kexec-tools security, bug fix, and enhancement update

1.102pre-154.0.3 - mkdumprd.orig get packed, remove it. 1.102pre-154.0.2 - fix mounting root fs on labeled disk Maxim Uvarov orabug: 13709374 1.102pre-154.0.1 Merge following patches from mkinitrd: - mkinitrd-fix-san-boot.patch - mkinitrd-fix-shared-lib-library-path.patch -...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent attackers to obtain sensitive...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

Moderate: Red Hat Security Advisory: kexec-tools security, bug fix, and enhancement update

An updated kexec-tools package that resolves three security issues, fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CV...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file...

RHEL 5 : kexec-tools (RHSA-2012:0152)

The remote Redhat Enterprise Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:0152 advisory. The kexec-tools package contains the /sbin/kexec binary and utilities that together form the user-space component of the kernel's kexec...

RedHat Update for kexec-tools RHSA-2012:0152-03

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for kexec-tools RHSA-2012:0152-03

Check for the Version of kexec-tools OpenVAS Vulnerability Test RedHat Update for kexec-tools RHSA-2012:0152-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

kexec-tools security, bug fix, and enhancement update

2.0.0-209.0.1.el6 - Make sure '--allow-missing' is effective by adding to MKDUMPRDARGS in kdump.sysconfig, kdump.sysconfig.i386, and kdump.sysconfig.x8664 12590865 11678808 2.0.0-209 - Improve debugfs mounting code, from Dave Young. Resolve bug 748748. 2.0.0-208 - Search DUP firmware directory to...

Linux系统kexec-tools "kdump/mkdumprd"信息泄露漏洞

BUGTRAQ ID: 50420 CVE ID: CVE-2011-3590 Linux是自由电脑操作系统。 Linux系统的kdump/mkdumprd工具在实现上存在本地信息泄露漏洞，本地攻击者可利用此漏洞获取敏感信息，例如根用户使用的ssh密钥。 Linux kernel 3.x Linux kernel 2.6.x RedHat Enterprise Linux Workstation 6 RedHat Enterprise Linux Server 6 RedHat Enterprise Linux HPC Node 6 RedHat Enterprise Linux...

RHEL 6 : kexec-tools (RHSA-2011:1532)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2011:1532 advisory. Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH Secure Shell...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...

Moderate: Red Hat Security Advisory: kexec-tools security, bug fix, and enhancement update

An updated kexec-tools package that fixes three security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images

The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent attackers to obtain sensitive...

kernel security and bug fix update

2.6.18-238.1.1.0.1.el5 - fix filpclose race Joe Jin orabug 10335998 - fix missing aiocomplete in endio Joel Becker orabug 10365195 - make xenkbd.abspointer=1 by default orabug 67188919 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - net Enable...

CentOS 5 : kernel (CESA-2010:0147)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Important: kernel security and bug fix update

2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574 ...

Important: kernel security update

CVE-2007-4571 ALSA memory disclosure flaw - Tick divider bugs on x8664 - CVE-2007-5494 openOATOMICLOOKUP leaks dentry - PATCH jbd: wait for already submitted tsyncdatalist buffer to complete Possibility of in-place data destruction - LSPP: audit rule causes kernel 'out of memory' condition and...