Solution
Please Install the Updated Packages.
Insight
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issue:
* A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871, Important)
Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Affected
kernel on CentOS 6
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-0871 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities