AXSA:2008-501:06

リリース日: 
2008/12/04 Thursday - 12:50
題名: 
kernel-2.6.18-53.13AXS3
影響のあるチャネル: 
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Severity: 
High
Description: 

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.
CVE-2007-6417:
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).
CVE-2007-6716:
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
CVE-2008-2931:
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.
CVE-2008-3272:
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
CVE-2008-3275:
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (overflow of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
- [cpufreq] : coordinate to keep abi compatibility [Bug 4145]
- revert : CVE-2007-4571 : Convert snd-page-alloc proc file to use seq_file for
- alsa [Bug 4145]
- [sky2] : Disable checksum on Yukon2-XL to prevent an annoying error message caused by the chip glitch [Bug 4898]
- [scsi] replace : megaraid_sas: wait for cmd_status to change [Bug 4543]
- [nfs] sunrpc: fix hang due to eventd deadlock [Bug 4703]
- [nfs] sunrpc: fix a race in rpciod_down [Bug 4703]
- [scsi] megaraid_sas: wait for cmd_status to change [Bug 4543]
- [scsi] megaraid_sas: many illegal interrupts appear [Bug 4779]
- [cpufreq] Add check for dmi_data in powernow_k8 driver [Bug 4604]
- [MAZE] Update MAZE to replace [Bug 4774]
- [cpufreq] revert: Hot fix about cpufreq [Bug 4604]
- [cxgb3] revert: Merge cxgb3 driver version 1.0.129a. Although TOE can work with CONFIG_TCP_OFFLOAD, we disable by default. [Bug 4145]
- [net] ipv6: Drop packets for loopback address from outside of the box [Bug 4546]
- [scsi] lpfc: Update version from 8.1.10.9 to 8.2.0.22 with bug fix [Bug 4462]
- [cpufreq] Hot fix about cpufreq [Bug 3958]
- [cpufreq] Hot fix about cpufreq [Bug 4531]
- [x86] Correct cpu cache info for Intel Tolapai [Bug 4475]
- [x86] Support ICH10 [Bug 4527]
- [misc] Fix a deadlock about smp_send_stop when panic [Bug 4205]
- [misc] Fix a deadlock on on_each_cpu [Bug 4345]
- [x86] report_lost_ticks fix up [Bug 4161]
- [e1000e] Revert 7.6.15.5-NAPI and update to 0.2.9.5 [Bug 4247]
- [net] (IPV6) Accept routing header only when hdr->segments_left is zero [Bug 4377]
- [net] (IPV6) Fix BUG of ndisc_send_redirect () backport from 2.6.20 [Bug 4379]
- [net] (IPV6) Fix ICMPv6 redirect handling with target multicast address backport from 2.6.23 [Bug 4379]
- [net] (IPV6) Defer IPv6 device initialization until a valid qdisc is specified [Bug 4380]
- [ioat] Update ioat device ids [Bug 4289]
- CVE-2007-4571 : Convert snd-page-alloc proc file to use seq_file for alsa
- CVE-2007-4997 : off-by-two integer underflow for ieee80211
- CVE-2007-5494 : missing dput in do_lookup error leaks dentries for fs
- [fs] sysfs: store inode nrs in s_ino {CVE-2007-3104}
- [fs] sysfs: fix condition check in sysfs_drop_dentry () CVE-2007-3104}
- [fs] sysfs: fix race condition around sd->s_dentry {CVE-2007-3104} []
- [fs] core dump file ownership{CVE-2007-6206}
- [fs] corruption by unprivileged user in directories {CVE-2008-0001}
- CVE-2008-0600 : kernel vmsplice_to_pipe flaw
- CVE-2006-6921 : Denial of service with wedged processes
- CVE-2007-6063 : fix possible isdn_net buffer overflows
- CVE-2007-6694 : fix possible strncmp NULL pointer usage
- CVE-2007-5938 : fix NULL dereference in iwl driver
- [KAHO] Delete Debug option [Bug 4290]
- [KAHO] Fix the invalid state change [Bug 4291]
- [KAHO] Fix the deadlock in consecutive memory allocation [Bug 4292]
- [KAHO] Fix typo in error message [Bug 4293]
- [MAZE] Update MAZE to replace [Bug 4309]
- [e1000e] Fix network link down when repeating to reboot [Bug 4184]
- [MAZE] Update MAZE to replace [Bug 4181]
- [E7221] Add E7221 pci ids to kernel [Bug 3909]
- [IA64] forbid ptrace changes psr.ri to 3 [Bug 3576]
- [igb] Backport .6.18 [Bug 4129]
- [stex] Update 06.0205.00 [Bug 3858]
- [ocfs2] Update version number to 1.2.8 [Bug 4073]
- [e1000e] Fix unknown symbol e1000_intr_msi [Bug 4105]
- [e1000e] Fix ethtool gets a wrong driver name [Bug 4144]
- [IOAPIC] Fix IOAPIC uniqe ID checking [Bug 4057]
- [cxgb3] Merge cxgb3 driver version 1.0.129a. Although TOE can work with CONFIG_TCP_OFFLOAD, we disable by default. [Bug 3928]
- [ixgbe] Add support ixgbe-1.3.16.1 [ Bug 3950]
- [dca] Add a new module dca which depend by ioat && ixgbe
- [igb] Update igb driver to version 1.2.22 [Bug 3954]
- [ioat] Update ioat driver to version 1.9 and support unisys [Bug 3956]
- [ACPICA] Fix acpi-cpufreq boot crash due to _PSD return-by-reference [ Bug 3957]
- [e1000e] Update e1000e to v7.6.15 with replace [Bug 4055]
- [comptemp] Add support coretemp driver for hwmon using a snapshot of torvalds/linux-2.6.git [Bug 4071]
- [it87] Add IT8716F/IT8718F/IT8726F support [Bug 4072]
- [ocfs2] Update ocfs2 driver to version 1.2.8-2 [Bug 4073]
- [PCI IDS] Update pci_ids
HT1000
MCP67/73/77
VIA VT8237S
INTEL TOLAPAI
BCM82XX
- [KAHO] Add KAHO runtime binary ion (bug#4019)
- [MAZE] Add MAZE Monitoring function (bug#4025)
- [SCTP] Upgrade of based codes to 2.6.21 of stock kernel and bug fix for AXS3SP1 (, bug#4027)
- Build Base Kernel For Asianux
- Merge patches from AX20 SP2
- Merge patches from AXS3
- [GFS2] handle multiple demote requests
- [scsi] megaraid_sas: kabi fix for /proc entries
- [sound] allow creation of null parent devices
- [net] iwlwifi: avoid BUG_ON in tx cmd queue processing
- [GFS2] Get super block a different way
- [GFS2] dlm: schedule during recovery loops
- Revert: [pata] IDE (siimage) panics when DRAC4 reset
- Revert: [net] bonding: convert timers to workqueues
- [pata] enable IDE (siimage) DRAC4
- [GFS2] gfs2_writepage(s) workaround
- [scsi] aacraid: Missing ioctl permission checks {CVE-2007-4308}
- [GFS2] Solve journaling/{release|invalidate}page issues
- [GFS2] Fix i_cache stale entry
- [GFS2] deadlock running revolver load with lock_nolock

解決策: 

Update packages

追加情報: 

From Asianux Server 3 SP1 updated packages.

ダウンロード: 
Copyright 2007-2022 Cybertrust Japan Co., Ltd. All rights reserved.