LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-26-2008, 03:27 AM   #1
nnetala
LQ Newbie
 
Registered: Jun 2008
Posts: 1

Rep: Reputation: 0
Lightbulb Patch of vulnerability CVE:2007-5001


Hi all

I am working on linux kernel-2.4.17-rt3.1 version, which is vulnerabile, to local unpriviliged users with reference to CVE:2007-5001.

* a flaw was found when performing asynchronous input or output operations
on a FIFO special file. A local unprivileged user could use this flaw to
cause a kernel panic. (CVE-2007-5001, Important)

* Bugzilla Bug 326251: CVE-2007-5001 kernel asynchronous IO on a FIFO kernel panic.
Using asynchronous IO on a FIFO causes RHEL 3U9 to kernel panic.
(Does not occur in RHEL 4 as the pipe_write function has been re-written)
This is a security issue because a local unprivileged user can cause a kernel panic.


The solution for this, is available in the following rpm:
kernel-2.4.21-57.EL.i686.rpm aecf0b0d5644fcad52e625f1be32dd12


But this rpm gives a mixed solution for other CVE's also, it is not giving a seperate patch for the CVE:2007-5001.We have searched almost all site's, but didn't got it.

Is any body know where can we find a seperate patch for this vulnerability (CVE:2007-5001), please do reply.

Thanks & Regards
Naresh.....
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CVE-2008-0009/0010/0600 (Linux Privilege Escalation Vulnerabilities) jayjwa Linux - Security 14 02-21-2008 06:50 AM
broken X headers in security patch from 2007-03-07? cab15625 Slackware 6 04-12-2007 09:07 AM
Day Light Savings Patch 2007 haiders Linux - Software 5 02-06-2007 11:30 AM
Atheros Wireless 5001 and FC3 jpc1258 Linux - Laptop and Netbook 0 04-20-2005 12:37 PM
How to Apply patch for Mass Storage device to work? (uss725-2.4.20-rc2.patch) cevjr Linux - Hardware 3 04-20-2004 11:14 PM


All times are GMT -5. The time now is 12:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration