Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Linux

Linux

Red Hat Enterprise Linux 5 Receives Important Security Fix

An important kernel security and bug fix update was released

By Daniel Voicu, Linux Editor

20th of May 2008, 12:19 GMT

Adjust text size:


Red Hat Enterprise Linux 5
Enlarge picture
A important kernel security and bug fix update was released for Red Hat Enterprise Linux 5, repairing some issues that could allow an unprivileged user to cause a denial of
service.

Red Hat Enterprise Linux 5 (both Desktop and Server editions) were affected by these issues. Almost all architectures could have had problems because of this security hole, including i386, x86_64, PPC, s390x and a few others.

The Linux kernel process-trace ability was tested on AMD64 architectures, discovering the possibility of a kernel crash that could allow a local unprivileged user to cause a denial of service.

Due to improper handling of fragmented ESP packets, a possibility of a kernel crash was discovered in the Linux kernel IPsec protocol implementation. If these packages were fragmented in very small chunks, a kernel crash might have occurred during the packet reassembly on the receiving node.

A denial of service could have been caused on 64-bit architectures if a local unprivileged user setup a large interval value for hrtimer, forcing the time expiry value to become negative.

Another problem that could cause a denial of service was found in the Linux kernel PWC USB video driver. The kernel USB subsystem could be brought into the busy-waiting mode by a normal user and cause a DoS.

The updated packages will resolve some other issues as well, like the continual "softlockup" messages that kept occurring on the guest's console after successfully saving and restoring a Red Hat Enterprise Linux 5 para-virtualized guest. Sometimes, a kernel hung and panic occurred when the cpufreq daemon was disabled. Because of this, some system reboots did not complete successfully.

If you intend to apply the updated packages - and this is the advisable thing to do -, first make sure that you've installed all the previously-released updates.

TAGS:

 Red Hat | Red Hat Enterprise Linux | RHEL | linux | security


Rating:
Fair (2.8/5) 5 vote(s) so far    

Read by 920 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Fedora Unity Project Comes with Fedora 9 Everything Spin

Fedora Weekly Report: 12th - 18th May, 2008

SpamAssasin and Traffic Control to Reduce Spam by 75 Percent

Compass 1.0 - New Automated Email Backup and Viewing Tool

Mark Shuttleworth Wants Synchronicity between Linux Distributions

Kernel Comparison: FreeBSD, GNU/Linux, Solaris and Windows

Fedora 10 Release Schedule

First Release Candidate of DSL 4.4 Is Here

Forget Firefox 3.0, Mozilla Looks to Firefox 3.1 and Firefox 4.0

eAR OS 1.08 Announced by Acoustic Reality

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive