Lucene search

RedHat Security Advisory RHSA-2009:1077

RedHat kernel update for RHSA-2009:107

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 121
OSV	RHSA-2009:1077 Red Hat Security Advisory: kernel security and bug fix update	15 Sep 202417:43	–	osv
OSV	RHSA-2009:1024 Red Hat Security Advisory: Red Hat Enterprise Linux 4.8 kernel security and bug fix update	15 Sep 202417:43	–	osv
OSV	RHSA-2009:0473 Red Hat Security Advisory: kernel security and bug fix update	15 Sep 202417:53	–	osv
OSV	RHSA-2009:0451 Red Hat Security Advisory: kernel-rt security and bug fix update	13 Sep 202406:45	–	osv
OSV	DSA-1794-1 linux-2.6 - multiple vulnerabilities	6 May 200900:00	–	osv
OSV	RHSA-2009:1550 Red Hat Security Advisory: kernel security and bug fix update	13 Sep 202406:45	–	osv
OSV	DSA-1800-1 linux-2.6 user-mode-linux - several vulnerabilities	15 May 200900:00	–	osv
OSV	DSA-1787-1 linux-2.6.24 - several vulnerabilities	2 May 200900:00	–	osv
RedHat Linux	(RHSA-2009:1024) Important: Red Hat Enterprise Linux 4.8 kernel security and bug fix update	18 May 200916:01	–	redhat
RedHat Linux	(RHSA-2009:1077) Important: kernel security and bug fix update	2 Jun 200900:00	–	redhat

Source	Link
redhat	www.redhat.com/security/updates/classification/
rhn	www.rhn.redhat.com/errata/RHSA-2009-1077.html

# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.64067");
  script_version("2024-03-21T05:06:54+0000");
  script_tag(name:"last_modification", value:"2024-03-21 05:06:54 +0000 (Thu, 21 Mar 2024)");
  script_tag(name:"creation_date", value:"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)");
  script_cve_id("CVE-2009-1336", "CVE-2009-1337");
  script_tag(name:"cvss_base", value:"4.9");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
  script_name("RedHat Security Advisory RHSA-2009:1077");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 E-Soft Inc.");
  script_family("Red Hat Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms", re:"ssh/login/release=RHENT_4");
  script_tag(name:"solution", value:"Please note that this update is available via
Red Hat Network.  To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date");
  script_tag(name:"summary", value:"The remote host is missing updates to the kernel announced in
advisory RHSA-2009:1077.

This update includes backported fixes for two approved security issues.
These issues only affected users of Red Hat Enterprise Linux 4.7 Extended
Update Support, as they have already been addressed for users of Red Hat
Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024.

  * the exit_notify() function in the Linux kernel did not properly reset the
exit signal if a process executed a set user ID (setuid) application before
exiting. This could allow a local, unprivileged user to elevate their
privileges. (CVE-2009-1337, Important)

  * the Linux kernel implementation of the Network File System (NFS) version
4 did not properly initialize the file name limit in the nfs_server data
structure. This flaw could possibly lead to a denial of service on a client
mounting an NFSv4 share. (CVE-2009-1336, Moderate)

Users should upgrade to these updated packages, which contain backported
patches to correct these issues. For this update to take effect, the system
must be rebooted.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"http://rhn.redhat.com/errata/RHSA-2009-1077.html");
  script_xref(name:"URL", value:"http://www.redhat.com/security/updates/classification/#important");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-hugemem", rpm:"kernel-hugemem~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-hugemem-devel", rpm:"kernel-hugemem-devel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xenU", rpm:"kernel-xenU~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xenU-devel", rpm:"kernel-xenU-devel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-largesmp", rpm:"kernel-largesmp~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-largesmp-devel", rpm:"kernel-largesmp-devel~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.9~78.0.24.EL", rls:"RHENT_4")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jun 2009 00:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS24.9

EPSS0.00256