A buffer overflow in kon2 allows local users to obtain root privileges.
KON is a Kanji emulator for the console. There is a buffer overflow vulnerability in the command line parsing code portion of the kon program up to and including version 0.3.9b. This vulnerability, if appropriately exploited, can lead to local users being able to gain elevated (root) privileges. All users of kon2 should update to these erratum packages, which contain a patch to fix this vulnerability. Red Hat would like to thank Janusz Niewiadomski for notifying us of this issue.