- Tue Nov 3 2009 Kyle McMartin 2.6.30.9-96 - fs/pipe.c: fix NULL pointer dereference (CVE-2009-3547) - Sun Oct 25 2009 Chuck Ebbert 2.6.30.9-95 - Disable the stack protector on functions that don't have onstack arrays. - Thu Oct 22 2009 Chuck Ebbert 2.6.30.9-94 - Fix overflow in KVM cpuid code. (CVE-2009-3638) - Thu Oct 22 2009 Chuck Ebbert 2.6.30.9-93 - Fix exploitable oops in keyring code (CVE-2009-3624) - Wed Oct 21 2009 Kyle McMartin - shut-up-LOCK_TEST_WITH_RETURN.patch: sort out #445331... or paper bag over it for now until the lock warnings can be killed. - Mon Oct 19 2009 Kyle McMartin - af_unix-fix-deadlock-connecting-to-shutdown-socket.pat ch: fix for rhbz#529626 local DoS. (CVE-2009-3621) - Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-90 - Fix null deref in r128 (F10#487546) (CVE-2009-3620) - Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-89 - Keyboard and mouse fixes from 2.6.32 (#522126) - Sat Oct 17 2009 Chuck Ebbert 2.6.30.9-88 - Scheduler wakeup patch, fixes high latency on wakeup (sched-update-the-clock-of-runqueue-select-task-rq-sel ected.patch) - Fri Oct 16 2009 Chuck Ebbert 2.6.30.9-87 - Fix uninitialized data leak in netlink (CVE-2009-3612) - Thu Oct 15 2009 Chuck Ebbert 2.6.30.9-86 - AX.25 security fix (CVE-2009-2909) - Thu Oct 15 2009 Chuck Ebbert 2.6.30.9-85 - Disable CONFIG_USB_STORAGE_CYPRESS_ATACB because it causes failure to boot from USB disks using Cypress bridges (#524998) - Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-84 - Copy libata drive detection fix from 2.6.31.4 (#524756) - Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-83 - Networking fixes taken from 2.6.31-stable - Tue Oct 13 2009 Chuck Ebbert 2.6.30.9-82 - Fix boot hang with ACPI on some systems. - Mon Oct 12 2009 Chuck Ebbert 2.6.30.9-81 - Critical ftrace fixes: ftrace-use-module-notifier-for-function-tracer.patch ftrace-check-for-failure-for-all-conversions.patch tracing-correct-module-boundaries-for-ftrace_release.p atch - Thu Oct 8 2009 Ben Skeggs 2.6.30.9-80 - ppc: compile nvidiafb as a module only, nvidiafb+nouveau = bang! (rh#491308) - Wed Oct 7 2009 Dave Jones 2.6.30.9-78 - Disable IRQSOFF tracer. (Adds unnecessary overhead when unused) - Wed Oct 7 2009 Chuck Ebbert 2.6.30.9-77 - eCryptfs fixes taken from 2.6.31.2 (fixes CVE-2009-2908) - Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-76 - fix race in forcedeth network driver (#526546) - Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-75 - x86: Don't leak 64-bit reg contents to 32-bit tasks. - Tue Oct 6 2009 Chuck Ebbert 2.6.30.9-74 [plus 194 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
48161	Mandriva Linux Security Advisory : kernel (MDVSA-2009:329)	Nessus	Mandriva Local Security Checks	high
44827	Debian DSA-1962-1 : kvm - several vulnerabilities	Nessus	Debian Local Security Checks	high
44792	Debian DSA-1927-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak	Nessus	Debian Local Security Checks	high
43026	Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : linux, linux-source-2.6.15 vulnerabilities (USN-864-1)	Nessus	Ubuntu Local Security Checks	high
42867	SuSE 11 Security Update : KVM (SAT Patch Number 1553)	Nessus	SuSE Local Security Checks	high
42865	openSUSE Security Update : kvm (kvm-1545)	Nessus	SuSE Local Security Checks	high
42864	openSUSE Security Update : kvm (kvm-1547)	Nessus	SuSE Local Security Checks	high
42402	Fedora 10 : kernel-2.6.27.38-170.2.113.fc10 (2009-11038)	Nessus	Fedora Local Security Checks	high
42400	Fedora 11 : kernel-2.6.30.9-96.fc11 (2009-11032)	Nessus	Fedora Local Security Checks	high

CVE-2009-3638

Description

References

Details

Risk Information

CVSS v2.0