Synopsis: Important: kernel security and bug fix update
Issue Date: 2011-06-01
CVE Numbers: CVE-2010-3858
The kernel packages contain the Linux kernel, the core of any Linux
This update fixes the following security issues:
* An integer underflow flaw, leading to a buffer overflow, was found in the
Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation.
This could allow a remote attacker to cause a denial of service.
* Missing sanity checks were found in setup_arg_pages() in the Linux
kernel. When making the size of the argument and environment area on the
stack very large, it could trigger a BUG_ON(), resulting in a local denial
of service. (CVE-2010-3858, Moderate)
* A missing validation check was found in the bcm_release() and
raw_release() functions in the Linux kernel’s Controller Area Network (CAN)
implementation. This could allow a local, unprivileged user to cause a
denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)
* The fix provided in SLSA-2011:0542, introduced a regression in the
cifs_close() function in the Linux kernel’s Common Internet File System (CIFS)
implementation. A local, unprivileged user with write access to a CIFS file
system could use this flaw to cause a denial of service.
The system must be rebooted for this update to take effect.
– Scientific Linux Development Team