7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.154 Low
EPSS
Percentile
95.8%
CentOS Errata and Security Advisory CESA-2007:0347
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
a flaw in the handling of IPv6 type 0 routing headers that allowed remote
users to cause a denial of service that led to a network amplification
between two routers (CVE-2007-2242, Important).
a flaw in the nfnetlink_log netfilter module that allowed a local user to
cause a denial of service (CVE-2007-1496, Important).
a flaw in the flow list of listening IPv6 sockets that allowed a local
user to cause a denial of service (CVE-2007-1592, Important).
a flaw in the handling of netlink messages that allowed a local user to
cause a denial of service (infinite recursion) (CVE-2007-1861, Important).
a flaw in the IPv4 forwarding base that allowed a local user to cause an
out-of-bounds access (CVE-2007-2172, Important).
a flaw in the nf_conntrack netfilter module for IPv6 that allowed remote
users to bypass certain netfilter rules using IPv6 fragments
(CVE-2007-1497, Moderate).
In addition to the security issues described above, fixes for the following
have been included:
a regression in ipv6 routing.
an error in memory initialization that caused gdb to output inaccurate
backtraces on ia64.
the nmi watchdog timeout was updated from 5 to 30 seconds.
a flaw in distributed lock management that could result in errors during
virtual machine migration.
an omitted include in kernel-headers that led to compile failures for
some packages.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075964.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075965.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0347
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i686 | kernel | < 2.6.18-8.1.4.el5 | kernel-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | i686 | kernel-devel | < 2.6.18-8.1.4.el5 | kernel-devel-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | noarch | kernel-doc | < 2.6.18-8.1.4.el5 | kernel-doc-2.6.18-8.1.4.el5.noarch.rpm |
CentOS | 5 | i386 | kernel-headers | < 2.6.18-8.1.4.el5 | kernel-headers-2.6.18-8.1.4.el5.i386.rpm |
CentOS | 5 | i686 | kernel-pae | < 2.6.18-8.1.4.el5 | kernel-PAE-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | i686 | kernel-pae-devel | < 2.6.18-8.1.4.el5 | kernel-PAE-devel-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen | < 2.6.18-8.1.4.el5 | kernel-xen-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen-devel | < 2.6.18-8.1.4.el5 | kernel-xen-devel-2.6.18-8.1.4.el5.i686.rpm |
CentOS | 5 | x86_64 | kernel | < 2.6.18-8.1.4.el5 | kernel-2.6.18-8.1.4.el5.x86_64.rpm |
CentOS | 5 | x86_64 | kernel-devel | < 2.6.18-8.1.4.el5 | kernel-devel-2.6.18-8.1.4.el5.x86_64.rpm |