Kernel: Important Security Bug Fix Update

Users of kernel please be advised of an Important security bug fix vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

RHSA-2010:0882-01: [RHSA-2010:0882-01] Important: kernel security and bug fix update
Product: Red Hat Enterprise Linux
Description:

The kernel packages contain the Linux kernel, the core of any Linux

operating system.

This update fixes the following security issues:

* An array index error was found in the gdth driver in the Linux kernel. A

local user could send a specially-crafted IOCTL request that would cause a

denial of service or, possibly, privilege escalation. (CVE-2009-3080,

Important)

* NULL pointer dereference flaws were found in the r128 driver in the Linux

kernel. Checks to test if the Concurrent Command Engine state was

initialized were missing in private IOCTL functions. An attacker could use

these flaws to cause a local denial of service or escalate their

privileges. (CVE-2009-3620, Important)

Read more at http://www.criticalwatch.com
 

Advertisements