Vulnerabilities > CVE-2009-1758 - Resource Management Errors vulnerability in XEN

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

linux

xen

CWE-399

nessus

NVD

Published: 2009-05-22

Updated: 2017-09-29

Summary

The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges."

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 2.6.18 Linux Linux Kernel 2.6.30	2
Application	Xen XEN XEN 2.0 XEN XEN 3.0.2 XEN XEN 3.0.3 XEN XEN 3.0.4 XEN XEN 3.1.2 XEN XEN 3.1.3 XEN XEN 3.1.4 XEN XEN 3.2 XEN XEN 3.2.0 XEN XEN 3.2.1 XEN XEN 3.2.2 XEN XEN 3.2.3 XEN XEN 3.3.0 XEN XEN *	14

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	SuSE Local Security Checks
NASL id	SUSE_KERNEL-6439.NASL
description	This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. (No cve yet) A information leak from using sigaltstack was fixed. Enabled -fno-delete-null-pointer-checks to avoid optimizing away NULL pointer checks and fixed Makefiles to make sure -fwrapv is used everywhere. CVE-2009-1758: The hypervisor_callback function in Xen allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in
last seen	2020-06-01
modified	2020-06-02
plugin id	41540
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/41540
title	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6439)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20090630_KERNEL_ON_SL4_X.NASL
description	These updated packages fix the following security issues : - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important) - the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate) - a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service. (CVE-2009-1385, Important) - the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) - Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) - a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) - a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) These updated packages also fix the following bugs : -
last seen	2020-06-01
modified	2020-06-02
plugin id	60609
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60609
title	Scientific Linux Security Update : kernel on SL4.x i386/x86_64

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20090616_KERNEL_ON_SL5_X.NASL
description	Security fixes : - several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important) - the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) - Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) - a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) - a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) Bug fixes : - a race in the NFS client between destroying cached access rights and unmounting an NFS file system could have caused a system crash.
last seen	2020-06-01
modified	2020-06-02
plugin id	60599
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60599
title	Scientific Linux Security Update : kernel on SL5.x i386/x86_64

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1809.NASL
description	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1630 Frank Filz discovered that local users may be able to execute files without execute permission when accessed via an nfs4 mount. - CVE-2009-1633 Jeff Layton and Suresh Jayaraman fixed several buffer overflows in the CIFS filesystem which allow remote servers to cause memory corruption. - CVE-2009-1758 Jan Beulich discovered an issue in Xen where local guest users may cause a denial of service (oops). This update also fixes a regression introduced by the fix for CVE-2009-1184 in 2.6.26-15lenny3. This prevents a boot time panic on systems with SELinux enabled.
last seen	2020-06-01
modified	2020-06-02
plugin id	38990
published	2009-06-03
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/38990
title	Debian DSA-1809-1 : linux-2.6 - denial of service, privilege escalation

NASL family	OracleVM Local Security Checks
NASL id	ORACLEVM_OVMSA-2009-0014.NASL
description	The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1192 The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. CVE-2009-1072 nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. CVE-2009-1758 The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in
last seen	2020-06-01
modified	2020-06-02
plugin id	79460
published	2014-11-26
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/79460
title	OracleVM 2.1 : kernel (OVMSA-2009-0014)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2009-1106.NASL
description	Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important) * the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) Bug fixes : * a race in the NFS client between destroying cached access rights and unmounting an NFS file system could have caused a system crash.
last seen	2020-06-01
modified	2020-06-02
plugin id	43757
published	2010-01-06
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43757
title	CentOS 5 : kernel (CESA-2009:1106)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2009-1106.NASL
description	From Red Hat Security Advisory 2009:1106 : Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important) * the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) Bug fixes : * a race in the NFS client between destroying cached access rights and unmounting an NFS file system could have caused a system crash.
last seen	2020-06-01
modified	2020-06-02
plugin id	67874
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67874
title	Oracle Linux 5 : kernel (ELSA-2009-1106)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2009-1132.NASL
description	From Red Hat Security Advisory 2009:1132 : Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service. (CVE-2009-1385, Important) * the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) These updated packages also fix the following bugs : *
last seen	2020-06-01
modified	2020-06-02
plugin id	67884
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67884
title	Oracle Linux 4 : kernel (ELSA-2009-1132)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2009-1106.NASL
description	Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes : * several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. (CVE-2009-1439, CVE-2009-1633, Important) * the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) Bug fixes : * a race in the NFS client between destroying cached access rights and unmounting an NFS file system could have caused a system crash.
last seen	2020-06-01
modified	2020-06-02
plugin id	39430
published	2009-06-17
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39430
title	RHEL 5 : kernel (RHSA-2009:1106)

NASL family	SuSE Local Security Checks
NASL id	SUSE_KERNEL-6437.NASL
description	This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. (No cve yet) A information leak from using sigaltstack was fixed. Enabled -fno-delete-null-pointer-checks to avoid optimizing away NULL pointer checks and fixed Makefiles to make sure -fwrapv is used everywhere. CVE-2009-1758: The hypervisor_callback function in Xen allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in
last seen	2020-06-01
modified	2020-06-02
plugin id	59138
published	2012-05-17
reporter	This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/59138
title	SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6437)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2009-1132.NASL
description	Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated packages fix the following security issues : * a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially crafted packet that would cause a denial of service. (CVE-2009-1385, Important) * the Linux kernel Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. (CVE-2009-1072, Moderate) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a missing check was found in the hypervisor_callback() function in the Linux kernel provided by the kernel-xen package. This could cause a denial of service of a 32-bit guest if an application running in that guest accesses a certain memory location in the kernel. (CVE-2009-1758, Moderate) * a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and agp_generic_alloc_pages() functions did not zero out the memory pages they allocate, which may later be available to user-space processes. This flaw could possibly lead to an information leak. (CVE-2009-1192, Low) These updated packages also fix the following bugs : *
last seen	2020-06-01
modified	2020-06-02
plugin id	39583
published	2009-07-01
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39583
title	RHEL 4 : kernel (RHSA-2009:1132)

Oval

accepted

2013-04-29T04:04:31.508-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:10313

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Redhat

advisories

bugzilla

id	504565
title	e1000e: sporadic hang in netdump

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhba:tst:20070304025

comment kernel earlier than 0:2.6.9-89.0.3.EL is currently running
oval oval:com.redhat.rhsa:tst:20091132023
comment kernel earlier than 0:2.6.9-89.0.3.EL is set to boot up on next boot
oval oval:com.redhat.rhsa:tst:20091132024

AND
comment kernel-doc is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132001
comment kernel-doc is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304002
AND
comment kernel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132003
comment kernel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304018

AND

comment kernel-largesmp-devel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132005
comment kernel-largesmp-devel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304008

AND
comment kernel-largesmp is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132007
comment kernel-largesmp is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304010
AND
comment kernel-smp-devel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132009
comment kernel-smp-devel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304012
AND
comment kernel-xenU is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132011
comment kernel-xenU is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304006
AND
comment kernel-devel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132013
comment kernel-devel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304016
AND
comment kernel-smp is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132015
comment kernel-smp is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304004
AND
comment kernel-xenU-devel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132017
comment kernel-xenU-devel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304014
AND
comment kernel-hugemem is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132019
comment kernel-hugemem is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304020

AND

comment kernel-hugemem-devel is earlier than 0:2.6.9-89.0.3.EL
oval oval:com.redhat.rhsa:tst:20091132021
comment kernel-hugemem-devel is signed with Red Hat master key
oval oval:com.redhat.rhba:tst:20070304022

rhsa

id	RHSA-2009:1132
released	2009-06-30
severity	Important
title	RHSA-2009:1132: kernel security and bug fix update (Important)

rpms

kernel-0:2.6.18-128.1.14.el5
kernel-PAE-0:2.6.18-128.1.14.el5
kernel-PAE-debuginfo-0:2.6.18-128.1.14.el5
kernel-PAE-devel-0:2.6.18-128.1.14.el5
kernel-debug-0:2.6.18-128.1.14.el5
kernel-debug-debuginfo-0:2.6.18-128.1.14.el5
kernel-debug-devel-0:2.6.18-128.1.14.el5
kernel-debuginfo-0:2.6.18-128.1.14.el5
kernel-debuginfo-common-0:2.6.18-128.1.14.el5
kernel-devel-0:2.6.18-128.1.14.el5
kernel-doc-0:2.6.18-128.1.14.el5
kernel-headers-0:2.6.18-128.1.14.el5
kernel-kdump-0:2.6.18-128.1.14.el5
kernel-kdump-debuginfo-0:2.6.18-128.1.14.el5
kernel-kdump-devel-0:2.6.18-128.1.14.el5
kernel-xen-0:2.6.18-128.1.14.el5
kernel-xen-debuginfo-0:2.6.18-128.1.14.el5
kernel-xen-devel-0:2.6.18-128.1.14.el5
kernel-0:2.6.9-89.0.3.EL
kernel-debuginfo-0:2.6.9-89.0.3.EL
kernel-devel-0:2.6.9-89.0.3.EL
kernel-doc-0:2.6.9-89.0.3.EL
kernel-hugemem-0:2.6.9-89.0.3.EL
kernel-hugemem-devel-0:2.6.9-89.0.3.EL
kernel-largesmp-0:2.6.9-89.0.3.EL
kernel-largesmp-devel-0:2.6.9-89.0.3.EL
kernel-smp-0:2.6.9-89.0.3.EL
kernel-smp-devel-0:2.6.9-89.0.3.EL
kernel-xenU-0:2.6.9-89.0.3.EL
kernel-xenU-devel-0:2.6.9-89.0.3.EL

Statements

contributor	Tomas Hoger
lastmodified	2009-09-10
organization	Red Hat
statement	This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, and Red Hat Enterprise MRG. It was addressed in Red Hat Enterprise Linux 4 and 5 via https://rhn.redhat.com/errata/RHSA-2009-1132.html and https://rhn.redhat.com/errata/RHSA-2009-1106.html .

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Oval

Redhat

Statements

References