[ MDVSA-2015:031 ] busybox

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:031
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : busybox
 Date    : February 5, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated busybox packages fix security vulnerability:
 
 The modprobe command in busybox before 1.23.0 uses the basename of
 the module argument as the module to load, allowing arbitrary modules,
 even when some kernel subsystems try to prevent this (CVE-2014-9645).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9645
 http://advisories.mageia.org/MGASA-2015-0041.html
 __________________________________________________________________

007 Software

[ MDVSA-2015:031 ] busybox

Leave a Reply Cancel reply

Software and Security Information