FSA/F7/FEDORA-2007-1130

[SECURITY] Fedora 7 Update: kernel-2.6.22.1-27.fc7
Fedora Update Notification FEDORA-2007-1130 2007-07-20 12:33:20.969212

Name       : kernel Product    : Fedora 7 Version    : 2.6.22.1 Release    : 27.fc7 Summary    : The Linux kernel (the core of the Linux operating system) Description : The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Update Information:

Rebase kernel to 2.6.22.1: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.1

Includes the CFS scheduler from upstream kernel 2.6.23.

Users should update to the latest autofs package with this kernel or autofs will use excessive amounts of CPU time.

CVE-2007-3642: The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference.

ChangeLog:

- update wireless bits - gfs2: update to the latest - sched: fix show_task/show_tasks output - sched: fix newly idle load balance in case of SMT - sched: fix the all pinned logic in load_balance_newidle - fix leaks of struct seq_operations - fix leaks of ref to user struct - pata_atiixp: add SB700 PCI ID - ata_piix: fix pio/mwdma programming - sdhci: add ene controller id - sdhci: Fix "Unexpected interrupt" handling - bluetooth: hangup tty before releasing rfcomm - driver core: get driver properly during release - net scheduler: fix deadlock - input: rfkill driver screws up the CPU flags - acpi-cpufreq: make register write work properly again - add proper caching of last_ctl to the 'unbreak SMART' fix - Unbreak SMART on libata. - Disable warnings that trigger due to disabled USB suspend. - add more ATI SB700 ids to the ahci driver - Some systems have a HPET which is not incrementing, which leads to a complete hang. Detect it during HPET setup. - Replace the pcspkr private PIT lock by the global PIT lock to serialize the PIT access all over the place. - Add back the rediffed PS3 patches. - ata: update noncq list - idr: multiple bugfixes - tcp: sack fix leak msgs - vbe: always save ddc data - Fix up some uname -r issues in certain kernel version cases (due to new versioning scheme) - jbd: fix transaction dropping (kernel oops) - kvm: reinit real mode TSS on shutdown - kvm: detect SVM disabled by BIOS - sky2: re-enable lost interrupt workarounds - aacraid: ioctl handler needs permission check - NFS: Add the mount option "nosharecache" - Revert mkinitrd requires: bump to what's in FC7. - Remove the x86-64 tickless patches, they aren't ready. - 2.6.22.1 - Update git-wireless-dev.patch - Add upstream version of rtl8187 patch - Add updated iwlwifi driver from intellinuxwireless.org - Fix issue with PIE randomization (#246623). - Rebase to 2.6.22
 * Tue Jul 17 2007 John W. Linville 
 * Tue Jul 17 2007 Chuck Ebbert 
 * Mon Jul 16 2007 Chuck Ebbert 
 * Mon Jul 16 2007 Chuck Ebbert 
 * Mon Jul 16 2007 Dave Jones 
 * Mon Jul 16 2007 Dave Jones 
 * Fri Jul 13 2007 Chuck Ebbert 
 * Thu Jul 12 2007 Dave Jones 
 * Thu Jul 12 2007 Dave Jones 
 * Thu Jul 12 2007 Dave Jones 
 * Thu Jul 12 2007 Chuck Ebbert 
 * Thu Jul 12 2007 Jarod Wilson 
 * Wed Jul 11 2007 Chuck Ebbert 
 * Wed Jul 11 2007 Chuck Ebbert 
 * Wed Jul 11 2007 Dave Jones 
 * Wed Jul 11 2007 Dave Jones 
 * Wed Jul 11 2007 Dave Jones <davej@redhat.com>
 * Wed Jul 11 2007 Chuck Ebbert <cebbert@redhat.com>
 * Wed Jul 11 2007 John W. Linville <linville@redhat.com>
 * Tue Jul 10 2007 Dave Jones <davej@redhat.com>
 * Tue Jul 10 2007 Dave Jones <davej@redhat.com>

References:

[ 1 ] CVE-2007-3642 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3642

Updated packages:

39367e55dba1f676251d0e9f59a962bdea4e7e26 kernel-doc-2.6.22.1-27.fc7.noarch.rpm bfe0a5afba41d1ae3aa3bdcddc91deedca3790a9 kernel-headers-2.6.22.1-27.fc7.i386.rpm 0a4e7a9251bce261970ebc52edb6eb81bf28686c kernel-devel-2.6.22.1-27.fc7.i686.rpm a12c2349f01c1b21747c1c39d265320f062836de kernel-debug-debuginfo-2.6.22.1-27.fc7.i686.rpm 9d97b5e7c375c02aebb4c53e332051e9d58030fb kernel-PAE-debug-debuginfo-2.6.22.1-27.fc7.i686.rpm 0b529ca4e1fa830c92798ae8a1d7f7fac0ebcb74 kernel-PAE-2.6.22.1-27.fc7.i686.rpm 2633428eebc12bf0a78c3a9b7bc74e00b6004ccb kernel-PAE-debuginfo-2.6.22.1-27.fc7.i686.rpm b38b52f71d714505258664dbf57d393df8e88375 kernel-debuginfo-common-2.6.22.1-27.fc7.i686.rpm 16f262b62d345f26887c76d8eac176717af54300 kernel-debug-2.6.22.1-27.fc7.i686.rpm bdbcd71c9d7efbf8f71f085aaaab6455b73f68b7 kernel-2.6.22.1-27.fc7.i686.rpm 367dc2a540d639683c9e7443a8b1ecf51bb270df kernel-PAE-devel-2.6.22.1-27.fc7.i686.rpm d609fc20defa85d88d2877f405f2342084207899 kernel-PAE-debug-devel-2.6.22.1-27.fc7.i686.rpm 31b395ce525ca12c2199f09117d58c0c0221ed90 kernel-PAE-debug-2.6.22.1-27.fc7.i686.rpm f11574173a0145eebea1036ff63ffd39d91cac5e kernel-debuginfo-2.6.22.1-27.fc7.i686.rpm d09db0c1a82186832063230fc403640da5187bd8 kernel-debug-devel-2.6.22.1-27.fc7.i686.rpm 4b46f23ca0ccce05fbb1ea2881f05238bb774c8b kernel-headers-2.6.22.1-27.fc7.ppc64.rpm 2c0843c3104c0d0711348565fcde2d97a2f77bce kernel-debuginfo-common-2.6.22.1-27.fc7.ppc64.rpm 5db18949b1134bb7ddb09fec475929d7846d50a4 kernel-kdump-devel-2.6.22.1-27.fc7.ppc64.rpm 0e0f713fc6adbe7ac83f861cfe1e1860e2b607aa kernel-kdump-2.6.22.1-27.fc7.ppc64.rpm 5647bb5b3dace16b02999b5c18d235653728a337 kernel-kdump-debuginfo-2.6.22.1-27.fc7.ppc64.rpm fffec6f29a5ca740b626037c9a77954a193e74b9 kernel-debuginfo-2.6.22.1-27.fc7.ppc64.rpm 864e9036443e43733416e5834d4fa6236dec3818 kernel-devel-2.6.22.1-27.fc7.ppc64.rpm de39c1ea5d26f1bb839d06f8eef1c1a9ab79a14e kernel-2.6.22.1-27.fc7.ppc64.rpm eb96f81bb50c712df80d74d7b544e3bd3315a589 kernel-debuginfo-common-2.6.22.1-27.fc7.i586.rpm 2d07ed61fb32197b3410cdba69e1b9d6160ecfd0 kernel-debuginfo-2.6.22.1-27.fc7.i586.rpm 27433c0dce0840c5367bc2fe95e85ba868af1b1d kernel-devel-2.6.22.1-27.fc7.i586.rpm d8b66bfdd21e538392ff400702aa765b8e76202a kernel-2.6.22.1-27.fc7.i586.rpm 4faae03c99578ac62c3befc34e20918a31821381 kernel-debuginfo-2.6.22.1-27.fc7.x86_64.rpm 60e1abb192588892deef5cc14a25d3ce49da2aa8 kernel-debug-devel-2.6.22.1-27.fc7.x86_64.rpm 6181b2103a776c7b6fb58fe910b0034162429877 kernel-devel-2.6.22.1-27.fc7.x86_64.rpm 24706d2049b9611c62a39329e58e0a70f115226e kernel-debug-2.6.22.1-27.fc7.x86_64.rpm 5f2c26ff9295460024940481f668d8c4ce49cbfb kernel-debuginfo-common-2.6.22.1-27.fc7.x86_64.rpm 9f92de34406ce2678ea051fed1bc97219fa516cf kernel-debug-debuginfo-2.6.22.1-27.fc7.x86_64.rpm fe23eed320506dedf801913c742706aebec96ea7 kernel-headers-2.6.22.1-27.fc7.x86_64.rpm 9ce80ccd836576bee446328ad692486533320e34 kernel-2.6.22.1-27.fc7.x86_64.rpm 17c6e90afc764d5f81fd527dbb26e684172b946a kernel-smp-debuginfo-2.6.22.1-27.fc7.ppc.rpm 7b8044556ea18358da2822244e60474f8f99ddc6 kernel-smp-2.6.22.1-27.fc7.ppc.rpm 49d8d811ce85ad76881866c96b546b8a949b518f kernel-smp-devel-2.6.22.1-27.fc7.ppc.rpm 8fb0f2a3c83068f3607267b1638cb9694643460d kernel-debuginfo-2.6.22.1-27.fc7.ppc.rpm 0afa1a811a9bd11e11119fd24dc8690ffb1afd34 kernel-debuginfo-common-2.6.22.1-27.fc7.ppc.rpm 26d9b0b26943ae3ccfeede2a30ac57a1fa392261 kernel-headers-2.6.22.1-27.fc7.ppc.rpm e989776c71d08b38c70c651b10e08326e61ecf9f kernel-2.6.22.1-27.fc7.ppc.rpm dd1a0938cad34ffae942ac5831b1ad56674d4585 kernel-devel-2.6.22.1-27.fc7.ppc.rpm 0c1cb13a92eda663a72e43a68c6d82407ff8a415 kernel-2.6.22.1-27.fc7.src.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/.