Description: | Description: The remote host is missing updates announced in advisory RHSA-2011:0162.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issues:
* A heap overflow flaw was found in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3859, Important)
* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to /dev/gdth on a 64-bit system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)
* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)
* A flaw was found in the Linux kernel's garbage collector for AF_UNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)
* Missing initialization flaws were found in the Linux kernel. A local, unprivileged user could use these flaws to cause information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, CVE-2010-4158, Low)
Red Hat would like to thank Alan Cox for reporting CVE-2010-4242 Vegard Nossum for reporting CVE-2010-4249 Vasiliy Kulikov for reporting CVE-2010-3876 Kees Cook for reporting CVE-2010-4072 and Dan Rosenberg for reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and CVE-2010-4158.
Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.
Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2011-0162.html
Risk factor : High
CVSS Score: 6.9
|