Mandriva Linux Security Advisory : kernel (MDVSA-2009:148)
High Nessus Plugin ID 48149
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionSome vulnerabilities were discovered and corrected in the Linux 2.6 kernel :
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 184.108.40.206, 2.6.29 before 220.127.116.11, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. (CVE-2009-1961)
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 18.104.22.168 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. (CVE-2009-1630)
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 22.214.171.124 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.
Additionally, the kernel package was updated to the Linux upstream stable version 126.96.36.199.
To update your kernel, please follow the directions located at :
SolutionUpdate the affected packages.