|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for Red Hat Enterprise Linux 6 kernel RHSA-2011:1530-03|
|Summary:||The remote host is missing an update for the 'Red Hat Enterprise Linux 6 kernel'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'Red Hat Enterprise Linux 6 kernel'
package(s) announced via the referenced advisory.
The kernel packages contain the Linux kernel, the core of any Linux
This update fixes the following security issues:
* The proc file system could allow a local, unprivileged user to obtain
sensitive information or possibly cause integrity issues. (CVE-2011-1020,
* Non-member VLAN (virtual LAN) packet handling for interfaces in
promiscuous mode and also using the be2net driver could allow an attacker
on the local network to cause a denial of service. (CVE-2011-3347,
* A flaw was found in the Linux kernel in the way splitting two extents in
ext4_ext_convert_to_initialized() worked. A local, unprivileged user with
access to mount and unmount ext4 file systems could use this flaw to cause
a denial of service. (CVE-2011-3638, Moderate)
* A NULL pointer dereference flaw was found in the way the Linux kernel's
key management facility handled user-defined key types. A local,
unprivileged user could use the keyctl utility to cause a denial of
service. (CVE-2011-4110, Moderate)
Red Hat would like to thank Kees Cook for reporting CVE-2011-1020, Somnath
Kotur for reporting CVE-2011-3347, and Zheng Liu for reporting
This update also fixes several hundred bugs and adds enhancements. Refer to
the Red Hat Enterprise Linux 6.2 Release Notes for information on the most
significant of these changes, and the Technical Notes for further
information, both linked to in the References.
All Red Hat Enterprise Linux 6 users are advised to install these updated
packages, which correct these issues, and fix the bugs and add the
enhancements noted in the Red Hat Enterprise Linux 6.2 Release Notes and
Technical Notes. The system must be rebooted for this update to take
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at the linked references.
To install kernel packages manually, use 'rpm -ivh [package]'. Do not
use 'rpm -Uvh' as that will remove the running kernel binaries from
your system. You may use 'rpm -e' to remove old kernels after
determining that the new kernel ..
Description truncated, please see the referenced URL(s) for more information.
Red Hat Enterprise Linux 6 kernel on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2011-1020|
BugTraq ID: 46567
XForce ISS Database: kernel-procpid-security-bypass(65693)
Common Vulnerability Exposure (CVE) ID: CVE-2011-3347
Common Vulnerability Exposure (CVE) ID: CVE-2011-3638
Common Vulnerability Exposure (CVE) ID: CVE-2011-4110
BugTraq ID: 50755
HPdes Security Advisory: HPSBGN02970
|Copyright||Copyright (C) 2012 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.