6.27  does not reject file descriptors
that have the O_APPEND flag set, which allows  local users to bypass append mode
and make arbitrary changes to other locations  in the file.    CVE-2008-4576
sctp in Linux kernel before allows remote attackers to cause a denial
of service (OOPS) via an INIT-ACK that states the peer does not support AUTH,
which causes the sctp_process_init function to clean up active transports and
triggers the OOPS when the T1-Init timer expires.      Also fixes these bugs
reported against Fedora 9:  465873 - kernel build-id note corruption  466303 -
IPSec kernel lockup.  464613 - 11143 unconditional linker option
arch/powerpc/lib/crtsavres.o causes external module buildfailure  463034 -
[sata_nv swncq] kernel raid errors: "md: super_written gets
error=-5, uptodate=0"  460550 - Insert key does not work on console since 2.6.26
438606 - at76 stops working with port to mac80211  466511 - Kernel crash when
using openswan  462919 - kernel TT-budget C-1500 DVB card
is not longer working  462178 - PCMCIA CF adaptor causes kernel hang at
"Starting UDEV:"

* Fri Oct 17 2008 Chuck Ebbert <cebbert at redhat.com>
- Two security patches from F9:
    Fix IOCTL permission checking in sbni WAN adapter (CVE-2008-3525).
    DRM: fix ioctl security issue (CVE-2008-3831).
* Thu Oct 16 2008 Chuck Ebbert <cebbert at redhat.com>
- Fix RTC on systems that don't describe it in PnP (F9#451188)
* Wed Oct 15 2008 Chuck Ebbert <cebbert at redhat.com>
- Copy utrace updates from F-9.
* Tue Oct 14 2008 Chuck Ebbert <cebbert at redhat.com>
- Fix pci mmap range checking to work without the WARN() macro.
* Tue Oct 14 2008 Chuck Ebbert <cebbert at redhat.com>
- Two x86 fixes from F9:
  x86, early_ioremap: fix fencepost error
  x86: SB450: skip IRQ0 override if it is not routed to INT2 of IOAPIC
* Tue Oct 14 2008 Chuck Ebbert <cebbert at redhat.com>
- Three libata fixes from F9:
  libata: always do follow-up SRST if hardreset returned -EAGAIN
  libata: fix EH action overwriting in ata_eh_reset()
  libata: sata_nv: SWNCQ should be disabled by default (#463034)
* Mon Oct 13 2008 Chuck Ebbert <cebbert at redhat.com>
- x86: Reserve FIRST_DEVICE_VECTOR in used_vectors bitmap.
* Mon Oct 13 2008 Chuck Ebbert <cebbert at redhat.com>
- libata: pata_marvell: use the upstream patch for playing nice with ahci
* Fri Oct 10 2008 Chuck Ebbert <cebbert at redhat.com>
- pci: check range on sysfs mmapped resources
* Fri Oct 10 2008 Chuck Ebbert <cebbert at redhat.com>
- Don't allow splice to files opened with O_APPEND.
* Fri Oct 10 2008 Chuck Ebbert <cebbert at redhat.com>
- Fix buffer overflow in uvcvideo driver.
* Fri Oct 10 2008 Chuck Ebbert <cebbert at redhat.com>
- Fix possible oops in get_wchan()
* Thu Oct  9 2008 Kyle McMartin <kyle at redhat.com>
- add e1000e: write protect nvram to prevent corruption patch from upstream
* Thu Oct  9 2008 Chuck Ebbert <cebbert at redhat.com>
- x86: switch to UP mode when only one CPU is present at boot time
* Thu Oct  9 2008 Chuck Ebbert <cebbert at redhat.com>
  Dropped patches:
  Reverted from upstream:
* Wed Oct  8 2008 Chuck Ebbert <cebbert at redhat.com>
- Disable the snd-aw2 module: it conflicts with video drivers. (F9#462919)
* Wed Oct  8 2008 Chuck Ebbert <cebbert at redhat.com>
- Copy dwmw2's build fixes from rawhide:
    Include arch/$ARCH/include/ directories in kernel-devel (F10#465486)
    Include arch/powerpc/lib/crtsavres.[So] too (F9#464613)
* Wed Oct  8 2008 Chuck Ebbert <cebbert at redhat.com>
- Fix build ID fiddling magic. (F9#465873)
- Move build-nonintconfig patch so it gets included in -vanilla.
* Mon Oct  6 2008 John W. Linville <linville at redhat.com>
- Re-revert at76_usb to version from before attempted mac80211 port
* Mon Sep 22 2008 Chuck Ebbert <cebbert at redhat.com>
- pcmcia: Fix broken abuse of dev->driver_data (F9#462178)
* Mon Sep 22 2008 Chuck Ebbert <cebbert at redhat.com>
- Copy forgotten libata patch from F9.

  [ 1 ] Bug #464502 - CVE-2008-3831 kernel: i915 kernel drm driver arbitrary ioremap
  [ 2 ] Bug #460401 - CVE-2008-3525 kernel: missing capability checks in sbni_ioctl()
  [ 3 ] Bug #466707 - CVE-2008-4554 kernel: don't allow splice() to files opened with O_APPEND
  [ 4 ] Bug #466079 - CVE-2008-4576 kernel: sctp: Fix oops when INIT-ACK indicates that peer doesn't support AUTH

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the Fedora-package-announce mailing list