View Issue Details

IDProjectCategoryView StatusLast Update
0005779CentOS-6-OTHERpublic2012-06-21 15:37
Reporterjainy25 
PriorityurgentSeveritymajorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary0005779: SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware
DescriptionThere is a vulnerability in Red Hat based OS like CentOS. Here's the link to the report - http://www.kb.cert.org/vuls/id/649219

How can it be patched?
TagsNo tags attached.

Activities

tigalch

tigalch

2012-06-16 19:01

manager   ~0015276

The CERT KB entry you reference to contains this upstream errata:
https://rhn.redhat.com/errata/RHSA-2012-0721.html
THe kernel update discribed in this errate has been released on Jun 12:
http://lists.centos.org/pipermail/centos-announce/2012-June/018678.html

so a 'yum update' and a subsequent reboot to the new kernel should fix this vulnerability.
tigalch

tigalch

2012-06-21 15:37

manager   ~0015301

This is a C5 issue, not a C6 issue:

Closing as the mentioned vulnerability is solved with the kernel update http://lists.centos.org/pipermail/centos-announce/2012-June/018678.html

Issue History

Date Modified Username Field Change
2012-06-16 11:07 jainy25 New Issue
2012-06-16 19:01 tigalch Note Added: 0015276
2012-06-16 19:01 tigalch Status new => feedback
2012-06-21 15:37 tigalch Note Added: 0015301
2012-06-21 15:37 tigalch Status feedback => resolved
2012-06-21 15:37 tigalch Resolution open => fixed