Main Vulnerability Database SB2021011921

SB2021011921 - Red Hat Enterprise Linux 6 Extended Lifecycle Support update for kernel

Published: January 19, 2021

Security Bulletin ID SB2021011921

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Integer overflow (CVE-ID: CVE-2014-4508)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2021:0181