An updated procinfo package that fixes one bug is now available for Red Hat Enterprise Linux 5.
The procinfo package contains a set of system utilities providing users with system information. The procinfo package includes the following commands: procinfo, lsdev, socklist.
Previously, the procinfo command calculated the system idle time in a way that caused arithmetic overflows. As a consequence, procinfo displayed the system idle time incorrectly, which eventually resulted in buffer overflows. With this update, procinfo has been modified to convert variables to a larger data type before they are used in the calculation so that procinfo now always displays the system idle time correctly. Buffer overflows no longer occur under these circumstances.
All users of procinfo are advised to upgrade to this updated package, which fixes this bug.