- Home
- CVEs with nessus.description==Updated+kernel+packages+that+fix+one+security+issue+and+one+bug+are+now+available+for+Red+Hat+Enterprise+Linux+6.2+Advanced+Update+Support.%0A%0AThe+Red+Hat+Security+Response+Team+has+rated+this+update+as+having+Important+security+impact.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+from+the+CVE+link+in+the+References+section.%0A%0AThe+kernel+packages+contain+the+Linux+kernel%2C+the+core+of+any+Linux+operating+system.%0A%0A%2A+A+flaw+was+found+in+the+way+the+pppol2tp_setsockopt%28%29+and+pppol2tp_getsockopt%28%29+functions+in+the+Linux+kernel%27s+PPP+over+L2TP+implementation+handled+requests+with+a+non-SOL_PPPOL2TP+socket+option+level.+A+local%2C+unprivileged+user+could+use+this+flaw+to+escalate+their+privileges+on+the+system.+%28CVE-2014-4943%2C+Important%29%0A%0ARed+Hat+would+like+to+thank+Sasha+Levin+for+reporting+this+issue.%0A%0AThis+update+also+fixes+the+following+bug+%3A%0A%0A%2A+When+a+device+was+registered+to+a+bus%2C+a+race+condition+could+occur+between+the+device+being+added+to+the+list+of+devices+of+the+bus+and+binding+the+device+to+a+driver.+As+a+result%2C+the+device+could+already+be+bound+to+a+driver+which+led+to+a+warning+and+incorrect+reference+counting%2C+and+consequently+to+a+kernel+panic+on+device+removal.+To+avoid+the+race+condition%2C+this+update+adds+a+check+to+identify+an+already+bound+device.+%28BZ%231114409%29%0A%0AAll+kernel+users+are+advised+to+upgrade+to+these+updated+packages%2C+which+contain+backported+patches+to+correct+these+issues.+The+system+must+be+rebooted+for+this+update+to+take+effect
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top