CentOS Errata and Security Advisory CESA-2007:0937
The Linux kernel handles the basic functions of the operating system.
A flaw was found in the IA32 system call emulation provided on AMD64 and Intel 64 platforms. An improperly validated 64-bit value could be stored in the %RAX register, which could trigger an out-of-bounds system call table access. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). (CVE-2007-4573).
Red Hat would like to thank Wojciech Purczynski for reporting this issue.
Red Hat Enterprise Linux 4 users are advised to upgrade to these packages, which contain a backported patch to correct this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-September/014251.html http://lists.centos.org/pipermail/centos-announce/2007-September/014259.html http://lists.centos.org/pipermail/centos-announce/2007-September/014264.html http://lists.centos.org/pipermail/centos-announce/2007-September/014265.html
Affected packages: kernel kernel-devel kernel-doc kernel-hugemem kernel-hugemem-devel kernel-largesmp kernel-largesmp-devel kernel-smp kernel-smp-devel kernel-xenU kernel-xenU-devel
Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0937.html