来源：linux时代

一个重要的内核安全漏洞被发现，现在RHEL5的内核补丁已经放出，这个漏洞可以使得非特权用户操作引起拒绝服务。
RHEL5的服务器版本和桌面版本都会受到影响，几乎所有的架构都受到影响，比如i386, x86_64, PPC和IBM s390x等。


A important kernel security and bug fix update was releasedfor Red Hat Enterprise Linux 5, repairing some issues that could allow an unprivileged user to cause a denial of service.

Red Hat Enterprise Linux 5 (both Desktop and Server editions) were affected by these issues. Almost all architectures could have had problems because of this security hole, including i386, x86_64, PPC, s390x and a few others.

The Linux kernel process-trace ability was tested on AMD64 architectures, discovering the possibility of a kernel crash that could allow a local unprivileged user to cause a denial of service.

Due to improper handling of fragmented ESP packets, a possibility of a kernel crash was discovered in the Linux kernel IPsec protocol implementation. If these packages were fragmented in very small chunks, a kernel crash might have occurred during the packet reassembly on the receiving node.

A denial of service could have been caused on 64-bit architectures if a local unprivileged user setup a large interval value for hrtimer, forcing the time expiry value to become negative.

Another problem that could cause a denial of service was found in the Linux kernel PWC USB video driver. The kernel USB subsystem could be brought into the busy-waiting mode by a normal user and cause a DoS.

The updated packages will resolve some other issues as well, like the continual "softlockup" messages that kept occurring on the guest's console after successfully saving and restoring a Red Hat Enterprise Linux 5 para-virtualized guest. Sometimes, a kernel hung and panic occurred when the cpufreq daemon was disabled. Because of this, some system reboots did not complete successfully.

If you intend to apply the updated packages - and this is the advisable thing to do -, first make sure that you've installed all the previously-released updates.

[ 本帖最后由 Send_linux 于 2008-5-22 10:43 编辑 ]