[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2010:0606 -- centos 4 x86_64 kernel

ID: oval:org.secpod.oval:def:201779Date: (C)2012-01-31   (M)2024-01-02
Class: PATCHFamily: unix




The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a flaw was found in the CIFSSMBWrite function in the Linux kernel Common Internet File System implementation. A remote attacker could send a specially-crafted SMB response packet to a target CIFS client, resulting in a kernel panic . * buffer overflow flaws were found in the Linux kernel"s implementation of the server-side External Data Representation for the Network File System version 4. An attacker on the local network could send a specially-crafted large compound request to the NFSv4 server, which could possibly result in a kernel panic or, potentially, code execution. This update also fixes the following bug: * the rpc_call_async function in the SUN Remote Procedure Call subsystem in the Linux kernel had a reference counting bug. In certain situations, some Network Lock Manager messages may have triggered this bug on NFSv2 and NFSv3 servers, leading to a kernel panic . Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

Platform:
CentOS 4
Product:
kernel
Reference:
CESA-2010:0606
CVE-2010-2248
CVE-2010-2521
CVE    2
CVE-2010-2521
CVE-2010-2248
CPE    1
cpe:/o:centos:centos:4

© SecPod Technologies