[ MDVSA-2010:088 ] kernel

[dude67]

_______________________________________________________________________

Package : kernel
Date : April 30, 2010
Affected: 2010.0
_______________________________________________________________________

Problem Description:

Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:

The ATI Rage 128 (aka r128) driver in the Linux kernel before
2.6.31-git11 does not properly verify Concurrent Command Engine (CCE)
state initialization, which allows local users to cause a denial of
service (NULL pointer dereference and system crash) or possibly gain
privileges via unspecified ioctl calls. (CVE-2009-3620)

fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always
follow NFS automount symlinks, which allows attackers to have an
unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)

The wake_futex_pi function in kernel/futex.c in the Linux kernel
before 2.6.33-rc7 does not properly handle certain unlock operations
for a Priority Inheritance (PI) futex, which allows local users to
cause a denial of service (OOPS) and possibly have unspecified other
impact via vectors involving modification of the futex value from
user space. (CVE-2010-0622)

drivers/connector/connector.c in the Linux kernel before 2.6.32.8
allows local users to cause a denial of service (memory consumption
and system crash) by sending the kernel many NETLINK_CONNECTOR
messages. (CVE-2010-0410)

The futex_lock_pi function in kernel/futex.c in the Linux kernel before
2.6.33-rc7 does not properly manage a certain reference count, which
allows local users to cause a denial of service (OOPS) via vectors
involving an unmount of an ext3 filesystem. (CVE-2010-0623)

Aditionally, the kernel was updated to the 2.6.31.13 stable release,
it was added support for Cirrus Logic CS420x HDA codec, Wacom driver
was updated to version 0.8.5-12 and there is a fix in the driver for
backlight on Eee PC 1201HA.

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-3620
http://cve.mitre.org/cgi-bin/cvename.cg ... -2010-1088
http://cve.mitre.org/cgi-bin/cvename.cg ... -2010-0622
http://cve.mitre.org/cgi-bin/cvename.cg ... -2010-0410
http://cve.mitre.org/cgi-bin/cvename.cg ... -2010-0623
https://qa.mandriva.com/53220
https://qa.mandriva.com/56221
https://qa.mandriva.com/58619
_______________________________________________________________________