---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA30850 VERIFY ADVISORY: http://secunia.com/advisories/30850/ CRITICAL: Less critical IMPACT: Exposure of sensitive information, DoS WHERE: Local system OPERATING SYSTEM: RedHat Enterprise Linux AS 4 http://secunia.com/product/4669/ RedHat Enterprise Linux WS 4 http://secunia.com/product/4670/ RedHat Enterprise Linux ES 4 http://secunia.com/product/4668/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to disclose potentially sensitive information. 1) A race condition error in the "ptrace()" implementation can be exploited to crash the kernel. 2) An unspecified error in the 32-bit and 64-bit emulation can be exploited to disclose potentially sensitive data via a specially crafted binary. 3) An error while copying memory from userspace can be exploited to disclose potentially sensitive information. For more information see vulnerability #2 in: SA23073 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2008-0508.html OTHER REFERENCES: SA23073: http://secunia.com/advisories/23073/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------