7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.113 Low
EPSS
Percentile
94.6%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
an array index error was found in the gdth driver in the Linux kernel. A
local user could send a specially-crafted IOCTL request that would cause a
denial of service or, possibly, privilege escalation. (CVE-2009-3080,
Important)
a flaw was found in the collect_rx_frame() function in the HiSax ISDN
driver (hfc_usb) in the Linux kernel. An attacker could use this flaw to
send a specially-crafted HDLC packet that could trigger a buffer out of
bounds, possibly resulting in a denial of service. (CVE-2009-4005,
Important)
permission issues were found in the megaraid_sas driver (for SAS based
RAID controllers) in the Linux kernel. The “dbg_lvl” and “poll_mode_io”
files on the sysfs file system (“/sys/”) had world-writable permissions.
This could allow local, unprivileged users to change the behavior of the
driver. (CVE-2009-3889, CVE-2009-3939, Moderate)
a buffer overflow flaw was found in the hfs_bnode_read() function in the
HFS file system implementation in the Linux kernel. This could lead to a
denial of service if a user browsed a specially-crafted HFS file system,
for example, by running “ls”. (CVE-2009-4020, Low)
This update also fixes the following bugs:
if a process was using ptrace() to trace a multi-threaded process, and
that multi-threaded process dumped its core, the process performing the
trace could hang in wait4(). This issue could be triggered by running
“strace -f” on a multi-threaded process that was dumping its core,
resulting in the strace command hanging. (BZ#555869)
a bug in the ptrace() implementation could have, in some cases, caused
ptrace_detach() to create a zombie process if the process being traced
was terminated with a SIGKILL signal. (BZ#555869)
the RHSA-2010:0020 update resolved an issue (CVE-2009-4537) in the
Realtek r8169 Ethernet driver. This update implements a better solution for
that issue. Note: This is not a security regression. The original fix was
complete. This update is adding the official upstream fix. (BZ#556406)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | kernel-devel | < 2.6.9-89.0.20.EL | kernel-devel-2.6.9-89.0.20.EL.s390x.rpm |
RedHat | any | s390 | kernel | < 2.6.9-89.0.20.EL | kernel-2.6.9-89.0.20.EL.s390.rpm |
RedHat | any | ia64 | kernel-devel | < 2.6.9-89.0.20.EL | kernel-devel-2.6.9-89.0.20.EL.ia64.rpm |
RedHat | any | x86_64 | kernel-largesmp-devel | < 2.6.9-89.0.20.EL | kernel-largesmp-devel-2.6.9-89.0.20.EL.x86_64.rpm |
RedHat | any | i686 | kernel-devel | < 2.6.9-89.0.20.EL | kernel-devel-2.6.9-89.0.20.EL.i686.rpm |
RedHat | any | x86_64 | kernel-largesmp | < 2.6.9-89.0.20.EL | kernel-largesmp-2.6.9-89.0.20.EL.x86_64.rpm |
RedHat | any | src | kernel | < 2.6.9-89.0.20.EL | kernel-2.6.9-89.0.20.EL.src.rpm |
RedHat | any | ia64 | kernel | < 2.6.9-89.0.20.EL | kernel-2.6.9-89.0.20.EL.ia64.rpm |
RedHat | any | s390x | kernel | < 2.6.9-89.0.20.EL | kernel-2.6.9-89.0.20.EL.s390x.rpm |
RedHat | any | i686 | kernel-xenu | < 2.6.9-89.0.20.EL | kernel-xenU-2.6.9-89.0.20.EL.i686.rpm |