-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel-rt security update
Advisory ID: RHSA-2012:0061-01
Product: Red Hat Enterprise MRG for RHEL-6
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0061.html
Issue date: 2012-01-24
CVE Names: CVE-2012-0056
=====================================================================
1. Summary:
Updated kernel-rt packages that fix one security issue are now available
for Red Hat Enterprise MRG 2.1.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
2. Relevant releases/architectures:
MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64
3. Description:
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
* It was found that permissions were not checked properly in the Linux
kernel when handling the /proc/[pid]/mem writing functionality. A local,
unprivileged user could use this flaw to escalate their privileges. Refer
to Red Hat Knowledgebase article DOC-69129, linked to in the References,
for further information. (CVE-2012-0056, Important)
Red Hat would like to thank JÄ
Posljednje sigurnosne preporuke