[Ksplice][RHEL 4 Updates] New updates available via Ksplice (RHSA-2010:0076-1)

Nelson Elhage nelhage at ksplice.com
Wed Feb 3 12:55:27 PST 2010 

Synopsis: RHSA-2010:0076-1 can now be patched using Ksplice
CVEs: CVE-2009-3080 CVE-2009-4005 CVE-2009-4020
Red Hat Security Advisory Severity: Important

Systems running Red Hat Enterprise Linux 4 and CentOS 4 can now use
Ksplice to patch against the latest Red Hat Security Advisory,
RHSA-2010:0076-1.

INSTALLING THE UPDATES

We recommend that all Ksplice Uptrack RHEL 4 and CentOS 4 users
install these updates.  You can install these updates by running:

# uptrack-upgrade -y

DESCRIPTION

* Process hang in ptrace() on multi-threaded process.

If a process was using ptrace() to trace a multi-threaded process, and
that multi-threaded process dumped its core, the process performing
the trace could hang in wait4(). This issue could be triggered by
running "strace -f" on a multi-threaded process that was dumping its
core, resulting in the strace command hanging.


* ptrace() leaking zombie processes.

A bug in the ptrace() implementation could have, in some cases, caused
ptrace_detach() to create a zombie process if the process being traced
was terminated with a SIGKILL signal.


* CVE-2009-4005: Buffer overflow in HDLC driver.

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the
Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified
impact via a crafted HDLC packet that arrives over ISDN and triggers a
buffer under-read (CVE-2009-4005, Important).


* CVE-2009-4020: Buffer overflow mounting corrupted hfs filesystem.

A buffer overflow flaw was found in the hfs_bnode_read() function in
the HFS file system implementation.  This could lead to a denial of
service if a user browsed a specially-crafted HFS file system, for
example, by running "ls" (CVE-2009-4020, Low).


* CVE-2009-3080: Privilege Escalation in GDT driver.

An array index error in the GDT SCSI driver in the Linux kernel before
2.6.32-rc8 allows local users to cause a denial of service or possibly
gain privileges via a negative event index in an IOCTL request
(CVE-2009-3080, Important).

SUPPORT

Ksplice support is available at support at ksplice.com or +1 765-577-5423.

More information about the RHEL4-Updates mailing list