A flaw was found in the way net_ctl_permissions() function in the Linux kernel checked permissions. As a result, an unprivileged local user could potentially use this flaw to access files in /proc/sys/net in a way that he would otherwise be unable to. Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cff109768b2d9c03095848f4cd4b0754117262aa Fixed by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2433c8f094a008895e66f25bd1773cdb01c91d01 Acknowledgements: This issue was discovered by Miroslav Vadkerti of Red Hat.
Statement: This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5 and 6.
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2014:0100 https://rhn.redhat.com/errata/RHSA-2014-0100.html