How to Buy
This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
CVE-2009-3889 CVE-2009-3939 kernel: megaraid_sas permissions in sysfs
CVE-2009-3080 kernel: gdth: Prevent negative offsets in ioctl
CVE-2009-4005 kernel: isdn: hfc_usb: fix read buffer overflow
CVE-2009-4020 kernel: hfs buffer overflow
This update fixes the following security issues :
- an array index error was found in the gdth driver in the
Linux kernel. A local user could send a specially
crafted IOCTL request that would cause a denial of
service or, possibly, privilege escalation.
- a flaw was found in the collect_rx_frame() function in
the HiSax ISDN driver (hfc_usb) in the Linux kernel. An
attacker could use this flaw to send a specially crafted
HDLC packet that could trigger a buffer out of bounds,
possibly resulting in a denial of service.
- permission issues were found in the megaraid_sas driver
(for SAS based RAID controllers) in the Linux kernel.
The 'dbg_lvl' and 'poll_mode_io' files on the sysfs file
system ('/sys/') had world-writable permissions. This
could allow local, unprivileged users to change the
behavior of the driver. (CVE-2009-3889, CVE-2009-3939,
- a buffer overflow flaw was found in the hfs_bnode_read()
function in the HFS file system implementation in the
Linux kernel. This could lead to a denial of service if
a user browsed a specially crafted HFS file system, for
example, by running 'ls'. (CVE-2009-4020, Low)
This update also fixes the following bugs :
- if a process was using ptrace() to trace a
multi-threaded process, and that multi-threaded process
dumped its core, the process performing the trace could
hang in wait4(). This issue could be triggered by
running 'strace -f' on a multi-threaded process that was
dumping its core, resulting in the strace command
- a bug in the ptrace() implementation could have, in some
cases, caused ptrace_detach() to create a zombie process
if the process being traced was terminated with a
SIGKILL signal. (BZ#555869)
- the kernel-2.6.9-89.0.19.EL update resolved an issue
(CVE-2009-4537) in the Realtek r8169 Ethernet driver.
This update implements a better solution for that issue.
Note: This is not a security regression. The original
fix was complete. This update is adding the official
upstream fix. (BZ#556406)
The system must be rebooted for this update to take effect.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60728 ()
CVE ID: CVE-2009-3080CVE-2009-3889CVE-2009-3939CVE-2009-4005CVE-2009-4020CVE-2009-4537
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.