Release Found: Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG.
The flaws identified by CVE-2009-3547 (Red Hat Bugzilla bug 530490) describe a NULL pointer dereference issue in each of the following functions in the Linux kernel, versions 2.4.0 and later, and 2.6.0 and later: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This flaw was addressed via the upstream 2.6 kernel git commit ad396024. On systems without this patch, this flaw can lead to a local denial of service or privilege escalation.
This issue has been fixed in Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG via the Red Hat Security Advisories RHSA-2009:1550, RHSA-2009:1541, RHSA-2009:1548, and RHSA-2009:1540 respectively.