Rapid7 Vulnerability & Exploit Database

RHSA-2010:0046: kernel security and bug fix update

Back to Search

RHSA-2010:0046: kernel security and bug fix update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
01/27/2010
Created
07/25/2018
Added
01/27/2010
Modified
06/21/2018

Description

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Security fixes:The fix for CVE-2006-6304 changes the expected behavior: With suid_dumpableset to 2, the core file will not be recorded if the file already exists.For example, core files will not be overwritten on subsequent crashes ofprocesses whose core files map to the same name.Bug fix documentation for this update will be available shortly fromwww.redhat.com/docs/en-US/errata/RHSA-2010-0046/Kernel_Security_Update/index.htmlUsers should upgrade to these updated packages, which contain backportedpatches to correct these issues. The system must be rebooted for thisupdate to take effect.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-debug
  • redhat-upgrade-kernel-debug-devel
  • redhat-upgrade-kernel-devel
  • redhat-upgrade-kernel-doc
  • redhat-upgrade-kernel-headers
  • redhat-upgrade-kernel-kdump
  • redhat-upgrade-kernel-kdump-devel
  • redhat-upgrade-kernel-pae
  • redhat-upgrade-kernel-pae-devel
  • redhat-upgrade-kernel-xen
  • redhat-upgrade-kernel-xen-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;