Oval Definition:oval:com.redhat.rhsa:def:20100704
Revision Date:2010-09-21Version:642
Title:RHSA-2010:0704: kernel security update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

This update fixes the following security issue:

  • The compat_alloc_user_space() function in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important)

    Red Hat would like to thank Ben Hawkes for reporting this issue.

    Red Hat is aware that a public exploit for this issue is available. Refer to Knowledgebase article DOC-40265 for further details: https://access.redhat.com/kb/docs/DOC-40265

    Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-3081
    RHSA-2010:0704
    RHSA-2010:0704-01
    RHSA-2010:0704-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • kernel earlier than 0:2.6.18-194.11.4.el5 is currently running
  • OR kernel earlier than 0:2.6.18-194.11.4.el5 is set to boot up on next boot
  • AND
  • kernel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-PAE is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-PAE is signed with Red Hat redhatrelease2 key
  • kernel-PAE-devel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-PAE-devel is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-doc is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-doc is signed with Red Hat redhatrelease2 key
  • kernel-headers is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-headers is signed with Red Hat redhatrelease2 key
  • kernel-kdump is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-kdump is signed with Red Hat redhatrelease2 key
  • kernel-kdump-devel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-kdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-xen is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-xen is signed with Red Hat redhatrelease2 key
  • kernel-xen-devel is earlier than 0:2.6.18-194.11.4.el5
  • AND kernel-xen-devel is signed with Red Hat redhatrelease2 key
    • BACK