CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
88.6%
CentOS Errata and Security Advisory CESA-2005:420
The Linux kernel handles the basic functions of the operating system.
This is the first regular kernel update to Red Hat Enterprise Linux 4.
A flaw affecting the auditing code was discovered. On Itanium
architectures a local user could use this flaw to cause a denial of service
(crash). This issue is rated as having important security impact
(CAN-2005-0136).
A flaw was discovered in the servicing of a raw device ioctl. A local user
who has access to raw devices could use this flaw to write to kernel memory
and cause a denial of service or potentially gain privileges. This issue
is rated as having moderate security impact (CAN-2005-1264).
A flaw in fragment forwarding was discovered that affected the netfilter
subsystem for certain network interface cards. A remote attacker could send
a set of bad fragments and cause a denial of service (system crash). Acenic
and SunGEM network interfaces were the only adapters affected, which are in
widespread use. (CAN-2005-0209)
A flaw in the futex functions was discovered affecting the Linux 2.6
kernel. A local user could use this flaw to cause a denial of service
(system crash). (CAN-2005-0937)
New features introduced by this update include:
There were many bug fixes in various parts of the kernel. The ongoing
effort to resolve these problems has resulted in a marked improvement
in the reliability and scalability of Red Hat Enterprise Linux 4.
The following device drivers have been upgraded to new versions:
ata_piix -------- 1.03
bonding --------- 2.6.1
e1000 ----------- 5.6.10.1-k2-NAPI
e100 ------------ 3.3.6-k2-NAPI
ibmveth --------- 1.03
libata ---------- 1.02 to 1.10
lpfc ------------ 0:8.0.16 to 0:8.0.16.6_x2
megaraid_mbox โ 2.20.4.0 to 2.20.4.5
megaraid_mm ----- 2.20.2.0-rh1 to 2.20.2.5
sata_nv --------- 0.03 to 0.6
sata_promise ---- 1.00 to 1.01
sata_sil -------- 0.8
sata_sis -------- 0.5
sata_svw -------- 1.05
sata_sx4 -------- 0.7
sata_via -------- 1.0
sata_vsc -------- 1.0
tg3 ------------- 3.22-rh
ipw2100 --------- 1.0.3
ipw2200 --------- 1.0.0
All Red Hat Enterprise Linux 4 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-June/073962.html
https://lists.centos.org/pipermail/centos-announce/2005-June/073965.html
https://lists.centos.org/pipermail/centos-announce/2005-June/073970.html
Affected packages:
kernel
kernel-devel
kernel-doc
kernel-hugemem
kernel-hugemem-devel
kernel-smp
kernel-smp-devel
kernel-sourcecode
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:420
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | kernel | <ย 2.6.9-11.EL | kernel-2.6.9-11.EL.ia64.rpm |
CentOS | 4 | ia64 | kernel-devel | <ย 2.6.9-11.EL | kernel-devel-2.6.9-11.EL.ia64.rpm |
CentOS | 4 | noarch | kernel-doc | <ย 2.6.9-11.EL | kernel-doc-2.6.9-11.EL.noarch.rpm |
CentOS | 4 | noarch | kernel-sourcecode | <ย 2.6.9-11.EL | kernel-sourcecode-2.6.9-11.EL.noarch.rpm |
CentOS | 4 | x86_64 | kernel | <ย 2.6.9-11.EL | kernel-2.6.9-11.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-devel | <ย 2.6.9-11.EL | kernel-devel-2.6.9-11.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp | <ย 2.6.9-11.EL | kernel-smp-2.6.9-11.EL.x86_64.rpm |
CentOS | 4 | x86_64 | kernel-smp-devel | <ย 2.6.9-11.EL | kernel-smp-devel-2.6.9-11.EL.x86_64.rpm |
CentOS | 4 | noarch | kernel-doc | <ย 2.6.9-11.EL | kernel-doc-2.6.9-11.EL.noarch.rpm |
CentOS | 4 | noarch | kernel-sourcecode | <ย 2.6.9-11.EL | kernel-sourcecode-2.6.9-11.EL.noarch.rpm |