Test ID:	1.3.6.1.4.1.25623.1.0.61073
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2008:109 (kernel)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kernel announced via advisory MDVSA-2008:109. A vulnerability was discovered and corrected in the Linux 2.6 kernel: The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. (CVE-2008-1675) Additionaly, some fixes were made, related to: iwlwifi (small bug interacting with drakconnect interface detection), brightness handling on EeePc, uvcvideo on Thinkpad X300, sound for TOSHIBA Satellite Pro A200 and A210, RealTek 8169 ethernet, unionfs, and more. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Affected: 2008.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:109 Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1675 1019960 http://www.securitytracker.com/id?1019960 20080502 rPSA-2008-0157-1 kernel http://www.securityfocus.com/archive/1/491566/100/0/threaded 20080507 rPSA-2008-0157-1 kernel http://www.securityfocus.com/archive/1/491732/100/0/threaded 29014 http://www.securityfocus.com/bid/29014 30017 http://secunia.com/advisories/30017 30044 http://secunia.com/advisories/30044 30260 http://secunia.com/advisories/30260 30515 http://secunia.com/advisories/30515 ADV-2008-1406 http://www.vupen.com/english/advisories/2008/1406/references FEDORA-2008-3873 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00232.html MDVSA-2008:109 http://www.mandriva.com/security/advisories?name=MDVSA-2008:109 MDVSA-2008:167 http://www.mandriva.com/security/advisories?name=MDVSA-2008:167 USN-614-1 https://usn.ubuntu.com/614-1/ [linux-kernel] 20080429 [04/12] tehuti: check register size (CVE-2008-1675) http://marc.info/?l=linux-kernel&m=120949582428998&w=2 [linux-kernel] 20080429 [26/37] tehuti: check register size (CVE-2008-1675) http://marc.info/?l=linux-kernel&m=120949204519706&w=2 [linux-kernel] 20080429 [27/37] tehuti: move ioctl perm check closer to function start http://marc.info/?l=linux-kernel&m=120949204619718&w=2 http://wiki.rpath.com/Advisories:rPSA-2008-0157 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0157 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.1 https://issues.rpath.com/browse/RPL-2501 linux-kernel-tehuti-bo(42132) https://exchange.xforce.ibmcloud.com/vulnerabilities/42132
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.