1
Candidate: CVE-2009-3556
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3556
6
A certain Red Hat configuration step for the qla2xxx driver in the Linux
7
kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID
8
Virtualization (NPIV) hardware is used, sets world-writable permissions for
9
the (1) vport_create and (2) vport_delete files under
10
/sys/class/scsi_host/, which allows local users to make arbitrary changes
11
to SCSI host attributes by modifying these files.
16
https://bugzilla.redhat.com/show_bug.cgi?id=537177
21
Patches_linux-source-2.6.15:
22
upstream_linux-source-2.6.15: not-affected
23
dapper_linux-source-2.6.15: not-affected
24
hardy_linux-source-2.6.15: DNE
25
intrepid_linux-source-2.6.15: DNE
26
jaunty_linux-source-2.6.15: DNE
27
karmic_linux-source-2.6.15: DNE
28
devel_linux-source-2.6.15: DNE
31
upstream_linux: not-affected
33
hardy_linux: not-affected
34
intrepid_linux: not-affected
35
jaunty_linux: not-affected
36
karmic_linux: not-affected
37
devel_linux: not-affected