The remote Scientific Linux host is missing one or more security
This kernel is already in SL 5.5
This updated contains all the security and bug fixes from the
2.6.18-194.el5 kernel. In additions this update fixes the following
security issues :
- a flaw was found in the Unidirectional Lightweight
Encapsulation (ULE) implementation. A remote attacker
could send a specially crafted ISO MPEG-2 Transport
Stream (TS) frame to a target system, resulting in an
infinite loop (denial of service). (CVE-2010-1086,
- on AMD64 systems, it was discovered that the kernel did
not ensure the ELF interpreter was available before
making a call to the SET_PERSONALITY macro. A local
attacker could use this flaw to cause a denial of
service by running a 32-bit application that attempts to
execute a 64-bit application. (CVE-2010-0307, Moderate)
- a flaw was found in the kernel connector implementation.
A local, unprivileged user could trigger this flaw by
sending an arbitrary number of notification requests
using specially crafted netlink messages, resulting in a
denial of service. (CVE-2010-0410, Moderate)
- a flaw was found in the Memory-mapped I/O (MMIO)
instruction decoder in the Xen hypervisor
implementation. An unprivileged guest user could use
this flaw to trick the hypervisor into emulating a
certain instruction, which could crash the guest (denial
of service). (CVE-2010-0730, Moderate)
- a divide-by-zero flaw was found in the azx_position_ok()
function in the driver for Intel High Definition Audio,
snd-hda-intel. A local, unprivileged user could trigger
this flaw to cause a kernel crash (denial of service).
This update also fixes the following bugs :
- in some cases, booting a system with the 'iommu=on'
kernel parameter resulted in a Xen hypervisor panic.
- the fnic driver flushed the Rx queue instead of the Tx
queue after fabric login. This caused crashes in some
- 'kernel unaligned access' warnings were logged to the
dmesg log on some systems. (BZ#580832)
- the 'Northbridge Error, node 1, core: -1 K8 ECC error'
error occurred on some systems using the amd64_edac
- in rare circumstances, when using kdump and booting a
kernel with 'crashkernel=128M@16M', the kdump kernel did
not boot after a crash. (BZ#580838)
- TLB page table entry flushing was done incorrectly on
IBM System z, possibly causing crashes, subtle data
inconsistency, or other issues. (BZ#580839)
- iSCSI failover times were slower than in Red Hat
Enterprise Linux 5.3. (BZ#580840)
- fixed floating point state corruption after signal.
- in certain circumstances, under heavy load, certain
network interface cards using the bnx2 driver and
configured to use MSI-X, could stop processing
interrupts and then network connectivity would cease.
- cnic parts resets could cause a deadlock when the bnx2
device was enslaved in a bonding device and that device
had an associated VLAN. (BZ#581148)
- some BIOS implementations initialized interrupt
remapping hardware in a way the Xen hypervisor
implementation did not expect. This could have caused a
system hang during boot. (BZ#581150)
- AMD Magny-Cours systems panicked when booting a 32-bit
The system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8