Description: | Description: The remote host is missing updates announced in advisory RHSA-2010:0705.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issue:
* The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important)
Red Hat would like to thank Ben Hawkes for reporting this issue.
Red Hat is aware that a public exploit for this issue is available. Refer to Knowledgebase article DOC-40265 for further details: https://access.redhat.com/kb/docs/DOC-40265
Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2010-0705.html http://www.redhat.com/security/updates/classification/#important
Risk factor : High
|