RHSA-2010:0019: Important: kernel security update

First published: Thu Jan 07 2010(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> a flaw was found in the IPv6 Extension Header (EH) handling</li> implementation in the Linux kernel. The skb-&gt;dst data structure was not<br>properly validated in the ipv6_hop_jumbo() function. This could possibly<br>lead to a remote denial of service. (CVE-2007-4567, Important)<br><li> a flaw was found in each of the following Intel PRO/1000 Linux drivers in</li> the Linux kernel: e1000 and e1000e. A remote attacker using packets larger<br>than the MTU could bypass the existing fragment check, resulting in<br>partial, invalid frames being passed to the network stack. These flaws<br>could also possibly be used to trigger a remote denial of service.<br>(CVE-2009-4536, CVE-2009-4538, Important)<br><li> a flaw was found in the Realtek r8169 Ethernet driver in the Linux</li> kernel. Receiving overly-long frames with network cards supported by this<br>driver could possibly result in a remote denial of service. (CVE-2009-4537,<br>Important)<br>Users should upgrade to these updated packages, which contain backported<br>patches to correct these issues. The system must be rebooted for this<br>update to take effect.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/severity
• agent/references
• agent/type
• agent/first-publish-date
• agent/softwarecombine
• agent/last-modified-date
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2010:0019
• agent/software-canonical-lookup
• agent/title
• agent/remedy
• agent/description
• agent/event
• agent/trending
• agent/tags
• agent/source
• package-manager/redhat