Table of Contents
Advertisement
* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel:
pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the
i_pipe pointer could be released by other processes before it is used to update the pipe's reader and
writer counters. This could lead to a local denial of service or privilege escalation.
Important)
* a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single()
presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An
attacker on the local network could abuse this flaw by using jumbo frames for large amounts of
network traffic.
(CVE-2009-3613
* missing initialization flaws were found in the Linux kernel. Padding data in several core network
structures was not initialized properly before being sent to user-space. These flaws could lead to
information leaks.
(CVE-2009-3228
Bug fixes:
* with network bonding in the "balance-tlb" or "balance-alb" mode, the primary setting for the primary
slave device was lost when said device was brought down. Bringing the slave back up did not restore
the primary setting.
(BZ#517971
* some faulty serial device hardware caused systems running the kernel-xen kernel to take a very long
time to boot.
(BZ#524153
* a caching bug in nfs_readdir() may have caused NFS clients to see duplicate files or not see all files
in a directory.
(BZ#526960
* the RHSA-2009:1243 update removed the mpt_msi_enable option, preventing certain scripts from
running. This update adds the option back.
* an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot
parameter (the default is 20), did not have any effect over packets, as the hit count could not be
660
reached.
(BZ#527434
* a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future
bugs in functions that call ip_append_data() from being exploitable.
* a kernel panic occurred in certain conditions after reconfiguring a tape drive's block size.
662
(BZ#528133
)
* when using the Linux Virtual Server (LVS) in a master and backup configuration, and propagating
active connections on the master to the backup, the connection timeout value on the backup was
hard-coded to 180 seconds, meaning connection information on the backup was soon lost. This could
prevent the successful failover of connections. The timeout value can now be set via "ipvsadm --set".
663
(BZ#528645
)
653
https://www.redhat.com/security/data/cve/CVE-2009-3547.html
654
https://www.redhat.com/security/data/cve/CVE-2009-3613.html
655
https://www.redhat.com/security/data/cve/CVE-2009-3228.html
656
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=517971
657
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=524153
658
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=526960
659
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=526963
660
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=527434
661
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=527436
662
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=528133
663
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=528645
RHSA-2009:1548: Important security and bug fix update
654
, Important)
655
, Moderate)
656
)
657
)
658
)
(BZ#526963
)
659
)
(BZ#527436
653
(CVE-2009-3547
,
661
)
97
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 5.5 - TECHNICAL NOTES
Related Products for Red Hat ENTERPRISE LINUX 5.5 - TECHNICAL NOTES
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE