Bug 838961
Summary: | CVE-2012-3375 not included in the Kernel changelog for kernel-2.6.18-308.11.1.el5.src.rpm | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Johnny Hughes <jhughes> |
Component: | kernel | Assignee: | Red Hat Kernel Manager <kernel-mgr> |
Status: | CLOSED NOTABUG | QA Contact: | Red Hat Kernel QE team <kernel-qe> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 5.8 | CC: | toracat, vdanen |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-07-10 15:37:55 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Johnny Hughes
2012-07-10 14:00:02 UTC
Hi, Johnny. The changelog entry in question for CVE-2012-3375 is: - [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [829670 817131] The 2.6.18-308.2.el5 kernel was to fix some xen issues: https://rhn.redhat.com/errata/RHSA-2012-0721.html Those fixes are included in and noted in the 2.6.18-308.10.1.el5 changelog: * Thu Jun 14 2012 Alexander Gordeev <agordeev> [2.6.18-308.10.1.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] {CVE-2012-2934} The primary difference in the changelog from 308.8.2.el5 vs 308.10.1.el5 is that the CVE name was not known at the time of 308.8.2.el5 for the last issue (CVE-2012-2934). I suspect the same may be true here, and a future kernel will note that CVE name. To answer the second question, yes, those fixes are present in 308.11.1.el5. |