- Vulnerability/
- RHSA-2010:0019
RHSA-2010:0019: Important: kernel security update
First published: Thu Jan 07 2010(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> a flaw was found in the IPv6 Extension Header (EH) handling</li> implementation in the Linux kernel. The skb->dst data structure was not<br>properly validated in the ipv6_hop_jumbo() function. This could possibly<br>lead to a remote denial of service. (CVE-2007-4567, Important)<br><li> a flaw was found in each of the following Intel PRO/1000 Linux drivers in</li> the Linux kernel: e1000 and e1000e. A remote attacker using packets larger<br>than the MTU could bypass the existing fragment check, resulting in<br>partial, invalid frames being passed to the network stack. These flaws<br>could also possibly be used to trigger a remote denial of service.<br>(CVE-2009-4536, CVE-2009-4538, Important)<br><li> a flaw was found in the Realtek r8169 Ethernet driver in the Linux</li> kernel. Receiving overly-long frames with network cards supported by this<br>driver could possibly result in a remote denial of service. (CVE-2009-4537,<br>Important)<br>Users should upgrade to these updated packages, which contain backported<br>patches to correct these issues. The system must be rebooted for this<br>update to take effect.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-debug | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-debug-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-doc | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-headers | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-xen | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-xen-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-debug | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-debug-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-headers | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-xen | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-xen-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-kdump | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
| redhat/kernel-kdump-devel | <2.6.18-164.10.1.el5 | 2.6.18-164.10.1.el5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=548641
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=550907
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=551214
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=552126
- http://www.redhat.com/security/updates/classification/#important
- https://access.redhat.com/errata/RHSA-2010:0019 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2010:0019
- agent/software-canonical-lookup
- package-manager/redhat