RHSA-2008:0787: Important: kernel security update

First published: Mon Jan 05 2009(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>These updated packages fix the following security issues:<br><li> a flaw was found in the IPv4 forwarding base that allowed a local,</li> unprivileged user to cause an out-of-bounds access. (CVE-2007-2172,<br>Important)<br><li> a flaw was found in the handling of process death signals. This allowed a</li> local, unprivileged user to send arbitrary signals to the suid-process<br>executed by that user. Successful exploitation of this flaw depended on the<br>structure of the suid-program and its signal handling. (CVE-2007-3848,<br>Important)<br><li> when accessing kernel memory locations, certain Linux kernel drivers</li> registering a fault handler did not perform required range checks. A local,<br>unprivileged user could use this flaw to gain read or write access to<br>arbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007,<br>Important)<br><li> a possible kernel memory leak was found in the Linux kernel Simple</li> Internet Transition (SIT) INET6 implementation. This could allow a local,<br>unprivileged user to cause a denial of service. (CVE-2008-2136, Important)<br><li> missing capability checks were found in the SBNI WAN driver which could</li> allow a local, unprivileged user to bypass intended capability<br>restrictions. (CVE-2008-3525, Important)<br><li> a flaw was found in the way files were written using truncate() or</li> ftruncate(). This could allow a local, unprivileged user to acquire the<br>privileges of a different group and obtain access to sensitive information.<br>(CVE-2008-4210, Important)<br><li> a flaw was found in the ELF handling on Itanium-based systems. This</li> triggered a cross-region memory-mapping and allowed a local, unprivileged<br>user to cause a local denial of service. (CVE-2006-4538, Moderate)<br><li> a race condition in the mincore system core allowed a local, unprivileged</li> user to cause a local denial of service (system hang). (CVE-2006-4814,<br>Moderate)<br><li> a flaw was found in the aacraid SCSI driver. This allowed a local,</li> unprivileged user to make ioctl calls to the driver which should otherwise<br>be restricted to privileged users. (CVE-2007-4308, Moderate)<br><li> two buffer overflow flaws were found in the Integrated Services Digital</li> Network (ISDN) subsystem. A local, unprivileged user could use these flaws<br>to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)<br><li> a flaw was found in the way core dump files were created. If a local,</li> unprivileged user could make a root-owned process dump a core file into a<br>user-writable directory, the user could gain read access to that core file,<br>potentially compromising sensitive information. (CVE-2007-6206, Moderate)<br><li> a deficiency was found in the Linux kernel virtual file system (VFS)</li> implementation. This could allow a local, unprivileged user to attempt file<br>creation within deleted directories, possibly causing a local denial of<br>service. (CVE-2008-3275, Moderate)<br>All users of Red Hat Enterprise Linux 2.1 on 64-bit architectures should<br>upgrade to these updated packages, which contain backported patches to<br>resolve these issues.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2008:0787
• agent/references
• agent/severity
• agent/weakness
• agent/type
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/title
• agent/remedy
• agent/softwarecombine
• agent/tags
• agent/description
• agent/guess-ai
• agent/software-canonical-lookup