RedHatRHSA-2012:1282(RHSA-2012:1282) Moderate: kernel-rt security, bug fix, and enhancement update
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.7%
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
- It was found that a deadlock could occur in the Out of Memory (OOM)
killer. A process could trigger this deadlock by consuming a large amount
of memory, and then causing request_module() to be called. A local,
unprivileged user could use this flaw to cause a denial of service
(excessive memory consumption). (CVE-2012-4398, Moderate)
Red Hat would like to thank Tetsuo Handa for reporting this issue.
The kernel-rt packages have been upgraded to upstream version 3.2, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#798421)
This update also fixes various bugs and adds enhancements. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.
Users should upgrade to these updated kernel-rt packages, which correct
this issue, fix these bugs, and add these enhancements. The system must
be rebooted for this update to take effect.
Related
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
5.7%