Solution
Please Install the Updated Packages.
Insight
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issues:
* a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important)
Users should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect.
Affected
kernel on CentOS 4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-3547 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities