CVE-2009-3080

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux kernel versions 2.4.21 openSUSE kernel-ps3-debuginfo (affected versions not specified) openSUSE kernel-ps3-debugsource (affected versions not specified) Linux kernel versions prior to 2.6.32-rc8

Description The issue involves multiple vulnerabilities in the kernel packages of various Linux distributions, including Red Hat Enterprise Linux and openSUSE. These vulnerabilities can be exploited remotely, potentially leading to disruptions in the availability, confidentiality, and integrity of protected information. In the Linux kernel, a specific vulnerability is related to an array index error in the gdth read event function, which can be exploited by local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

Recommendations For Red Hat Enterprise Linux kernel version 2.4.21, update to a version that includes the necessary security patches. For openSUSE kernel-ps3-debuginfo and kernel-ps3-debugsource, there is no information about a newer version that contains a fix for this vulnerability. For Linux kernel versions prior to 2.6.32-rc8, update to version 2.6.32-rc8 or later to resolve the issue. As a temporary workaround, consider restricting access to the gdth read event function in the Linux kernel until a patch is available.