Difference between revisions of "Download/kernel/rhel4/023stab046.2/changes"
< Download | kernel | rhel4 | 023stab046.2
(created) |
(No difference)
|
Revision as of 12:04, 19 March 2008
Changes
- Rebase to RHEL4u6 kernel (2.6.9-67.EL4).
- Security updates, driver updates, other fixes.
Config changes
Same as 023stab044.11 plus:
- Added:
- +CONFIG_QLA_IOCTLMOD=m
- +CONFIG_SCSI_QLA6312=m
- +CONFIG_SCSI_QLA24XX=m
- +CONFIG_PATA_PDC2027X=m
- +CONFIG_PATA_JMICRON=m
- +CONFIG_E1000E=m
- +CONFIG_IGB=m
- +CONFIG_CHELSIO_T3=m
- +CONFIG_NETXEN_NIC=m
- Removed:
- -CONFIG_SCSI_QLA2XXX_FAILOVER=y
Update description
The updated kernel includes fixes for the following security vulnerabilities:
- A memory leak in the Red Hat Content Accelerator kernel patch in both the Linux Red Hat and OpenVZ kernels allows local users to cause a denial of service (memory exhaustion) via a large number of open requests involving O_ATOMICLOOKUP (CVE-2007-5494).
- The wait_task_stopped() function both in the Linux and OpenVZ kernels checks the TASK_TRACED bit instead of the exit_state value, which allows local users to cause a denial of service (server crash) via unspecified vectors (CVE-2007-5500).
The updated kernel includes fixes for the following issues:
- ext3 may become corrupted due to the presence of bad inodes in the orphan list. The following message may accompany the corruption:
EXT3-fs warning (device sda6): ext3_unlink: Deleting nonexistent file (37901290), 0. Inode 00000101a15b7840: orphan list check failed!
- [CIFS]: A memory corruption due to bad error handling in the cifs code may cause an unexpected system behavior. The following message may accompany the memory corruption:
CIFS VFS: Invalid size SMB length 4 pdu_length 4
- Reducing the number of CPUs to be available to a VE using the "-- cpus" option of the "vzctl set" command may cause a system crash.
- [CPT]: In kernels with the 4GB split technology enabled (x86 architecture, enterprise kernel), online migration may fail due to a bug in the kernel/userspace segmentation handling in the CPT restoration code.
- [CPT]: Under certain circumstances, /proc is considered as an external mount point, which causes online migration to fail.
- [CPT]: Migrating a VE with the Oracle application installed may fail due to a bug in the process start time restoration.
- The network does not operate if network interfaces are configured in the 802.3ad bonding mode.
- [ext3]: A non-destructive assertion accomplishes with the following message:
Assertion failure in log_do_checkpoint() at fs/jbd/checkpoint.c:363: "drop_count != 0 || cleanup_ret != 0"
- A kernel memory leak in the IPC code may occur due to a mistake in managing already locked segments in both the Linux Red Hat and OpenVZ kernels.
- A user beancounter (UB) reference leak may occur causing the UB information to remain in /proc/user_beancounters after a VE is stopped.
- A missed process wake-up may stall data transfer if the value of the TCPSNDBUF parameter has been exceeded.
- A leak in PRIVVMPAGES may occur on mapping zero pages (for example, when copying from /dev/zero).
- Unmounting an NFS partition having the simfs filesystem mounted over it and vzquota enabled may cause a system crash.
The updated kernel includes a number of updated drivers:
- HP Controller SA5xxx SA6xxx driver
(cciss driver 2.6.16.RH1 version)
- Universal TUN/TAP device driver
(tun driver 1.6 version)
Besides, the new kernel includes the following improvements:
- The kernel has been re-based on the 2.6.9-67.EL4 Red Hat kernel.
- The support for the tun/tap devices online migration has been added.
- [CPT]: vzmigrate error messages have been made more verbose.
Bugs fixed
The following bugs from the previous release have been fixed in the new kernel:
- #92189: A memory leak caused by an application which uses O_ATOMICLOOKUP flag for open() call (CVE-2007-5494).
- #96307: wait_task_stopped() incorrectly checks the process state (CVE-2007-5500).
- #83419: ext3 orphan list corruption due to bad inodes in the list.
- #93807: [CIFS]: incorrect kernel_recvmsg() error handling in cifs code.
- #93979: [CPT]: A forked process should re-copy vcpu from current process because the old one could become invalid.
- #85041: [CPT] [4GB split]: Missed KERNEL_DS handling in CPT restoration code.
- #87718: [CPT]: Incorrect mount type determination (internal/external).
- #96300: [CPT]: A process start time was restored incorrectly during the online migration.
- #79891: [ext3]: JBD cleanup code could skip the last buffer in the list to be deleted.
- #78998: A possible kernel memory leak in IPC code.
- #77231: A potential beancounter refcount leak.
- #89127: A missed wakeup on exceeding TCPSNDBUF.
- #80246: A leak in PRIVVMPAGES on mapping zero pages.
- #91898: The HP CISS driver should be updated.
- #83180: [CPT]: vzmigrate does not print the name of the file that it fails to open.
The following OpenVZ bugs have been fixed:
- OpenVZ Bug #666: Incorrect carrier state determination for 802.3ad bonding mode.
- OpenVZ Bug #541: vzquota should handle correctly NULL sb->put_super, in particular on NFS.
- OpenVZ Bug #642: The support for tun/tap devices online migration is required.