kernel security update

ID CESA-2007:0774
Type centos
Reporter CentOS Project
Modified 2007-09-08T01:24:39


CentOS Errata and Security Advisory CESA-2007:0774

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described below:

  • a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential remote access. Exploitation would require the attacker to be able to send arbitrary frames over the ISDN network to the victim's machine. (CVE-2007-1217, Moderate)

  • a flaw in the perfmon subsystem on ia64 platforms that allowed a local user to cause a denial of service. (CVE-2006-0558, Moderate)

In addition, the following bugs were addressed:

  • a panic after reloading of the LSI Fusion driver.

  • a vm performance problem was corrected by balancing inactive page lists.

  • added a nodirplus option to address NFSv3 performance issues with large directories.

  • changed the personality handling to disallow personality changes of setuid and setgid binaries. This ensures they keep any randomization and Exec-shield protection.

All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

Merged security bulletin from advisories:

Affected packages: kernel kernel-devel kernel-doc kernel-hugemem kernel-hugemem-devel kernel-largesmp kernel-largesmp-devel kernel-smp kernel-smp-devel kernel-xenU kernel-xenU-devel

Upstream details at: