RHSA-2010:0019: Important security update
93
* a buffer overflow flaw was found in the hfs_bnode_read() function in the HFS file system
implementation. This could lead to a denial of service if a user browsed a specially-crafted HFS file
system, for example, by running "ls". (
CVE-2009-4020
608
, Low)
Bug fix documentation for this update will be available shortly from www.redhat.com/docs/en-US/
errata/RHSA-2010-0046/Kernel_Security_Update/ index.html
Users should upgrade to these updated packages, which contain backported patches to correct these
issues. The system must be rebooted for this update to take effect.
1.88.3. RHSA-2010:0019: Important security update
Important
This update has already been released (prior to the GA of this release) as the security
errata
RHSA-2010:0019
609
Updated kernel packages that fix multiple security issues are now available for Red Hat Enterprise
Linux 5.
This update has been rated as having important security impact by the Red Hat Security Response
Team.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issues:
* a flaw was found in the IPv6 Extension Header (EH) handling implementation in the Linux kernel.
The skb->dst data structure was not properly validated in the ipv6_hop_jumbo() function. This could
possibly lead to a remote denial of service. (
CVE-2007-4567
610
, Important)
* a flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000
and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment
check, resulting in partial, invalid frames being passed to the network stack. These flaws could
also possibly be used to trigger a remote denial of service. (
CVE-2009-4536
611
,
CVE-2009-4538
612
,
Important)
* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. Receiving overly-long
frames with network cards supported by this driver could possibly result in a remote denial of service.
(
CVE-2009-4537
613
, Important)
Users should upgrade to these updated packages, which contain backported patches to correct these
issues. The system must be rebooted for this update to take effect.
608
https://www.redhat.com/security/data/cve/CVE-2009-4020.html
610
https://www.redhat.com/security/data/cve/CVE-2007-4567.html
611
https://www.redhat.com/security/data/cve/CVE-2009-4536.html
612
https://www.redhat.com/security/data/cve/CVE-2009-4538.html
613
https://www.redhat.com/security/data/cve/CVE-2009-4537.html
Содержание ENTERPRISE LINUX 5.5 - S 2010
Страница 10: ...x ...
Страница 308: ...298 ...
Страница 310: ...300 ...
Страница 468: ...458 ...
Страница 470: ...460 ...