Linux kernel: Update Fixes Three Critical Security Vulnerabilities

Users of Linux kernel please be advised of an update fixes three critical Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

SUSE-SA:2010:057: [SUSE-SA:2010:057] Linux kernel
Affected Products: SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Server 11 SP1
Vulnerability Type: local privilege escalation
Problem Description and Brief Discussion

This update of the SUSE Linux Enterprise 11 SP1 fixes three critical
security issues and some bugs.

Following security issues were fixed:
CVE-2010-3904: A local privilege escalation in RDS sockets allowed
local attackers to gain root privileges.

CVE-2010-2963: A problem in the compat ioctl handling in video4linux
allowed local attackers with a video device plugged in to gain root
privileges on x86_64 systems.

CVE-2010-2963: A problem in the compat ioctl handling in video4linux
allowed local attackers with a video device plugged in to gain
privileges on x86_64 systems.Read more at http://www.criticalwatch.com
 

Advertisements