Advisories:rPSA-2008-0332
From rPath Wiki
rPath Security Advisory 2008-0332-1
Published: 2008-12-09
Products
- rPath Appliance Platform Linux Service 1
- rPath Appliance Platform Linux Service 2
- rPath Linux 1
- rPath Linux 2
Rating
- Major
Exposure Level Classification
- Local User Non-deterministic Privilege Escalation
Updated Versions
- kernel=conary.rpath.com@rpl:1/2.6.26.8-0.2-1
- kernel=conary.rpath.com@rpl:1-vmware/2.6.26.8-0.2-1
- kernel=conary.rpath.com@rpl:2/2.6.26.8-2-0.1
- kernel=rap-emc.rpath.com@rpath:emc-production-2/2.6.26.8-2-1
- kernel=rap-emc.rpath.com@rpath:emc-production-2/2.6.26.8-2-1
- kernel=rap.rpath.com@rpath:linux-1/2.6.26.8-2-1
rPath Issue Tracking System
References
Description
- Previous versions of the kernel package contain multiple
- vulnerabilities. The inotify functionality may allow local
- users to gain privileges via unknown vectors related to race
- conditions in inotify watch removal and umount. Additionally,
- there are two Denial of Services vulnerabilities, including one
- in which a local user may cause a "soft" system lock-up.
- This update requires a system reboot to implement the fixes.
Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html