https://access.redhat.com/kb/docs/DOC-40265
Note that they need to gain access to a local account before it is of any use to an attacker.
Also:
Quote:
As suggested on the Full Disclosure mailing list, it is possible to temporarily mitigate this issue. However, the steps provided below are only meant for the publicly-circulated exploit - they are insufficient for completely mitigating this vulnerability. As such, we strongly encourage you to install the updated kernel packages for Red Hat Enterprise Linux 5 when they become available soon.
|