Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64835
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:1438
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates to the Linux kernel announced in
advisory RHSA-2009:1438.

This update fixes the following security issues:

* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a
setuid or setgid program was executed. A local, unprivileged user could use
this flaw to bypass the mmap_min_addr protection mechanism and perform a
NULL pointer dereference attack, or bypass the Address Space Layout
Randomization (ASLR) security feature. (CVE-2009-1895, Important)

* it was discovered that, when executing a new process, the clear_child_tid
pointer in the Linux kernel is not cleared. If this pointer points to a
writable portion of the memory of the new program, the kernel could corrupt
four bytes of memory, possibly leading to a local denial of service or
privilege escalation. (CVE-2009-2848, Important)

* Solar Designer reported a missing capability check in the z90crypt driver
in the Linux kernel. This missing check could allow a local user with an
effective user ID (euid) of 0 to bypass intended capability restrictions.
(CVE-2009-1883, Moderate)

* a flaw was found in the way the do_sigaltstack() function in the Linux
kernel copies the stack_t structure to user-space. On 64-bit machines, this
flaw could lead to a four-byte information leak. (CVE-2009-2847, Moderate)

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-1438.html
http://www.redhat.com/security/updates/classification/#important

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1883
http://www.openwall.com/lists/oss-security/2009/09/15/1
http://www.openwall.com/lists/oss-security/2009/09/15/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9513
http://www.redhat.com/support/errata/RHSA-2009-1438.html
http://secunia.com/advisories/36759
http://secunia.com/advisories/37105
SuSE Security Announcement: SUSE-SA:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://www.ubuntu.com/usn/USN-852-1
Common Vulnerability Exposure (CVE) ID: CVE-2009-1895
BugTraq ID: 35647
http://www.securityfocus.com/bid/35647
Bugtraq: 20090724 rPSA-2009-0111-1 kernel (Google Search)
http://www.securityfocus.com/archive/1/505254/100/0/threaded
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Bugtraq: 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (Google Search)
http://www.securityfocus.com/archive/1/512019/100/0/threaded
Debian Security Information: DSA-1844 (Google Search)
http://www.debian.org/security/2009/dsa-1844
Debian Security Information: DSA-1845 (Google Search)
http://www.debian.org/security/2009/dsa-1845
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00223.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00166.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html
http://www.osvdb.org/55807
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11768
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7826
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9453
http://www.redhat.com/support/errata/RHSA-2009-1193.html
RedHat Security Advisories: RHSA-2009:1540
https://rhn.redhat.com/errata/RHSA-2009-1540.html
RedHat Security Advisories: RHSA-2009:1550
https://rhn.redhat.com/errata/RHSA-2009-1550.html
http://secunia.com/advisories/35801
http://secunia.com/advisories/36045
http://secunia.com/advisories/36051
http://secunia.com/advisories/36054
http://secunia.com/advisories/36116
http://secunia.com/advisories/36131
http://secunia.com/advisories/37471
http://www.ubuntu.com/usn/usn-807-1
http://www.vupen.com/english/advisories/2009/1866
http://www.vupen.com/english/advisories/2009/3316
Common Vulnerability Exposure (CVE) ID: CVE-2009-2847
http://www.exploit-db.com/exploits/9352
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html
http://www.openwall.com/lists/oss-security/2009/08/04/1
http://www.openwall.com/lists/oss-security/2009/08/05/1
http://www.openwall.com/lists/oss-security/2009/08/26/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10637
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8405
RedHat Security Advisories: RHSA-2009:1243
http://rhn.redhat.com/errata/RHSA-2009-1243.html
http://secunia.com/advisories/36136
http://secunia.com/advisories/36501
http://secunia.com/advisories/36562
Common Vulnerability Exposure (CVE) ID: CVE-2009-2848
http://article.gmane.org/gmane.linux.kernel/871942
http://www.openwall.com/lists/oss-security/2009/08/04/2
http://www.openwall.com/lists/oss-security/2009/08/05/10
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11412
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8598
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9766
http://secunia.com/advisories/35983
http://secunia.com/advisories/37351
SuSE Security Announcement: SUSE-SA:2009:054 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00005.html
SuSE Security Announcement: SUSE-SA:2009:056 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00007.html
SuSE Security Announcement: SUSE-SA:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
XForce ISS Database: kernel-execve-dos(52899)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52899
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.