Red Hat Local Security Checks : RedHat Security Advisory RHSA-2012:1282

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72406

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2012:1282

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2012:1282.

The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.

This update fixes the following security issue:

* It was found that a deadlock could occur in the Out of Memory (OOM)
killer. A process could trigger this deadlock by consuming a large amount
of memory, and then causing request_module() to be called. A local,
unprivileged user could use this flaw to cause a denial of service
(excessive memory consumption). (CVE-2012-4398, Moderate)

Red Hat would like to thank Tetsuo Handa for reporting this issue.

The kernel-rt packages have been upgraded to upstream version 3.2, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#798421)

This update also fixes various bugs and adds enhancements. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.

Users should upgrade to these updated kernel-rt packages, which correct
this issue, fix these bugs, and add these enhancements. The system must
be rebooted for this update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2012-1282.html

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-4398
55077
http://secunia.com/advisories/55077
55361
http://www.securityfocus.com/bid/55361
RHSA-2013:0223
http://rhn.redhat.com/errata/RHSA-2013-0223.html
RHSA-2013:1348
http://rhn.redhat.com/errata/RHSA-2013-1348.html
SUSE-SU-2015:0481
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
[linux-kernel] 20120207 [PATCH 5/5] kmod: make __request_module() killable
http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html
[oss-security] 20120902 CVE Request -- kernel: request_module() OOM local DoS
http://www.openwall.com/lists/oss-security/2012/09/02/3
http://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2
https://bugzilla.redhat.com/show_bug.cgi?id=853474
openSUSE-SU-2015:0566
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72406
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2012:1282
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2012:1282. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found that a deadlock could occur in the Out of Memory (OOM) killer. A process could trigger this deadlock by consuming a large amount of memory, and then causing request_module() to be called. A local, unprivileged user could use this flaw to cause a denial of service (excessive memory consumption). (CVE-2012-4398, Moderate) Red Hat would like to thank Tetsuo Handa for reporting this issue. The kernel-rt packages have been upgraded to upstream version 3.2, which provides a number of bug fixes and enhancements over the previous version. (BZ#798421) This update also fixes various bugs and adds enhancements. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated kernel-rt packages, which correct this issue, fix these bugs, and add these enhancements. The system must be rebooted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2012-1282.html Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4398 55077 http://secunia.com/advisories/55077 55361 http://www.securityfocus.com/bid/55361 RHSA-2013:0223 http://rhn.redhat.com/errata/RHSA-2013-0223.html RHSA-2013:1348 http://rhn.redhat.com/errata/RHSA-2013-1348.html SUSE-SU-2015:0481 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html [linux-kernel] 20120207 [PATCH 5/5] kmod: make __request_module() killable http://lkml.indiana.edu/hypermail/linux/kernel/1202.0/03340.html [oss-security] 20120902 CVE Request -- kernel: request_module() OOM local DoS http://www.openwall.com/lists/oss-security/2012/09/02/3 http://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.tar.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=853474 openSUSE-SU-2015:0566 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com