(RHSA-2010:0719) Important: kernel security update

2010-09-28T04:00:00
ID RHSA-2010:0719
Type redhat
Reporter RedHat
Modified 2017-09-08T12:07:19

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issue:

  • The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important)

Red Hat would like to thank Ben Hawkes for reporting this issue.

Refer to Knowledgebase article DOC-40265 for further details: https://access.redhat.com/kb/docs/DOC-40265

Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.