| Description: | Summary:
The remote host is missing an update to kernel
announced via advisory FEDORA-2009-8144.
Note: This VT has been deprecated and is therefore no longer functional.
Vulnerability Insight:
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
Update Information:
Fix security bugs: CVE-2009-1895 CVE-2009-2406 CVE-2009-2407
ChangeLog:
* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.3
- Don't optimize away NULL pointer tests where pointer is used before the test.
(CVE-2009-1897)
* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.2
- Fix mmap_min_addr security bugs (CVE-2009-1895)
* Wed Jul 29 2009 Chuck Ebbert 2.6.29.6-217.2.1
- Fix eCryptfs overflow issues (CVE-2009-2406, CVE-2009-2407)
* Thu Jul 23 2009 Kyle McMartin 2.6.29.6-217
- Apply three patches requested by sgruszka@redhat.com:
- iwl3945-release-resources-before-shutting-down.patch
- iwl3945-add-debugging-for-wrong-command-queue.patch
- iwl3945-fix-rfkill-sw-and-hw-mishmash.patch
* Thu Jul 23 2009 Jarod Wilson
- virtio_blk: don't bounce highmem requests, works around a frequent
oops in kvm guests using virtio block devices (#510304)
* Wed Jul 22 2009 Tom spot Callaway
- We have to override the new %install behavior because, well... the kernel is
special.
* Wed Jul 22 2009 Ben Skeggs
- drm-nouveau.patch: Fix DPMS off for DAC outputs, NV4x PFIFO typo
Solution:
Apply the appropriate updates.
This update can be installed with the yum update program. Use
su -c 'yum update kernel' at the command line.
CVSS Score:
7.2
CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
