Users of Linux openSUSE 11.3 please be advised of a local privilege escalation vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
SUSE-SA:2010:051: [SUSE-SA:2010:051] Linux kernel security fixes
Affected Products: openSUSE 11.3
Vulnerability Type: local privilege escalation
Problem Description and Brief Discussion
This updated openSUSE 11.3 kernel fixes the following security bugs:
CVE-2010-3310: local users could corrupt kernel heap memory via
ROSE sockets.
CVE-2010-2962: local users could write to any kernel memory location
via the i915 GEM ioctl interface. Exploitability requires the presence
of a i915 compatible graphics card.
Additionally the update restores the compat_alloc_userspace()
inline function and includes several other bug fixes.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/dpCzYI
No comments:
Post a Comment