CVE-2009-3556

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux (RHEL) 5 with Linux kernel 2.6.18

Description The issue concerns a Red Hat configuration step for the qla2xxx driver in the Linux kernel when N Port ID Virtualization (NPIV) hardware is used. This configuration sets world-writable permissions for certain files under /sys/class/scsi host/, specifically the vport create and vport delete files. As a result, local users can modify these files to make arbitrary changes to SCSI host attributes.

Recommendations For Red Hat Enterprise Linux (RHEL) 5 with Linux kernel 2.6.18, consider restricting access to the vport create and vport delete files under /sys/class/scsi host/ to prevent local users from making unauthorized changes to SCSI host attributes.