Red Hat Security Advisory 2012-1491-01

newsbot

newsbot

RSS Feed
Red Hat Security Advisory 2012-1491-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way Netlink messages without SCM_CREDENTIALS data set were handled. When not explicitly set, the data was sent but with all values set to 0, including the process ID and user ID, causing the Netlink message to appear as if it were sent with root privileges. A local, unprivileged user could use this flaw to send spoofed Netlink messages to an application, possibly resulting in the application performing privileged operations if it relied on SCM_CREDENTIALS data for the authentication of Netlink messages.

Weiterlesen...
 

Ähnliche Themen

Nginx als Reverse Proxy für Nextcloud und Emby

Red Hat Security Advisory 2012-1580-01

Red Hat Security Advisory 2013-0121-01

Red Hat Security Advisory 2012-1541-01

Red Hat Security Advisory 2012-1558-01

Zurück
Oben