Mandriva Update For Kernel MDVSA-2008:109 (kernel) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability was discovered and corrected in the Linux 2.6 kernel: The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. (CVE-2008-1675) Additionaly, some fixes were made, related to: iwlwifi (small bug interacting with drakconnect interface detection), brightness handling on EeePc, uvcvideo on Thinkpad X300, sound for TOSHIBA Satellite Pro A200 and A210, RealTek 8169 ethernet, unionfs, and more. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate

Affected

kernel on Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1675

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:008 (qemu)
Mandrake Security Advisory MDVSA-2009:097 (clamav)
Mandrake Security Advisory MDVSA-2009:171 (pulseaudio)
Mandrake Security Advisory MDVSA-2009:016 (xen)
Mandrake Security Advisory MDVSA-2009:067 (libsndfile)

Mandriva Update for kernel MDVSA-2008:109 (kernel)

Take action and discover your vulnerabilities