5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.048 Low
EPSS
Percentile
92.7%
CentOS Errata and Security Advisory CESA-2007:0940
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
A flaw was found in the backported stack unwinder fixes in Red Hat
Enterprise Linux 5. On AMD64 and Intel 64 platforms, a local user could
trigger this flaw and cause a denial of service. (CVE-2007-4574, Important)
A flaw was found in the handling of process death signals. This allowed a
local user to send arbitrary signals to the suid-process executed by that
user. A successful exploitation of this flaw depends on the structure of
the suid-program and its signal handling. (CVE-2007-3848, Important)
A flaw was found in the Distributed Lock Manager (DLM) in the cluster
manager. This allowed a remote user who is able to connect to the DLM port
to cause a denial of service. (CVE-2007-3380, Important)
A flaw was found in the aacraid SCSI driver. This allowed a local user to
make ioctl calls to the driver which should otherwise be restricted to
privileged users. (CVE-2007-4308, Moderate)
A flaw was found in the prio_tree handling of the hugetlb support that
allowed a local user to cause a denial of service. This only affected
kernels with hugetlb support. (CVE-2007-4133, Moderate)
A flaw was found in the eHCA driver on PowerPC architectures that allowed
a local user to access 60k of physical address space. This address space
could contain sensitive information. (CVE-2007-3850, Moderate)
A flaw was found in ptrace support that allowed a local user to cause a
denial of service via a NULL pointer dereference. (CVE-2007-3731, Moderate)
A flaw was found in the usblcd driver that allowed a local user to cause
a denial
of service by writing data to the device node. To exploit this issue, write
access to the device node was needed. (CVE-2007-3513, Moderate)
A flaw was found in the random number generator implementation that
allowed a local user to cause a denial of service or possibly gain
privileges. If the root user raised the default wakeup threshold over the
size of the output pool, this flaw could be exploited. (CVE-2007-3105, Low)
In addition to the security issues described above, several bug fixes
preventing possible system crashes and data corruption were also included.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-October/076496.html
https://lists.centos.org/pipermail/centos-announce/2007-October/076497.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0940
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i686 | kernel | <Β 2.6.18-8.1.15.el5 | kernel-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | i686 | kernel-devel | <Β 2.6.18-8.1.15.el5 | kernel-devel-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | noarch | kernel-doc | <Β 2.6.18-8.1.15.el5 | kernel-doc-2.6.18-8.1.15.el5.noarch.rpm |
CentOS | 5 | i386 | kernel-headers | <Β 2.6.18-8.1.15.el5 | kernel-headers-2.6.18-8.1.15.el5.i386.rpm |
CentOS | 5 | i686 | kernel-pae | <Β 2.6.18-8.1.15.el5 | kernel-PAE-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | i686 | kernel-pae-devel | <Β 2.6.18-8.1.15.el5 | kernel-PAE-devel-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen | <Β 2.6.18-8.1.15.el5 | kernel-xen-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen-devel | <Β 2.6.18-8.1.15.el5 | kernel-xen-devel-2.6.18-8.1.15.el5.i686.rpm |
CentOS | 5 | x86_64 | kernel | <Β 2.6.18-8.1.15.el5 | kernel-2.6.18-8.1.15.el5.x86_64.rpm |
CentOS | 5 | x86_64 | kernel-devel | <Β 2.6.18-8.1.15.el5 | kernel-devel-2.6.18-8.1.15.el5.x86_64.rpm |