close
Pourquoi s'enregistré ... Pour bénéficié de plein d'avantage, plus l'accès à des partis du site qui ne sont accessible qu'aux membres. L'inscription n'est pas une obligation.

       
Mot de passe oublié?    Identifiant oublié?    Créer un compte

Si toute fois vous avez envies de vous inscrire, donner une adresse e-mail valide, car il vous seras envoyer un mail de confirmation d'ouverture de compte. Merci.
Top Panel
Login
Top Panel

Pin-Up

Recherche Google

Publicité

[Security Announce] [ MDVSA-2010:034-2 ] kernel PDF Imprimer Envoyer
(0 Votes)
Écrit par Administrator   
Mercredi, 16 Juin 2010 16:26

_______________________________________________________________________

Mandriva Linux Security Advisory                       MDVSA-2010:034-2
http://www.mandriva.com/security/
_______________________________________________________________________

Package : kernel
Date    : February 18, 2010
Affected: Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:

Array index error in the gdth_read_event function in  drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows  local users to cause a denial of service or possibly gain privileges  via a negative event index in an IOCTL request. (CVE-2009-3080)

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the  Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified  impact via a crafted HDLC packet that arrives over ISDN and triggers  a buffer under-read. (CVE-2009-4005)

Additionally, the Linux kernel was updated to the stable release  2.6.27.45.

To update your kernel, please follow the directions located at:

http://www.mandriva.com/en/security/kernelupdate

Update:

The nvidia173-kernel x86_64 packages was missing with MDVSA-2010:034  for the Enterprise 5 product. This advisory provides the missing  packages.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4005
https://qa.mandriva.com/55826
https://qa.mandriva.com/55823
_______________________________________________________________________

Updated Packages:

Mandriva Enterprise Server 5/X86_64:
0779d5654b351427c470e36ffe5248a4  mes5/x86_64/nvidia173-kernel-2.6.27.45-desktop-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
b22dbcfda9d8239460e9a27483e90067  mes5/x86_64/nvidia173-kernel-2.6.27.45-server-1mnb-173.14.12-4mdv2009.0.x86_64.rpm
090ccae6731eedcc2aeef3bb6db41d3b  mes5/x86_64/nvidia173-kernel-desktop-latest-173.14.12-1.20100218.4mdv2009.0.x86_64.rpm
0029c41881af4e801a4355533bc791ca  mes5/x86_64/nvidia173-kernel-server-latest-173.14.12-1.20100218.4mdv2009.0.x86_64.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Submit to Delicious Submit to Facebook Submit to Google Bookmarks Submit to Technorati Submit to Twitter Submit to LinkedIn

 

Ajouter un Commentaire


Code de sécurité
Rafraîchir

maps.amung.us

www.geo-loc.com

Publicité

Browse the web faster with Firefox