Summary
The remote host is missing updates announced in
advisory GLSA 200907-08.
Solution
All external kernel modules have been masked and we recommend that users unmerge those drivers. The Linux mainline kernel has equivalent support for these devices and the vulnerability has been resolved in stable versions of sys-kernel/gentoo-sources.
# emerge --unmerge 'net-wireless/rt2400'
# emerge --unmerge 'net-wireless/rt2500'
# emerge --unmerge 'net-wireless/rt2570'
# emerge --unmerge 'net-wireless/rt61'
# emerge --unmerge 'net-wireless/ralink-rt61'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200907-08 http://bugs.gentoo.org/show_bug.cgi?id=257023
Insight
An integer overflow in multiple Ralink wireless drivers might lead to the execution of arbitrary code with elevated privileges.
Severity
Classification
-
CVE CVE-2009-0282 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities