Fedora Core 10 FEDORA-2009-0923 (kernel)

  1. Network Vulnerabilities
  2. Fedora Local Security Checks
  3. Fedora Core 10 FEDORA-2009-0923 (kernel)
Summary
The remote host is missing an update to kernel announced via advisory FEDORA-2009-0923.
Solution
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update kernel' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0923
Insight
Update Information: Update to kernel 2.6.27.12: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested. ChangeLog: * Tue Jan 20 2009 Chuck Ebbert - ath5k: ignore the return value of ath5k_hw_noise_floor_calibration (backport to 2.6.27) - rtl8187: feedback transmitted packets using tx close descriptor for 8187B * Tue Jan 20 2009 Chuck Ebbert 2.6.27.12-170.2.4 - Fix CVE-2009-0065: SCTP buffer overflow * Tue Jan 20 2009 Chuck Ebbert 2.6.27.12-170.2.3 - Revert ALSA to what is upstream in 2.6.27. * Mon Jan 19 2009 Kyle McMartin - Linux 2.6.27.12 - linux-2.6-iwlagn-downgrade-BUG_ON-in-interrupt.patch: merged - linux-2.6-iwlwifi-use-GFP_KERNEL-to-allocate-Rx-SKB-memory.patch: merged * Mon Jan 19 2009 Kyle McMartin - Roll in xen changes to execshield diff as in later kernels. * Mon Jan 19 2009 Kyle McMartin - execshield fixes: should no longer generate spurious handled GPFs, fixes randomization of executables. also some clean ups. * Sun Jan 11 2009 Dave Jones - Don't use MAXSMP on x86-64 * Wed Jan 7 2009 Roland McGrath - 2.6.27.10-169 - utrace update * Tue Jan 6 2009 Eric Sandeen 2.6.27.10-168 - ext4 - delay capable() checks in space accounting (#478299)
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities