New Search

RHSA-2009:1337 -- gfs2-utils security and bug fix update (Low)

oval:org.mitre.oval:def:28953

An updated gfs2-utils package that fixes multiple security issues and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The gfs2-utils package provides the user-space tools necessary to mount create maintain and test GFS2 file systems. Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-6552)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
Class:
patch
Reference(s):
  • RHSA-2009:1337
  • CESA-2009:1337-CentOS 5
  • CVE-2008-6552
Product(s):
  • gfs2-utils