ELSA-2010-2008

ELSA-2010-2008 - Unbreakable enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2010-10-04

Description

[2.6.32-100.20.1.el5]
- [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner)
- [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943}
- [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2
010-2943}
- [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2
010-2943}
- [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942}
- [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker)

Related CVEs

CVE-2010-2942

CVE-2010-2943

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 5 (x86_64)	kernel-2.6.32-100.20.1.el5.x86_64.rpm	bdede0f0359a4291ee94c1e29ff1899dd408d4a39f159da5fd53937364c588d7	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-debug-2.6.32-100.20.1.el5.x86_64.rpm	9c91edaaf93f53ae4fac718c347da6667c522ef5ddcd8c5e59993ccf29714394	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-debug-devel-2.6.32-100.20.1.el5.x86_64.rpm	be75edc56c48825f38b418aa7aba24f88670f20bbb8ff17321ab1d53d35fca9e	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-devel-2.6.32-100.20.1.el5.x86_64.rpm	938bcedaacdf46d722a16cfe14d0cc85bc76a09e0f156f8a84fd373574a01d1d	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-doc-2.6.32-100.20.1.el5.noarch.rpm	61dc8277a459acae5423ce0e9bfb8fff96369664cbc66864fe5036844b84637c	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-firmware-2.6.32-100.20.1.el5.x86_64.rpm	2abc75dd2a3a631022a9b863f50ffcb171a5aadc340ef46394f6ea0c67e29d34	ELSA-2010-2011	ol5_u5_x86_64_patch
	kernel-headers-2.6.32-100.20.1.el5.x86_64.rpm	227e38bb34722ee6faa2bbbcf66bac4d58131f50f1e0f823788a9a270e1b8e99	ELSA-2010-2011	ol5_u5_x86_64_patch
	ofa-2.6.32-100.20.1.el5-1.5.1-4.0.20.x86_64.rpm	bf0dc91eb3b96cb9284f5f88158e31e86444b01cb67dae0e8b3ac746dea15d5f	-	ol5_u5_x86_64_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team