kernel-2.6.18-128.16.AXS3

エラータID: AXSA:2010-259:03

リリース日: 
2010/04/23 Friday - 16:06
題名: 
kernel-2.6.18-128.16.AXS3
影響のあるチャネル: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
Security issues fixed with this release:
CVE-2009-4027
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
CVE-2009-4307
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).
CVE-2010-0727
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.

解決策: 

Update packages.

CVE: 
CVE-2009-4027
Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.
CVE-2009-4307
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 2.6.32-git6 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value).
CVE-2010-0727
The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux kernel on Red Hat Enterprise Linux (RHEL) 5 and 6, does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service (BUG and system crash) by locking a file on a (1) GFS or (2) GFS2 filesystem, and then changing this file's permissions.




追加情報: 

N/A

ダウンロード: 

SRPMS
  1. kernel-2.6.18-128.16.AXS3.src.rpm
    MD5: 6f23ef60494b7ba76a870166c10125bb
    SHA-256: 634683f638d620459667d23ad9b676479f14d7b868a37f530415eba051b8ac1d
    Size: 67.72 MB

Asianux Server 3 for x86
  1. kernel-2.6.18-128.16.AXS3.i686.rpm
    MD5: a94f11e50dd8e1e694e3775902c021f5
    SHA-256: 9ae629c9495da0cf0d25a70c20a9c18b8000b60925e3e77c5dd73737b064f673
    Size: 15.39 MB
  2. kernel-devel-2.6.18-128.16.AXS3.i686.rpm
    MD5: 89cecf83c362bc69fe3287614ece277f
    SHA-256: 381fc249d72a28ab4643dfb9014b9f473f8bbe7a886ea655382ecbc19b967c70
    Size: 5.15 MB
  3. kernel-PAE-2.6.18-128.16.AXS3.i686.rpm
    MD5: f3b05daf40852dd88c413d12d9c21064
    SHA-256: db0268539193f92e3e4e384683c9298d1bb32467b44685029cfc3543afbb40e0
    Size: 15.40 MB
  4. kernel-PAE-devel-2.6.18-128.16.AXS3.i686.rpm
    MD5: ddf8e0fd81e12b73545dd93ef8002c0f
    SHA-256: b770fc525f134632590db205567790e8cb8b3b80fd5561d58cfb88f43dbb15dc
    Size: 5.16 MB
  5. kernel-xen-2.6.18-128.16.AXS3.i686.rpm
    MD5: 0ea4bdd9b4780659b55864b4f9c8784c
    SHA-256: 26c9e532b233bc4e3f74df01fc7c70d1d2f5f17e300329c5483711947d9705e7
    Size: 16.36 MB
  6. kernel-xen-devel-2.6.18-128.16.AXS3.i686.rpm
    MD5: be77bafc88705f34aafe5b7672ac2701
    SHA-256: 853e0dc01c244e58ad8846d3150906650ba33a403d4265f52dd7a44388d0576b
    Size: 5.15 MB
  7. kernel-doc-2.6.18-128.16.AXS3.noarch.rpm
    MD5: 5ead54707721931c3daeb0b6e91429cb
    SHA-256: 37502657f3c7676c50bfaf33f2b6810a09fad6ab7471cae4fcad7039c3dfb141
    Size: 2.93 MB
  8. kernel-headers-2.6.18-128.16.AXS3.i386.rpm
    MD5: c4b1a3b6bd09e2e6afe546e3c7ba7a2c
    SHA-256: 5d95dcc29b923f44efd9ebc92d39f295a97a5f0ca7da8e335a3ab9e676c91ec9
    Size: 957.21 kB

Asianux Server 3 for x86_64
  1. kernel-2.6.18-128.16.AXS3.x86_64.rpm
    MD5: 75d0f86d5fbe6c5bb19031a0d2f0e021
    SHA-256: 6d58fb720b355145f223857ce2e2513cfd307f6de307695413b9c4c03735e72c
    Size: 16.95 MB
  2. kernel-devel-2.6.18-128.16.AXS3.x86_64.rpm
    MD5: 384e27954864af743c68f370513c3e98
    SHA-256: 0885ddd7c7b8a6ff9257197970b4316194eaf1b7899d25e7e6a6dce3239e2b63
    Size: 5.34 MB
  3. kernel-headers-2.6.18-128.16.AXS3.x86_64.rpm
    MD5: c6da6722a3e309104b3b11fb2f1c212a
    SHA-256: 4da995bc4c32b0cd95351cf519b8599ee420cfe2fb0c751f69ebf06c12afcd54
    Size: 0.97 MB
  4. kernel-xen-2.6.18-128.16.AXS3.x86_64.rpm
    MD5: e5533ed3834018b42686603698d8d99f
    SHA-256: 1481d52249d7cbf8c68ee95513e72cbad9b4e53a00564850ab939734b57dc277
    Size: 17.60 MB
  5. kernel-xen-devel-2.6.18-128.16.AXS3.x86_64.rpm
    MD5: 2806c0bb85e88c4dc40750eead99030a
    SHA-256: 7c2f03dd82070d788f1988b067fe162a36c450c2417efb04e176a43433385914
    Size: 5.35 MB
  6. kernel-doc-2.6.18-128.16.AXS3.noarch.rpm
    MD5: cfd3e3c75a98e2e0d1f968bbb717d6c3
    SHA-256: e0cab420b1ace81fb7b31acb5f4d17cf519c4da7af8f1f3b90d8387a5b78d765
    Size: 2.92 MB