Red Hat today released kernel updates to fix at least 15 security flaws in its core called Linux kernel. RHEL users can grab the latest updates from RHN website or by simply running yum update command. This update has been rated as having important security impact.
The Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. (CVE-2007-5907, Important)
Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or escalate privileges. (CVE-2008-3527, Important)
The do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information. (CVE-2008-4210, CVE-2008-3833, Important)
A flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important)
How do I upgrade RHEL 5 system kernel?
Simply type the command:
# yum update -y
# reboot
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 2 comments... add one ↓
40 Linux Server Hardening Security Tips [2019 edition]
How to keep a detailed audit trail of what's being done on your Linux systems
Debian Upgrade: GNU/Linux 4.0 Update 5 Available
Linux Create / convert AVI file to DVD format ~ Create video DVDs
Linux 25 PHP Security Best Practices For Sys Admins
Linux Commands For Shared Library Management & Debugging Problem
Security Update: Debian Linux Kernel Local / Remote Vulnerabilities
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
******* NOTE: this is NOT A CRITICAL security update ****
Redhat categorizes this as an ‘IMPORTANT’ update, which is well below critical.
IMPORTANT < MODERATE < CRITICAL.
This is a very low level update according to redhat…no need to put “CRITICAL” in your headline.
Thanks for the heads up. The article title has been updated.