CentOS Errata and Security Advisory CESA-2007:0085
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for two security issues:
a flaw in the key serial number collision avoidance algorithm of the keyctl subsystem that allowed a local user to cause a denial of service (CVE-2007-0006, Important)
a flaw in the file watch implementation of the audit subsystems that allowed a local user to cause a denial of service (panic). To exploit this flaw a privileged user must have previously created a watch for a file (CVE-2007-0001, Moderate)
In addition to the security issues described above, a fix for the SCTP subsystem to address a system crash which may be experienced in Telco environments has been included.
Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-February/025622.html http://lists.centos.org/pipermail/centos-announce/2007-February/025623.html http://lists.centos.org/pipermail/centos-announce/2007-February/025624.html http://lists.centos.org/pipermail/centos-announce/2007-February/025625.html
Affected packages: kernel kernel-devel kernel-doc kernel-hugemem kernel-hugemem-devel kernel-largesmp kernel-largesmp-devel kernel-smp kernel-smp-devel
Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0085.html