Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:1465

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64990

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2009:1465

Resumen: The remote host is missing updates announced in;advisory RHSA-2009:1465.;;KVM (Kernel-based Virtual Machine) is a full virtualization solution for;Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for;the standard Red Hat Enterprise Linux kernel.;;The kvm_emulate_hypercall() implementation was missing a check for the;Current Privilege Level (CPL). A local, unprivileged user in a virtual;machine could use this flaw to cause a local denial of service or escalate;their privileges within that virtual machine. (CVE-2009-3290);;All KVM users should upgrade to these updated packages, which contain;backported patches to resolve these issues. Note: The procedure in the

Descripción: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1465.

KVM (Kernel-based Virtual Machine) is a full virtualization solution for
Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for
the standard Red Hat Enterprise Linux kernel.

The kvm_emulate_hypercall() implementation was missing a check for the
Current Privilege Level (CPL). A local, unprivileged user in a virtual
machine could use this flaw to cause a local denial of service or escalate
their privileges within that virtual machine. (CVE-2009-3290)

All KVM users should upgrade to these updated packages, which contain
backported patches to resolve these issues. Note: The procedure in the

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3290
http://www.openwall.com/lists/oss-security/2009/09/18/1
http://www.openwall.com/lists/oss-security/2009/09/21/1
http://www.openwall.com/lists/oss-security/2009/09/22/8
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328
http://www.redhat.com/support/errata/RHSA-2009-1465.html
http://secunia.com/advisories/37105
http://www.ubuntu.com/usn/USN-852-1

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64990
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1465
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:1465.;;KVM (Kernel-based Virtual Machine) is a full virtualization solution for;Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for;the standard Red Hat Enterprise Linux kernel.;;The kvm_emulate_hypercall() implementation was missing a check for the;Current Privilege Level (CPL). A local, unprivileged user in a virtual;machine could use this flaw to cause a local denial of service or escalate;their privileges within that virtual machine. (CVE-2009-3290);;All KVM users should upgrade to these updated packages, which contain;backported patches to resolve these issues. Note: The procedure in the
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1465. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. The kvm_emulate_hypercall() implementation was missing a check for the Current Privilege Level (CPL). A local, unprivileged user in a virtual machine could use this flaw to cause a local denial of service or escalate their privileges within that virtual machine. (CVE-2009-3290) All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues. Note: The procedure in the Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3290 http://www.openwall.com/lists/oss-security/2009/09/18/1 http://www.openwall.com/lists/oss-security/2009/09/21/1 http://www.openwall.com/lists/oss-security/2009/09/22/8 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11328 http://www.redhat.com/support/errata/RHSA-2009-1465.html http://secunia.com/advisories/37105 http://www.ubuntu.com/usn/USN-852-1
Copyright	Copyright (C) 2009 E-Soft Inc.