Rapid7 Vulnerability & Exploit Database

RHSA-2002:210: New kernel 2.2 packages fix local vulnerabilities

Back to Search

RHSA-2002:210: New kernel 2.2 packages fix local vulnerabilities

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
09/23/2002
Created
07/25/2018
Added
10/28/2005
Modified
06/21/2018

Description

Some potential local security vulnerabilities were found in the kernel during code audits; these have been fixed in the 2.2.22 kernel.

The Linux kernel handles the basic functions of the operating system. A security code audit of the 2.2 kernel found a number of possible local security vulnerabilities. These vulnerabilities could allow a local user to obtain elevated (root) privileges. Red Hat Linux 6.2 and 7.0 shipped with the 2.2 kernel and are both vulnerable to these issues. All Red Hat Linux users using the 2.2 kernel should upgrade to the errata pacakages contaning the 2.2.22 kernel which are not vulnerable to these issues. Many thanks to Silvio Cesare and Solar Designer for their work in discovering these issues.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-boot
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-enterprise
  • redhat-upgrade-kernel-headers
  • redhat-upgrade-kernel-ibcs
  • redhat-upgrade-kernel-jensen
  • redhat-upgrade-kernel-pcmcia-cs
  • redhat-upgrade-kernel-smp
  • redhat-upgrade-kernel-source
  • redhat-upgrade-kernel-utils

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;