Linux kernel: Local Privilege Escalation Vulnerability

Users of Linux kernel please be advised of a local privilege escalation vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

SUSE-SA:2010:057: [SUSE-SA:2010:057] Linux kernel Privilege-escalation Issues
Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP1
Vulnerability Type: local privilege escalation
Problem Description and Brief Discussion

This update of the SUSE Linux Enterprise 11 SP1 fixes three critical

security issues and some bugs.

Following security issues were fixed:

CVE-2010-3904: A local privilege escalation in RDS sockets allowed

local attackers to gain root privileges.

CVE-2010-2963: A problem in the compat ioctl handling in video4linux

allowed local attackers with a video device plugged in to gain root

privileges on x86_64 systems.

CVE-2010-2963: A problem in the compat ioctl handling in video4linux

allowed local attackers with a video device plugged in to gain

privileges on x86_64 systems.

Read more at http://www.criticalwatch.com

 

Advertisements