[Ksplice][RHEL 5 Updates] New updates available via Ksplice

Tim Abbott tabbott at ksplice.com
Wed Nov 4 21:47:29 PST 2009 

Synopsis: RHSA-2009:1548-1 can now be patched using Ksplice
CVEs: CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613
Red Hat Security Advisory Severity: Important

Systems running Red Hat Enterprise Linux 5 and CentOS 5 can now use 
Ksplice to patch against the latest Red Hat Security Advisory, 
RHSA-2009:1548-1

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack RHEL 5 and CentOS 5 users install 
these updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* CVE-2009-2695: SELinux does not enforce mmap_min_addr sysctl.

A system with SELinux enforced was more permissive in allowing local
users to map low memory areas, even if the mmap_min_addr restriction
was enabled. This could aid in the local exploitation of NULL pointer
dereference bugs.

* CVE-2009-3547: NULL pointer dereference opening pipes.

A race condition when opening a pipe could result in a NULL pointer
dereference, potentially resulting in a denial of servce or privilege
escalation attack.

* CVE-2009-2908: NULL pointer dereference in eCryptfs.

A programming error in eCryptfs could result in a NULL pointer
dereference after deleting certain files, which could potentially be
exploited by a local user to lead to denial of service or privilege
escalation.

* CVE-2009-3613: Remote denial of service in r8169 driver.

A programming error in the r8169 driver could result in the Linux
kernel leaking PCI device resources, leading to a denial of
service.

* CVE-2009-3228: Information leaks in networking systems.

Padding data in several core network structures was not initialized
properly before being sent to user-space. These flaws could lead to
information leaks.

* CVE-2009-3286: Incorrect permissions check in NFSv4.

Linux's NFSv4 server implementation sometimes performs an unnecessary
permission check after creating a file. This check can fail, leaving
the file with the permission bits set to random values. This could
potentially by exploited by clients to gain inappropriate
access.

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the Ksplice-EL5-Updates mailing list