CentOS ProjectCESA-2010:0792kernel security update
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
37.0%
CentOS Errata and Security Advisory CESA-2010:0792
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
- The rds_page_copy_user() function in the Linux kernel Reliable Datagram
Sockets (RDS) protocol implementation was missing sanity checks. A local,
unprivileged user could use this flaw to escalate their privileges.
(CVE-2010-3904, Important)
Red Hat would like to thank Dan Rosenberg of Virtual Security Research for
reporting this issue.
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-October/079283.html
https://lists.centos.org/pipermail/centos-announce/2010-October/079284.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0792
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 5 | i686 | kernel | < 2.6.18-194.17.4.el5 | kernel-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-debug | < 2.6.18-194.17.4.el5 | kernel-debug-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-debug-devel | < 2.6.18-194.17.4.el5 | kernel-debug-devel-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-devel | < 2.6.18-194.17.4.el5 | kernel-devel-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | noarch | kernel-doc | < 2.6.18-194.17.4.el5 | kernel-doc-2.6.18-194.17.4.el5.noarch.rpm |
| CentOS | 5 | i386 | kernel-headers | < 2.6.18-194.17.4.el5 | kernel-headers-2.6.18-194.17.4.el5.i386.rpm |
| CentOS | 5 | i686 | kernel-pae | < 2.6.18-194.17.4.el5 | kernel-PAE-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-pae-devel | < 2.6.18-194.17.4.el5 | kernel-PAE-devel-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-xen | < 2.6.18-194.17.4.el5 | kernel-xen-2.6.18-194.17.4.el5.i686.rpm |
| CentOS | 5 | i686 | kernel-xen-devel | < 2.6.18-194.17.4.el5 | kernel-xen-devel-2.6.18-194.17.4.el5.i686.rpm |
Related
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
37.0%