Release date: 2011-10-10
Updated on: 2011-12-07
Affected Systems:
Linux kernel 3.x
Linux kernel 2.6.x
RedHat Enterprise Linux Workstation 6
RedHat Enterprise Linux Server 6
RedHat Enterprise Linux HPC Node 6
RedHat Enterprise Linux Desktop 6
Description:
--------------------------------------------------------------------------------
Bugtraq id: 50420
Cve id: CVE-2011-3590
Linux is a free computer operating system.
The kdump/mkdumprd tool in Linux has a local information leakage vulnerability. Local attackers can exploit this vulnerability to obtain sensitive information, such as the ssh key used by the root user.
<* Source: Kevan Carstensen
Link: https://bugzilla.redhat.com/show_bug.cgi? Id = 716439
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.kernel.org/