7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.224 Low
EPSS
Percentile
96.4%
CentOS Errata and Security Advisory CESA-2006:0493
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the security issues
described below:
a flaw in the IPv6 implementation that allowed a local user to cause a
denial of service (infinite loop and crash) (CVE-2005-2973, important)
a flaw in the bridge implementation that allowed a remote user to
cause forwarding of spoofed packets via poisoning of the forwarding
table with already dropped frames (CVE-2005-3272, moderate)
a flaw in the atm module that allowed a local user to cause a denial
of service (panic) via certain socket calls (CVE-2005-3359, important)
a flaw in the NFS client implementation that allowed a local user to
cause a denial of service (panic) via O_DIRECT writes (CVE-2006-0555,
important)
a difference in “sysretq” operation of EM64T (as opposed to Opteron)
processors that allowed a local user to cause a denial of service
(crash) upon return from certain system calls (CVE-2006-0741 and
CVE-2006-0744, important)
a flaw in the keyring implementation that allowed a local user to
cause a denial of service (OOPS) (CVE-2006-1522, important)
a flaw in IP routing implementation that allowed a local user to cause
a denial of service (panic) via a request for a route for a multicast IP
(CVE-2006-1525, important)
a flaw in the SCTP-netfilter implementation that allowed a remote user
to cause a denial of service (infinite loop) (CVE-2006-1527, important)
a flaw in the sg driver that allowed a local user to cause a denial of
service (crash) via a dio transfer to memory mapped (mmap) IO space
(CVE-2006-1528, important)
a flaw in the threading implementation that allowed a local user to
cause a denial of service (panic) (CVE-2006-1855, important)
two missing LSM hooks that allowed a local user to bypass the LSM by
using readv() or writev() (CVE-2006-1856, moderate)
a flaw in the virtual memory implementation that allowed local user to
cause a denial of service (panic) by using the lsof command
(CVE-2006-1862, important)
a directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via “…\”
sequences (CVE-2006-1864, moderate)
a flaw in the ECNE chunk handling of SCTP that allowed a remote user
to cause a denial of service (panic) (CVE-2006-2271, moderate)
a flaw in the handling of COOKIE_ECHO and HEARTBEAT control chunks of
SCTP that allowed a remote user to cause a denial of service (panic)
(CVE-2006-2272, moderate)
a flaw in the handling of DATA fragments of SCTP that allowed a remote
user to cause a denial of service (infinite recursion and crash)
(CVE-2006-2274, moderate)
All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels
to the packages associated with their machine architectures and
configurations as listed in this erratum.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-May/075081.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075082.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075084.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075085.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075086.html
Affected packages:
kernel
kernel-devel
kernel-doc
kernel-hugemem
kernel-hugemem-devel
kernel-largesmp
kernel-largesmp-devel
kernel-smp
kernel-smp-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2006:0493
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | kernel | < 2.6.9-34.0.1.EL | kernel-2.6.9-34.0.1.EL.ia64.rpm |
CentOS | 4 | ia64 | kernel-devel | < 2.6.9-34.0.1.EL | kernel-devel-2.6.9-34.0.1.EL.ia64.rpm |
CentOS | 4 | ia64 | kernel-largesmp | < 2.6.9-34.0.1.EL | kernel-largesmp-2.6.9-34.0.1.EL.ia64.rpm |
CentOS | 4 | ia64 | kernel-largesmp-devel | < 2.6.9-34.0.1.EL | kernel-largesmp-devel-2.6.9-34.0.1.EL.ia64.rpm |
CentOS | 4 | s390 | kernel | < 2.6.9-34.0.1.EL | kernel-2.6.9-34.0.1.EL.s390.rpm |
CentOS | 4 | s390 | kernel-devel | < 2.6.9-34.0.1.EL | kernel-devel-2.6.9-34.0.1.EL.s390.rpm |
CentOS | 4 | s390x | kernel | < 2.6.9-34.0.1.EL | kernel-2.6.9-34.0.1.EL.s390x.rpm |
CentOS | 4 | s390x | kernel-devel | < 2.6.9-34.0.1.EL | kernel-devel-2.6.9-34.0.1.EL.s390x.rpm |
CentOS | 4 | alpha | kernel | < 2.6.9-34.0.1.EC | kernel-2.6.9-34.0.1.EC.alpha.rpm |
CentOS | 4 | alpha | kernel-devel | < 2.6.9-34.0.1.EC | kernel-devel-2.6.9-34.0.1.EC.alpha.rpm |