what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2015-2411-01

Posted Nov 20, 2015

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2411-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to elevate their privileges on the system.

tags | advisory, kernel, local

systems | linux, redhat

advisories | CVE-2013-7421, CVE-2014-8171, CVE-2014-9419, CVE-2014-9644, CVE-2015-2925, CVE-2015-3339, CVE-2015-4170, CVE-2015-5283, CVE-2015-7613, CVE-2015-7837

SHA-256 | 4ebb6d7591b02e0740e1a4134740ddd99527157811e2ec9e82dc7ce5145182a6

Download | Favorite | View

Related Files

No related files