Important: kernel (SL6)

By Scientific Linux Team on June 8, 2011

Synopsis: Important: kernel security and bug fix update
Issue Date: 2011-06-01
CVE Numbers: CVE-2010-3858
CVE-2011-1598
CVE-2011-1748
CVE-2011-1770
CVE-2011-1771

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issues:

* An integer underflow flaw, leading to a buffer overflow, was found in the
Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation.
This could allow a remote attacker to cause a denial of service.
(CVE-2011-1770, Important)

* Missing sanity checks were found in setup_arg_pages() in the Linux
kernel. When making the size of the argument and environment area on the
stack very large, it could trigger a BUG_ON(), resulting in a local denial
of service. (CVE-2010-3858, Moderate)

* A missing validation check was found in the bcm_release() and
raw_release() functions in the Linux kernel’s Controller Area Network (CAN)
implementation. This could allow a local, unprivileged user to cause a
denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)

* The fix provided in SLSA-2011:0542, introduced a regression in the
cifs_close() function in the Linux kernel’s Common Internet File System (CIFS)
implementation. A local, unprivileged user with write access to a CIFS file
system could use this flaw to cause a denial of service.
(CVE-2011-1771, Moderate)

The system must be rebooted for this update to take effect.

SL6
x86_64
kernel-2.6.32-131.2.1.el6.x86_64.rpm
kernel-debug-2.6.32-131.2.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-131.2.1.el6.x86_64.rpm
kernel-devel-2.6.32-131.2.1.el6.x86_64.rpm
kernel-headers-2.6.32-131.2.1.el6.x86_64.rpm
perf-2.6.32-131.2.1.el6.x86_64.rpm
i386
kernel-2.6.32-131.2.1.el6.i686.rpm
kernel-debug-2.6.32-131.2.1.el6.i686.rpm
kernel-debug-devel-2.6.32-131.2.1.el6.i686.rpm
kernel-devel-2.6.32-131.2.1.el6.i686.rpm
kernel-headers-2.6.32-131.2.1.el6.i686.rpm
perf-2.6.32-131.2.1.el6.i686.rpm
noarch
kernel-doc-2.6.32-131.2.1.el6.noarch.rpm
kernel-firmware-2.6.32-131.2.1.el6.noarch.rpm

– Scientific Linux Development Team