| Beschreibung: | Description:
The remote host is missing updates announced in
advisory RHSA-2009:1672.
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* a system with SELinux enforced was more permissive in allowing local
users in the unconfined_t domain to map low memory areas even if the
mmap_min_addr restriction was enabled. This could aid in the local
exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)
* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and
pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could
be released by other processes before it is used to update the pipe's
reader and writer counters. This could lead to a local denial of service or
privilege escalation. (CVE-2009-3547, Important)
This update also fixes the following bug:
* a bug in the IPv6 implementation in the Linux kernel could have caused an
unbalanced reference count. When using network bonding, this bug may have
caused a hang when shutting the system down via shutdown -h, or prevented
the network service from being stopped via service network stop.
(BZ#538409)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2009-1672.html
http://www.redhat.com/security/updates/classification/#important
http://kbase.redhat.com/faq/docs/DOC-20481
http://kbase.redhat.com/faq/docs/DOC-18042
Risk factor : High
CVSS Score:
7.2
|
