kernel security update

2007-02-27T21:57:02
ID CESA-2007:0085
Type centos
Reporter CentOS Project
Modified 2007-02-28T00:29:47

Description

CentOS Errata and Security Advisory CESA-2007:0085

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for two security issues:

  • a flaw in the key serial number collision avoidance algorithm of the keyctl subsystem that allowed a local user to cause a denial of service (CVE-2007-0006, Important)

  • a flaw in the file watch implementation of the audit subsystems that allowed a local user to cause a denial of service (panic). To exploit this flaw a privileged user must have previously created a watch for a file (CVE-2007-0001, Moderate)

In addition to the security issues described above, a fix for the SCTP subsystem to address a system crash which may be experienced in Telco environments has been included.

Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-February/025622.html http://lists.centos.org/pipermail/centos-announce/2007-February/025623.html http://lists.centos.org/pipermail/centos-announce/2007-February/025624.html http://lists.centos.org/pipermail/centos-announce/2007-February/025625.html

Affected packages: kernel kernel-devel kernel-doc kernel-hugemem kernel-hugemem-devel kernel-largesmp kernel-largesmp-devel kernel-smp kernel-smp-devel

Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0085.html