kernel packages: Moderate security and bug fix update

Users of kernel packages please be advised of a Moderate security and bug fix update that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

RHSA-2010:0779-01: [RHSA-2010:0779-01] Moderate: kernel security and bug fix update

Product: Red Hat Enterprise Linux

Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Information leak flaws were found in the Linux kernel Traffic Control Unit implementation. A local attacker could use these flaws to cause the kernel to leak kernel memory to user-space, possibly leading to the disclosure of sensitive information. (CVE-2010-2942, Moderate)

* A flaw was found in the tcf_act_police_dump() function in the Linux kernel network traffic policing implementation. A data structure in tcf_act_police_dump() was not initialized properly before being copied to user-space. A local, unprivileged user could use this flaw to cause an information leak. (CVE-2010-3477, Moderate) Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/bZxYax