| |
| 重要升级:内核漏洞影响RHEL5所有版本 |
|
| 来源:
Linux论坛
日期:
2008.05.21 15:22 (共有条评论) 我要评论 |
| |
来源:linux时代
一个重要的内核安全漏洞被发现,现在RHEL5的内核补丁已经放出,这个漏洞可以使得非特权用户操作引起拒绝服务。
RHEL5的服务器版本和桌面版本都会受到影响,几乎所有的架构都受到影响,比如i386, x86_64, PPC和IBM s390x等。
A important kernel security and bug fix update was releasedfor Red Hat Enterprise Linux 5, repairing some issues that could allow an unprivileged user to cause a denial of service.
Red Hat Enterprise Linux 5 (both Desktop and Server editions) were affected by these issues. Almost all architectures could have had problems because of this security hole, including i386, x86_64, PPC, s390x and a few others.
The Linux kernel process-trace ability was tested on AMD64 architectures, discovering the possibility of a kernel crash that could allow a local unprivileged user to cause a denial of service.
Due to improper handling of fragmented ESP packets, a possibility of a kernel crash was discovered in the Linux kernel IPsec protocol implementation. If these packages were fragmented in very small chunks, a kernel crash might have occurred during the packet reassembly on the receiving node.
A denial of service could have been caused on 64-bit architectures if a local unprivileged user setup a large interval value for hrtimer, forcing the time expiry value to become negative.
Another problem that could cause a denial of service was found in the Linux kernel PWC USB video driver. The kernel USB subsystem could be brought into the busy-waiting mode by a normal user and cause a DoS.
The updated packages will resolve some other issues as well, like the continual "softlockup" messages that kept occurring on the guest's console after successfully saving and restoring a Red Hat Enterprise Linux 5 para-virtualized guest. Sometimes, a kernel hung and panic occurred when the cpufreq daemon was disabled. Because of this, some system reboots did not complete successfully.
If you intend to apply the updated packages - and this is the advisable thing to do -, first make sure that you've installed all the previously-released updates.
[ 本帖最后由 Send_linux 于 2008-5-22 10:43 编辑 ]
|
| 发表评论
查看评论(共有条评论)
|
| |
|
|
|
