| Summary: | The remote host is missing updates to the kernel announced in;advisory RHSA-2009:0326.;;Security fixes:;; * memory leaks were found on some error paths in the icmp_send();function in the Linux kernel. This could, potentially, cause the network;connectivity to cease. (CVE-2009-0778, Important);; * Chris Evans reported a deficiency in the clone() system call when called;with the CLONE_PARENT flag. This flaw permits the caller (the parent;process) to indicate an arbitrary signal it wants to receive when its child;process exits. This could lead to a denial of service of the parent;process. (CVE-2009-0028, Moderate);; * an off-by-one underflow flaw was found in the eCryptfs subsystem. This;could potentially cause a local denial of service when the readlink();function returned an error. (CVE-2009-0269, Moderate);; * a deficiency was found in the Remote BIOS Update (RBU) driver for Dell;systems. This could allow a local, unprivileged user to cause a denial of;service by reading zero bytes from the image_type or packet_size files in;/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate);; * an inverted logic flaw was found in the SysKonnect FDDI PCI adapter;driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN;capability was absent (local, unprivileged users could reset driver;statistics). (CVE-2009-0675, Moderate);; * the sock_getsockopt() function in the Linux kernel did not properly;initialize a data structure that can be directly returned to user-space;when the getsockopt() function is called with SO_BSDCOMPAT optname set.;This flaw could possibly lead to memory disclosure.;(CVE-2009-0676, Moderate);; * the ext2 and ext3 file system code failed to properly handle corrupted;data structures, leading to a possible local denial of service when read;or write operations were performed on a specially-crafted file system.;(CVE-2008-3528, Low);; * a deficiency was found in the libATA implementation. This could,;potentially, lead to a local denial of service. Note: by default, the;/dev/sg* devices are accessible only to the root user.;(CVE-2008-5700, Low);;All users should upgrade to these updated packages, which contain;backported patches to correct these issues. The system must be rebooted for;this update to take effect. |
| Description: | Summary:
The remote host is missing updates to the kernel announced in
advisory RHSA-2009:0326.
Security fixes:
* memory leaks were found on some error paths in the icmp_send()
function in the Linux kernel. This could, potentially, cause the network
connectivity to cease. (CVE-2009-0778, Important)
* Chris Evans reported a deficiency in the clone() system call when called
with the CLONE_PARENT flag. This flaw permits the caller (the parent
process) to indicate an arbitrary signal it wants to receive when its child
process exits. This could lead to a denial of service of the parent
process. (CVE-2009-0028, Moderate)
* an off-by-one underflow flaw was found in the eCryptfs subsystem. This
could potentially cause a local denial of service when the readlink()
function returned an error. (CVE-2009-0269, Moderate)
* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell
systems. This could allow a local, unprivileged user to cause a denial of
service by reading zero bytes from the image_type or packet_size files in
/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)
* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter
driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN
capability was absent (local, unprivileged users could reset driver
statistics). (CVE-2009-0675, Moderate)
* the sock_getsockopt() function in the Linux kernel did not properly
initialize a data structure that can be directly returned to user-space
when the getsockopt() function is called with SO_BSDCOMPAT optname set.
This flaw could possibly lead to memory disclosure.
(CVE-2009-0676, Moderate)
* the ext2 and ext3 file system code failed to properly handle corrupted
data structures, leading to a possible local denial of service when read
or write operations were performed on a specially-crafted file system.
(CVE-2008-3528, Low)
* a deficiency was found in the libATA implementation. This could,
potentially, lead to a local denial of service. Note: by default, the
/dev/sg* devices are accessible only to the root user.
(CVE-2008-5700, Low)
All users should upgrade to these updated packages, which contain
backported patches to correct these issues. The system must be rebooted for
this update to take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
CVSS Score:
7.1
CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
