Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHSA-2013:0621-01

Overview

Id RHSA-2013:0621-01
Name Red Hat 2013:0621-01 RHSA Important: kernel security update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 11 Mar 2013 12:00:00

RHSA-2013:0621-01

Red Hat 2013:0621-01 RHSA Important: kernel security update for RHEL 5 x86

Vendor Name

red_hat

Product

None

Released On

11 Mar 2013 12:00:00

Url

https://rhn.redhat.com/errata/RHSA-2013-0621.html

Description

LSAC(v2)
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments (for example, when using a capability-based security model). A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register. (CVE-2013-0268, Important) * A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871, Important) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

Related Resources

Related Vulnerabilities

CVE-2013-0871  

Related Patches

None

Superseded Patches


Last Updated: 27 May 2016 11:16:54