[Ksplice][EL6-Updates] Important update available for CVE-2014-3153
Jamie Iles
jamie.iles at oracle.com
Sun Jun 8 05:40:11 PDT 2014
Synopsis: Early update for local privilege escalation in futex requeuing
CVEs: CVE-2014-3153
An update that fixes CVE-2014-3153 is now available through Ksplice for
your kernel.
CVE-2014-3153: Local privilege escalation in futex requeuing.
Invalid parameters to the futex() syscall may break assumptions made in
the kernel and would leave dangling pointers that could be exploited
to gain root privileges.
INSTALLING THE UPDATES
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
More information about the Ksplice-EL6-Updates
mailing list