Bug 710638

Summary: kernel: restrict access to /proc/kcore to just elf headers [rhel-6.0.z]
Product: Red Hat Enterprise Linux 6 Reporter: Ken Reilly <kreilly>
Component: kernelAssignee: Frantisek Hrbata <fhrbata>
Status: CLOSED ERRATA QA Contact: Petr Beňas <pbenas>
Severity: high Docs Contact:
Priority: high    
Version: 6.1CC: amwang, anderson, arozansk, cebbert, davej, dhoward, dhowells, eteo, fhrbata, jcm, jmalanik, jwest, kmcmartin, lwang, pbenas, pm-eus, pstehlik, qcai, security-response-team, tburke
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: kernel-2.6.32-71.33.1.el6 Doc Type: Bug Fix
Doc Text:
This update restricts access to the /proc/kcore file to ELF headers only.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-02 16:54:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 663864    
Bug Blocks:    

Description Ken Reilly 2011-06-03 21:29:50 UTC 
This bug has been copied from bug #663864 and has been proposed
to be backported to 6.0 z-stream (EUS).
Comment 7 Petr Beňas 2011-07-18 07:17:37 UTC 
Reproduced in 2.6.32-71.32.1.el6.x86_64 and verified in 2.6.32-71.33.1.el6.x86_64.
Comment 8 errata-xmlrpc 2011-08-02 16:54:38 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-1106.html
Comment 9 Martin Prpič 2011-08-18 14:45:33 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
This update restricts access to the /proc/kcore file to ELF headers only.