8 matches found
SUSE CVE-2009-3556
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when NPort ID Virtualization NPIV hardware is used, sets world-writable permissions for the 1 vportcreate and 2 vportdelete files under /sys/class/scsihost/, which allows loc...
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6810)
This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed : - Two sysfs filers in the qla2xxx driver were worldwriteable, so users could change SCSI attributes of the qla2xxx driver. CVE-2009-4536:...
VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates
a. Service Console update for COS kernel Updated COS package 'kernel' addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286,...
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6806)
This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed : - Two sysfs filers in the qla2xxx driver were worldwriteable, so users could change SCSI attributes of the qla2xxx driver. CVE-2009-4536:...
CVE-2009-3556
The CVE-2009-3556 issue is confirmed in multiple connected sources: a Red Hat qla2xxx NPIV-related configuration step in the Linux kernel (2.6.18 on RHEL5) leaves /sys/class/scsi_host/vport_create and /sys/class/scsi_host/vport_delete world-writable, enabling local users to alter SCSI host attrib...
Red Hat Linux内核'qla2xxx'驱动安全绕过漏洞
Bugraq ID: 37876 CVE ID:CVE-2009-3556 Red Hat是一款流行的Linux发行版本。 qla2xxx驱动支持NPort ID Virtualization NPIV,它增加了两个新的sysfs pseudo文件:"/sys/class/scsihost/a qla2xxx host/vportcreate"和"vportdelete",这两个文件默认全局可写,允许本地用户更改SCSI主机属性。 此漏洞仅影响使用qla2xxx驱动和NPIV硬件。 RedHat Enterprise Linux EUS 5.4.z server RedHat...
CentOS 5 : kernel (CESA-2010:0046)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...