|
|
 |
| New User, Welcome! Login |
rPSA-2009-0121-1 kernel open-vm-tools
| From: |
rPath Update Announcements <announce-noreply rpath com> |
| To: |
product-announce lists rpath com, product-announce lists rpath com, security-announce lists rpath com, update-announce lists rpath com |
| Cc: |
full-disclosure lists grok org uk, vulnwatch vulnwatch org, bugtraq securityfocus com, lwn lwn net |
| Subject: |
rPSA-2009-0121-1 kernel open-vm-tools |
| Date: |
Tue - Aug 18, 2009 03:31 PM |
rPath Security Advisory: 2009-0121-1
Published: 2009-08-18
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 2
Rating: Minor
Exposure Level Classification:
Local Root Deterministic Unauthorized Access
Updated Versions:
kernel=conary.rpath.com@rpl:2/2.6.29.6-0.6-1
kernel=rap.rpath.com@rpath:linux-1/2.6.29.6-7-1
open-vm-tools=conary.rpath.com@rpl:2/2009.07.22_179896-0.2-1
open-vm-tools=rap.rpath.com@rpath:linux-1/2009.07.22_179896-2-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-3102
https://issues.rpath.com/browse/RPL-3103
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2962
Description:
Previous versions of the kernel have a weakness which in a non-default
configuration (if vm.mmap_min_addr is 0) allows normal users processes
to execute arbitrary code as the root user. rPath Linux is configured
by default with vm.mmap_min_addr=65536 and so is not vulnerable
by default. Furthermore, rPath Linux does not include two other
mechanisms by which this vulnerability has been exploited (pulseaudio
and SELinux policy permitting access to address 0).
In addition, the open-vm-tools package (including kernel modules)
has been updated to the most recent upstream release for continued
compatibility with new VMware hosts. In addition, this enables user
programs to use the libraries included in open-vm-tools. However,
the library interfaces included in open-vm-tools are not being
maintained by rPath as a stable library interface; future updates of
the open-vm-tools package will follow whatever changes have been made
in the upstream open-vm-tools package to the open-vm-tools libraries,
even if those changes are incompatible with the current versions.
http://wiki.rpath.com/Advisories:rPSA-2009-0121
Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
