LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

rPath alert rPSA-2009-0111-1 (kernel)



From:
    	      rPath Update Announcements <announce-noreply@rpath.com> 


To:
    	      product-announce@lists.rpath.com,
	security-announce@lists.rpath.com, update-announce@lists.rpath.com,
	product-announce@lists.rpath.com 


Subject:
    	      rPSA-2009-0111-1 kernel 


Date:
    	      Fri, 24 Jul 2009 17:49:05 -0400


Message-ID:
    	      <4a6a2c51.BAKTlvmpHmLT5A/Z%announce-noreply@rpath.com>


Cc:
    	      full-disclosure@lists.grok.org.uk, vulnwatch@vulnwatch.org,
	bugtraq@securityfocus.com, lwn@lwn.net


rPath Security Advisory: 2009-0111-1
Published: 2009-07-24
Products:
    rPath Appliance Platform Linux Service 1
    rPath Appliance Platform Linux Service 2
    rPath Linux 2

Rating: Severe
Exposure Level Classification:
    Remote Deterministic Denial of Service
Updated Versions:
    kernel=conary.rpath.com@rpl:2/2.6.29.6-0.2-1
    kernel=rap.rpath.com@rpath:linux-1/2.6.29.6-2-1

rPath Issue Tracking System:
    https://issues.rpath.com/browse/RPL-3048
    https://issues.rpath.com/browse/RPL-3065
    https://issues.rpath.com/browse/RPL-3078
    https://issues.rpath.com/browse/RPL-3080
    https://issues.rpath.com/browse/RPL-3088
    https://issues.rpath.com/browse/RPL-3090

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1633
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1389
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1630
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895

Description:
    Previous versions of the Linux kernel are vulnerable to multiple
    security issues, including both man-in-the-middle/hostile server
    attacks and remote denial of service attacks that are specific
    to certain hardware configurations; these vulnerabilities are
    resolved in this version.  Additionally, although no rPath kernel is
    vulnerable to the widely-publicized local root exploit identified
    as CVE-2009-1897, a patch has been applied to guard against other
    similar but as yet unknown vulnerabilities.

http://wiki.rpath.com/Advisories:rPSA-2009-0111

Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds