Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme im Kernel
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme im Kernel
ID: FEDORA-2012-1497
Distribution: Fedora
Plattformen: Fedora 16
Datum: So, 12. Februar 2012, 13:46
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4622
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056
Applikationen: Linux

Originalnachricht

Name        : kernel
Product : Fedora 16
Version : 3.2.5
Release : 3.fc16
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

-------------------------------------------------------------------------------
-
Update Information:

CVE-2011-4086 jbd2: unmapped buffer with _Unwritten or _Delay flags set can
lead to DoS (rhbz 788260)
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Feb 8 2012 Josh Boyer <jwboyer@redhat.com>
- Fix e1000e Tx hang check (rhbz 785806)
- CVE-2011-4086 jbd2: unmapped buffer with _Unwritten or _Delay flags set can
lead to DoS (rhbz 788260)
* Tue Feb 7 2012 Josh Boyer <jwboyer@redhat.com>
- Make build/ point to /usr/src/kernels instead of being relative (rhbz 788125)
* Mon Feb 6 2012 Josh Boyer <jwboyer@redhat.com>
- Linux 3.2.5. Happy Birthday
* Mon Feb 6 2012 John W. Linville <linville@redhat.com>
- ath9k: fix a WEP crypto related regression
- ath9k_hw: fix a RTS/CTS timeout regression
* Sun Feb 5 2012 Dave Jones <davej@redhat.com>
- Remove unnecessary block-stray-block-put-after-teardown.patch
- readahead: fix pipeline break caused by block plug
* Fri Feb 3 2012 Josh Boyer <jwboyer@redhat.com> 3.2.3-2
- Drop patch that was NAKed upstream (rhbz 783211)
* Fri Feb 3 2012 John W. Linville <linville@redhat.com>
- bcma: Fix mem leak in bcma_bus_scan()
- rt2800lib: fix wrong -128dBm when signal is stronger than -12dBm
- iwlwifi: make "Tx aggregation enabled on ra =" be at DEBUG level
- ssb: fix cardbus slot in hostmode
- mac80211: timeout a single frame in the rx reorder buffer
* Fri Feb 3 2012 Dave Jones <davej@redhat.com> 3.2.3-1
- Linux 3.2.3
* Fri Feb 3 2012 Josh Boyer <jwboyer@redhat.com>
- Patch from Jakub Kicinski to fix rt2x00 MCU requests (rhbz 772772)
* Wed Feb 1 2012 John W. Linville <linville@redhat.com>
- Use "iwlwifi: don't mess up QoS counters with non-QoS frames"
(rhbz 785239)
- Actually apply patch to make integrated compat-wireless avoid taint...
* Tue Jan 31 2012 John W. Linville <linville@redhat.com>
- Apply iwlwifi patch for TID issue (rhbz 785239)
* Mon Jan 30 2012 Dave Jones <davej@redhat.com>
- Enable kmemleak (off by default) in kernel-debug (rhbz 782419)
* Mon Jan 30 2012 Dave Jones <davej@redhat.com>
- Restore the Savage DRM and several others that were accidentally
early-deprecated.
* Mon Jan 30 2012 John W. Linville <linville@redhat.com>
- Use the eeprom_93cx6 driver from the compat-wireless package
- mac80211: fix debugfs key->station symlink
- brcmsmac: fix tx queue flush infinite loop
- mac80211: Use the right headroom size for mesh mgmt frames
- mac80211: fix work removal on deauth request
- b43: add option to avoid duplicating device support with brcmsmac
- mac80211: update oper_channel on ibss join
- mac80211: set bss_conf.idle when vif is connected
- iwlwifi: fix PCI-E transport "inta" race
- ath9k: use WARN_ON_ONCE in ath_rc_get_highest_rix
* Fri Jan 27 2012 John W. Linville <linville@redhat.com>
- Include config.mk from compat-wireless build in files for installation
* Wed Jan 25 2012 Josh Boyer <jwboyer@redhat.com> - 3.2.2-1
- Linux 3.2.2
- Add patch to invalidate parent cache when fsync is called on a partition
(rhbz 783211)
- Test fix for realtek_async_autopm oops from Stanislaw Gruszka (rhbz 784345)
* Wed Jan 25 2012 John W. Linville <linville@redhat.com>
- modpost: add option to allow external modules to avoid taint
- Make integrated compat-wireless take advantage of the above
* Wed Jan 25 2012 Josh Boyer <jwboyer@redhat.com>
- Backport patch to fix oops in rds (rhbz 718790)
* Tue Jan 24 2012 John W. Linville <linville@redhat.com>
- Update compat-wireless snapshot to version 3.3-rc1-2
* Tue Jan 24 2012 Josh Boyer <jwboyer@redhat.com>
- Re-enable the ARCMSR module (rhbz 784287)
- Add back a set of patches that were erroneously dropped during the rebase
- Re-enable the LIRC_STAGING drivers (rhbz 784398)
* Mon Jan 23 2012 Josh Boyer <jwboyer@redhat.com> 3.2.1-3
- Fix oops in iwlwifi/iwlagn driver (rhbz 766071)
- Fix NULL pointer dereference in sym53c8xx module (rhbz 781625)
* Fri Jan 20 2012 Dave Jones <davej@redhat.com>
- net: reintroduce missing rcu_assign_pointer() calls
* Fri Jan 20 2012 Josh Boyer <jwboyer@redhat.com>
- Add mac80211 deauth fix pointed out by Stanislaw Gruszka
* Thu Jan 19 2012 Dave Jones <davej@redhat.com> 3.2.1-1
- Rebase to Linux 3.2.1
* Thu Jan 19 2012 John W. Linville <linville@redhat.com>
- Pass the same make options to compat-wireless as to the base kernel
* Wed Jan 18 2012 Josh Boyer <jwboyer@redhat.com> 3.1.10-2
- Fix broken procfs backport (rhbz 782961)
* Wed Jan 18 2012 Josh Boyer <jwboyer@redhat.com> 3.1.10-1
- Linux 3.1.10
- /proc/pid/* information leak (rhbz 782686)
- CVE-2012-0056 proc: clean up and fix /proc/<pid>/mem (rhbz 782681)
- loop: prevent information leak after failed read (rhbz 782687)
* Tue Jan 17 2012 Josh Boyer <jwboyer@redhat.com>
- CVE-2011-4127 possible privilege escalation via SG_IO ioctl (rhbz 769911)
* Mon Jan 16 2012 John W. Linville <linville@redhat.com>
- Re-apply patch to revert mac80211 scan optimizations (rhbz #731365, #773271)
* Sun Jan 15 2012 Josh Boyer <jwboyer@redhat.com>
- Avoid packaging symlinks for kernel-doc files (rhbz 767351)
- Apply mac80211 NULL ptr deref fix to compat-wireless too (rhbz 769766)
* Fri Jan 13 2012 Josh Boyer <jwboyer@redhat.com>
- Fix verbose logging messages in the rtl8192cu driver (rhbz 728740)
* Fri Jan 13 2012 Josh Boyer <jwboyer@redhat.com> 3.1.9-1
- Linux 3.1.9
- CVE-2012-0045 kvm: syscall instruction induced guest panic (rhbz 773392)
* Wed Jan 11 2012 Josh Boyer <jwboyer@redhat.com>
- Patch from Stanislaw Gruszka to fix NULL ptr deref in mac80211 (rhbz 769766)
* Tue Jan 10 2012 John W. Linville <linville@redhat.com>
- Update compat-wireless snapshot to version 3.2-1
* Tue Jan 10 2012 Josh Boyer <jwboyer@redhat.com>
- Add patch to fix ext4 compatibility with ext2 mount option (rhbz 770172)
- Fix ext4 corrupted bitmap error path (pointed out by Eric Sandeen)
* Sat Jan 7 2012 Josh Boyer <jwboyer@redhat.com> 3.1.8-2
- Add iwlwifi-allow-to-switch-to-HT40-if-not-associated.patch back to
compat-wireless
* Fri Jan 6 2012 Josh Boyer <jwboyer@redhat.com> 3.1.8-1
- Disable backports on arches where we don't actually build a kernel (or
config)
- Linux 3.1.8
* Thu Jan 5 2012 John W. Linville <linville@redhat.com>
- Patch compat-wireless build to avoid "pr_fmt redefined" warnings
- Include compat-wireless in removal of files resulting from patch fuzz
* Thu Jan 5 2012 Josh Boyer <jwboyer@redhat.com>
- Move the depmod file removal below the compat-wireless build to make sure we
clean them all out
* Wed Jan 4 2012 Neil Horman <nhorman@redhat.com>
- Fix warning about msi sysfs refcount (bz 771058)
* Wed Jan 4 2012 Dave Jones <davej@redhat.com>
- Disable PCI CRS blacklist patch
- Try alternative approach from Bjorn Helgaas to work around
MCFG quirks on some laptops.
* Wed Jan 4 2012 Dave Jones <davej@redhat.com>
- Add Dell Studio 1557 to pci=nocrs blacklist. (rhbz 769657)
* Wed Jan 4 2012 Josh Boyer <jwboyer@redhat.com>
- CVE-2011-4347 kvm: device assignment DoS (rhbz 771678)
* Tue Jan 3 2012 Josh Boyer <jwboyer@redhat.com> 3.1.7-1
- Linux 3.1.7
* Tue Jan 3 2012 John W. Linville <linville@redhat.com>
- Avoid unnecessary modprobe invocations during compat-wireless build
* Tue Jan 3 2012 Dave Jones <davej@redhat.com>
- Add Thinkpad SL510 to the pci=nocrs blacklist.
* Tue Jan 3 2012 Josh Boyer <jwboyer@redhat.com>
- CVE-2011-4622 kvm: pit timer with no irqchip crashes the system (rhbz 771387)
- Add bluetooth support for BCM20102A0 (rhbz 770233)
* Tue Jan 3 2012 Dave Jones <davej@redhat.com>
- thp: reduce khugepaged freezing latency (rhbz 771006)
* Tue Jan 3 2012 John W. Linville <linville@redhat.com>
- Re-enable CONFIG_RT2800PCI_RT53XX in compat-wireless build (rhbz #720594)
* Thu Dec 29 2011 Dave Jones <davej@redhat.com> 3.1.6-2
- Create a blacklist for pci=nocrs
Add Dell Studio 1536 to it.
* Fri Dec 23 2011 Dennis Gilmore <dennis@ausil.us>
- build imx highbank and kirkwood kernels for arm
* Thu Dec 22 2011 John W. Linville <linville@redhat.com>
- iwlwifi: do not set the sequence control bit is not needed
- ath9k: fix max phy rate at rate control init
- mwifiex: avoid double list_del in command cancel path
- iwlwifi: update SCD BC table for all SCD queues
* Wed Dec 21 2011 Dave Jones <davej@redhat.com> 3.1.6-1
- Linux 3.1.6
* Wed Dec 21 2011 John W. Linville <linville@redhat.com>
- Apply some iwlwifi regression fixes not in the 3.2-rc6 wireless snapshot
- Turn-off with_backports for s390x
* Wed Dec 21 2011 Dave Jones <davej@redhat.com> 3.1.5-11
- Reinstate the route cache garbage collector.
* Wed Dec 21 2011 John W. Linville <linville@redhat.com>
- Revise compat-wireless configuration
- Enable with-backports by default
- Update compat-wireless snaptshot from verstion 3.2-rc6-3
* Tue Dec 20 2011 Dave Jones <davej@redhat.com> 3.1.5-10
- Delay after aborting command in tpm_tis (rhbz #746097)
* Tue Dec 20 2011 Josh Boyer <jwboyer@redhat.com>
- Backport upstream fix for b44_poll oops (rhbz #741117)
- Include crtsaves.o for ppc64 as well (rhbz #769415)
- Drop EDID headers patch from 751589 for now (rhbz #769103)
* Mon Dec 19 2011 Kyle McMartin <kyle@redhat.com> - 3.1.5-8
- Add versioned Obsoletes and Provides for kernel-tools -> perf, hopefully
this should allow upgrades from kernel-tools to perf+kernel-tools in rawhide
from F-16.
* Mon Dec 19 2011 Dave Jones <davej@redhat.com>
- x86, dumpstack: Fix code bytes breakage due to missing KERN_CONT
* Fri Dec 16 2011 Ben Skeggs <bskeggs@redhat.com> - 3.1.5-7
- Add patch to do a better job of dealing with busted EDID headers
(rhbz#751589)
* Thu Dec 15 2011 Josh Boyer <jwboyer@redhat.com> - 3.1.5-6
- Add patch to fix Intel wifi regression in 3.1.5 (rhbz 767173)
* Thu Dec 15 2011 Dave Jones <davej@redhat.com> - 3.1.5-5
- Change configfs to be built-in. (rhbz 767857)
* Thu Dec 15 2011 Dave Jones <davej@redhat.com> - 3.1.5-4
- Disable Intel IOMMU by default.
* Tue Dec 13 2011 Josh Boyer <jwboyer@redhat.com>
- Remove extraneous settings and enable Radeon KMS for powerpc (via Will Woods)
* Mon Dec 12 2011 Josh Boyer <jwboyer@redhat.com>
- Add patch from Jeff Layton to fix suspend with NFS (rhbz #717735)
- Backport ALPS touchpad patches from input/next branch (rhbz #590880)
* Fri Dec 9 2011 Josh Boyer <jwboyer@redhat.com> 3.1.5-1
- Linux 3.1.5
* Thu Dec 8 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.5-0.rc2.1
- Linux 3.1.5-rc2
- Drop obsolete changelog, set rcrev and gitrev to 0 so they're
less distracting.
- Fix wrong link speed on some sky2 network adapters (rhbz #757839)
* Thu Dec 8 2011 Ben Skeggs <bskeggs@redhat.com> 3.1.5-0.rc1.2
- nouveau: fix accel on GF108 and enable on GF108/GF110
* Wed Dec 7 2011 Chuck Ebbert <cebbert@redhat.com>
- Linux 3.1.5-rc1
- Comment out merged patches:
xfs-Fix-possible-memory-corruption-in-xfs_readlink.patch
rtlwifi-fix-lps_lock-deadlock.patch
* Tue Dec 6 2011 Chuck Ebbert <cebbert@redhat.com>
- Disable uas until someone can fix it (rhbz #717633)
* Tue Dec 6 2011 Josh Boyer <jwboyer@redhat.com>
- Add reworked pci ASPM patch from Matthew Garrett
* Mon Dec 5 2011 Josh Boyer <jwboyer@redhat.com>
- Only print the apm_cpu_idle message once (rhbz #760341)
* Mon Dec 5 2011 Dave Jones <davej@redhat.com>
- Switch from -Os to -O2
* Thu Dec 1 2011 Josh Boyer <jwboyer@redhat.com>
- Apply patch to revert mac80211 scan optimizations (rhbz #731365)
- Disable the existing brcm80211 staging drivers (rhbz #759109)
* Wed Nov 30 2011 Josh Boyer <jwboyer@redhat.com>
- Include commit 3940d6185 from JJ Ding in elantech.patch
* Tue Nov 29 2011 Josh Boyer <jwboyer@redhat.com>
- Add patch to fix deadlock in rtlwifi (rhbz #755154)
- Drop drm-intel-make-lvds-work.patch (rhbz #731296)
* Mon Nov 28 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.4-1
- Linux 3.1.4
* Mon Nov 28 2011 Chuck Ebbert <cebbert@redhat.com>
- Fix IRQ error preventing load of cciss module (rhbz#754907)
* Mon Nov 28 2011 Ben Skeggs <bskeggs@redhat.com> 3.1.3-2
- nouveau: fix two instances of an oops in ttm clear() (rhbz#751753)
* Sun Nov 27 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.3-1
- Linux 3.1.3
* Wed Nov 23 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.3-0.rc1.1
- Linux 3.1.3-rc1
- Comment out merged patches:
usb-add-quirk-for-logitech-webcams.patch
ip6_tunnel-copy-parms.name-after-register_netdevice.patch
* Tue Nov 22 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.2-1
- Linux 3.1.2
* Sat Nov 19 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.2-0.rc1.1
- Linux 3.1.2-rc1
* Wed Nov 16 2011 John W. Linville <linville@redhat.com>
- Add compat-wireless as an option for kernel build
* Tue Nov 15 2011 Dave Jones <davej@redhat.com>
- mm: Do not stall in synchronous compaction for THP allocations
* Tue Nov 15 2011 Dave Jones <davej@redhat.com>
- Backport asus-laptop changes from 3.2 (rhbz 754214)
* Mon Nov 14 2011 Josh Boyer <jwboyer@redhat.com>
- Patch from Joshua Roys to add rtl8192* to modules.networking (rhbz 753645)
- Add patch for wacom tablets for Bastien Nocera (upstream 3797ef6b6)
- Add patch to fix ip6_tunnel naming (rhbz 751165)
- Quite warning in apm_cpu_idle (rhbz 753776)
* Mon Nov 14 2011 Josh Boyer <jwboyer@redhat.com> 3.1.1-2
- CVE-2011-4131: nfs4_getfacl decoding kernel oops (rhbz 753236)
- CVE-2011-4132: jbd/jbd2: invalid value of first log block leads to oops (rhbz
753346)
* Fri Nov 11 2011 Chuck Ebbert <cebbert@redhat.com>
- Use the same naming scheme as rawhide for -stable RC kernels
(e.g. 3.1.1-0.rc1.1 instead of 3.1.1-1.rc1)
* Fri Nov 11 2011 Josh Boyer <jwboyer@redhat.com> 3.1.1-1
- Linux 3.1.1
* Fri Nov 11 2011 John W. Linville <linville@redhat.com>
- Remove overlap between bcma/b43 and brcmsmac and reenable bcm4331
* Thu Nov 10 2011 Chuck Ebbert <cebbert@redhat.com>
- Sync samsung-laptop driver with what's in 3.2 (rhbz 747560)
* Wed Nov 9 2011 Chuck Ebbert <cebbert@redhat.com> 3.1.1-1.rc1
- Linux 3.1.1-rc1
- Comment out merged patches, will drop when release is final:
ums-realtek-driver-uses-stack-memory-for-DMA.patch
epoll-fix-spurious-lockdep-warnings.patch
crypto-register-cryptd-first.patch
add-macbookair41-keyboard.patch
powerpc-Fix-deadlock-in-icswx-code.patch
iwlagn-fix-ht_params-NULL-pointer-dereference.patch
mmc-Always-check-for-lower-base-frequency-quirk-for-.patch
media-DiBcom-protect-the-I2C-bufer-access.patch
media-dib0700-protect-the-dib0700-buffer-access.patch
WMI-properly-cleanup-devices-to-avoid-crashes.patch
mac80211-fix-remain_off_channel-regression.patch
mac80211-config-hw-when-going-back-on-channel.patch
* Wed Nov 9 2011 John W. Linville <linville@redhat.com>
- Backport brcm80211 from 3.2-rc1
* Tue Nov 8 2011 Neil Horman <nhorman@redhat.com>
- Add msi irq ennumeration per device in sysfs (rhbz 752176)
* Mon Nov 7 2011 Josh Boyer <jwboyer@redhat.com>
- Add two patches to fix mac80211 issues (rhbz 731365)
* Thu Nov 3 2011 Josh Boyer <jwboyer@redhat.com>
- Add commits queued for 3.2 for elantech driver (rhbz 728607)
- Fix crash when setting brightness via Fn keys on ideapads (rhbz 748210)
* Wed Nov 2 2011 Josh Boyer <jwboyer@redhat.com>
- Add patch to fix oops when removing wmi module (rhbz 706574)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #788260 - CVE-2011-4086 kernel: jbd2: unmapped buffer with
_Unwritten or _Delay flags set can lead to DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=788260
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung