Beschreibung: | Description: The remote host is missing updates to the kernel announced in advisory RHSA-2009:0326.
Security fixes:
* memory leaks were found on some error paths in the icmp_send() function in the Linux kernel. This could, potentially, cause the network connectivity to cease. (CVE-2009-0778, Important)
* Chris Evans reported a deficiency in the clone() system call when called with the CLONE_PARENT flag. This flaw permits the caller (the parent process) to indicate an arbitrary signal it wants to receive when its child process exits. This could lead to a denial of service of the parent process. (CVE-2009-0028, Moderate)
* an off-by-one underflow flaw was found in the eCryptfs subsystem. This could potentially cause a local denial of service when the readlink() function returned an error. (CVE-2009-0269, Moderate)
* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size files in /sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)
* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN capability was absent (local, unprivileged users could reset driver statistics). (CVE-2009-0675, Moderate)
* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure. (CVE-2009-0676, Moderate)
* the ext2 and ext3 file system code failed to properly handle corrupted data structures, leading to a possible local denial of service when read or write operations were performed on a specially-crafted file system. (CVE-2008-3528, Low)
* a deficiency was found in the libATA implementation. This could, potentially, lead to a local denial of service. Note: by default, the /dev/sg* devices are accessible only to the root user. (CVE-2008-5700, Low)
All users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2009-0326.html http://www.redhat.com/security/updates/classification/#important http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Release_Notes/index.html#d0e497
CVSS Score: 7.1
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
|