[Linux-admin] recent vulnerabilities in the Linux kernel
rlukens at jlab.org
Thu Nov 5 10:40:41 EST 2009
A couple of vulnerabilities have been reported in the Linux kernel.
Redhat has posted a fix which will be distributed on site through our
standard patch update process on Tuesday, November 17 (see
Please reboot your JLab-managed Linux machines on Wednesday, Nov 18, to
make the update complete.
If you are not running the Lab's standard Red Hat distribution, please
check you vendor's patch notices for a kernel update.
Details on the vulnerability can be found at the following URLs:
Robert J. Lukens Jefferson Lab
Computer Security Manager 12000 Jefferson Ave - Suite #7
Newport News VA 23606
rlukens at jlab.org 757-269-6376 USA
-------- Original Message --------
> Subject: [TAM Newsletter] Proactive Notification: Local privilege
> escalation - CVE-2009-3547 and CVE-2009-2695
> Date: Wed, 04 Nov 2009 10:16:25 -0500
> From: tam-newsletter at redhat.com
> Reply-To: tam-newsletter at redhat.com
> To: tam-newsletter at redhat.com
> kernel: fs: pipe.c null pointer dereference (CVE-2009-3547)
> kernel: SELinux and mmap_min_addr (CVE-2009-2695)
> Those Affected:
> All currently supported versions of Red Hat Enterprise Linux
> including MRG
> MRG: https://rhn.redhat.com/errata/RHSA-2009-1540.html
> RHEL 5: https://rhn.redhat.com/errata/RHSA-2009-1548.html
> RHEL 4: https://rhn.redhat.com/errata/RHSA-2009-1541.html
> RHEL 3: https://rhn.redhat.com/errata/RHSA-2009-1550.html
> Two NULL pointer dereference vulnerabilities were made public on
> November 3rd. Either could allow users with access to a system to
> elevate their privledges. They are rated by the Red Hat Security
> Response Team with a security impact of "Important". Several other
> bugs and security issues are also addressed with the updated kernels.
> All users of Red Hat Enterprise Linux are encouraged to updated their
> kernels. if you have questions or need more information, please
> contact your TAM.
> The TAM newsletter is provided by Red Hat Global Support Services to
> better serve our customers. Red Hat would like your opinion on the
> services you have been receiving and the value of this newsletter.
> Please submit your feedback via email to taofeedback at redhat.com If you
> would like to unsubscribe or change your subscription information,
> please visit the link below.
> Tam-newsletter mailing list
> Tam-newsletter at redhat.com
More information about the Linux-admin