[Ksplice][RHEL 5 Updates] New updates available via Ksplice
Tim Abbott
tabbott at ksplice.com
Wed Sep 30 14:10:14 PDT 2009
Synopsis: RHSA-2009:1455-1 can now be patched using Ksplice
CVEs: CVE-2009-2849
Red Hat Security Advisory Severity: Moderate
Systems running Red Hat Enterprise Linux 5 and CentOS 5 can now use
Ksplice to patch against the latest Red Hat Security Advisory,
RHSA-2009:1455-1.
INSTALLING THE UPDATES
We recommend that all Ksplice Uptrack RHEL 5 and CentOS 5 users install
these updates. You can install these updates by running:
# uptrack-upgrade -y
DESCRIPTION
* CVE-2009-2849: NULL pointer dereference in md.
Neil Brown discovered an issue in the sysfs interface to md
devices. When md arrays are not active, local users can exploit this
vulnerability to cause a denial of service or gain escalated
privileges. Note: By default, unprivileged users do not have write
access to the relevant sysfs files.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Ksplice-EL5-Updates
mailing list