RHSA-2011:0928: Moderate: kernel security and bug fix update

First published: Tue Jul 12 2011(Updated: )

The kernel packages contain the Linux kernel, the core of any Linux<br>operating system.<br>This update fixes the following security issues:<br><li> It was found that the receive hook in the ipip_init() function in the</li> ipip module, and in the ipgre_init() function in the ip_gre module, could<br>be called before network namespaces setup is complete. If packets were<br>received at the time the ipip or ip_gre module was still being loaded into<br>the kernel, it could cause a denial of service. (CVE-2011-1767,<br>CVE-2011-1768, Moderate)<br><li> It was found that an mmap() call with the MAP_PRIVATE flag on "/dev/zero"</li> would create transparent hugepages and trigger a certain robustness check.<br>A local, unprivileged user could use this flaw to cause a denial of<br>service. (CVE-2011-2479, Moderate)<br>This update also fixes various bugs. Documentation for these bug fixes will<br>be available shortly from the Technical Notes document linked to in the<br>References section.<br>Users should upgrade to these updated packages, which contain backported<br>patches to resolve these issues, and fix the bugs noted in the Technical<br>Notes. The system must be rebooted for this update to take effect.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2011:0928
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• package-manager/redhat