[Ksplice][RHEL 4 Updates] New updates available via Ksplice (RHSA-2010:0474-1)
Tim Abbott
tabbott at ksplice.com
Thu Jun 17 19:51:34 PDT 2010
Synopsis: RHSA-2010:0474-1 can now be patched using Ksplice
CVEs: CVE-2009-3726 CVE-2010-1173 CVE-2010-1437 CVE-2009-3228
Red Hat Security Advisory Severity: Important
Systems running Red Hat Enterprise Linux 4 and CentOS 4 can now use
Ksplice to patch against the latest Red Hat Security Advisory,
RHSA-2010:0474-1.
INSTALLING THE UPDATES
We recommend that all Ksplice Uptrack RHEL 4 and CentOS 4 users install
these updates. You can install these updates by running:
# uptrack-upgrade -y
DESCRIPTION
* CVE-2010-1437: Privilege escalation in kernel key management.
A race condition between finding a keyring by name and destroying a freed
keyring was found in the Linux kernel key management facility. A local,
unprivileged user could use this flaw to cause a kernel panic (denial of
service) or escalate their privileges.
* CVE-2009-3726: NULL pointer dereference in NFSv4.
A NULL pointer dereference flaw was found in the Linux kernel NFSv4
implementation. Several of the NFSv4 file locking functions failed to
check whether a file had been opened on the server before performing
locking operations on it. A local, unprivileged user on a system with an
NFSv4 share mounted could possibly use this flaw to cause a kernel panic
(denial of service) or escalate their privileges.
* CVE-2010-1173: Remote denial of service in SCTP.
A flaw was found in the sctp_process_unk_param() function in the Linux
kernel Stream Control Transmission Protocol (SCTP) implementation. A
remote attacker could send a specially-crafted SCTP packet to an SCTP
listening port on a target system, causing a kernel panic (denial of
service).
* Enable mmap_min_addr hardening against privilege escalation attacks.
The mmap_min_addr sysctl prevents userspace processes from mapping the
very bottom of memory, as mitigation against userspace exploiting NULL
pointer dereference bugs in the kernel. Enable it on all kernel
configurations, not just CONFIG_SECURITY.
(This update is only available for kernels 2.6.9-89.0.9.EL or older, and
is not required on newer kernels.)
* CVE-2009-3228: Information leaks in networking systems.
Padding data in several core network structures was not initialized
properly before being sent to user-space. These flaws could lead to
information leaks. (CVE-2009-3228, Moderate)
(This update is only available for kernels 2.6.9-89.0.11.EL or older, and
is not required on newer kernels.)
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the RHEL4-Updates
mailing list