RedHat Update For Kernel RHSA-2010:0792-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * The rds_page_copy_user() function in the Linux kernel Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3904, Important) Red Hat would like to thank Dan Rosenberg of Virtual Security Research for reporting this issue. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.

Affected

kernel on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2010-October/msg00028.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3904
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0420
RedHat Security Advisory RHSA-2009:1148
RedHat Security Advisory RHSA-2009:0350
RedHat Security Advisory RHSA-2008:0787
RedHat Security Advisory RHSA-2009:1062

RedHat Update for kernel RHSA-2010:0792-01

Take action and discover your vulnerabilities