Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2007:169
HistoryMay 01, 2007 - 11:33 p.m.

Kernel, kernel security update

2007-05-0123:33:28
CentOS Project
lists.centos.org
46

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

CentOS Errata and Security Advisory CESA-2007:169

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the following security issues:

  • a flaw in the IPv6 socket option handling that allowed a local user to
    read arbitrary kernel memory (CVE-2007-1000, Important).

  • a flaw in the IPv6 socket option handling that allowed a local user to
    cause a denial of service (CVE-2007-1388, Important).

  • a flaw in the utrace support that allowed a local user to cause a denial
    of service (CVE-2007-0771, Important).

In addition to the security issues described above, a fix for a memory leak
in the audit subsystem and a fix for a data corruption bug on s390 systems
have been included.

Red Hat Enterprise Linux 5 users are advised to upgrade to these erratum
packages, which are not vulnerable to these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075859.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075860.html

Affected packages:
Kernel-xen-devel
kernel
kernel-PAE
kernel-PAE-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0169

OSVersionArchitecturePackageVersionFilename
CentOS5x86_64kernel< 2.6.18-8.1.3.el5kernel-2.6.18-8.1.3.el5.x86_64.rpm
CentOS5x86_64kernel-devel< 2.6.18-8.1.3.el5kernel-devel-2.6.18-8.1.3.el5.x86_64.rpm
CentOS5noarchkernel-doc< 2.6.18-8.1.3.el5kernel-doc-2.6.18-8.1.3.el5.noarch.rpm
CentOS5x86_64kernel-headers< 2.6.18-8.1.3.el5kernel-headers-2.6.18-8.1.3.el5.x86_64.rpm
CentOS5x86_64kernel-xen< 2.6.18-8.1.3.el5kernel-xen-2.6.18-8.1.3.el5.x86_64.rpm
CentOS5x86_64kernel-xen-devel< 2.6.18-8.1.3.el5Kernel-xen-devel-2.6.18-8.1.3.el5.x86_64.rpm
CentOS5i686kernel< 2.6.18-8.1.3.el5kernel-2.6.18-8.1.3.el5.i686.rpm
CentOS5i686kernel-devel< 2.6.18-8.1.3.el5kernel-devel-2.6.18-8.1.3.el5.i686.rpm
CentOS5noarchkernel-doc< 2.6.18-8.1.3.el5kernel-doc-2.6.18-8.1.3.el5.noarch.rpm
CentOS5i386kernel-headers< 2.6.18-8.1.3.el5kernel-headers-2.6.18-8.1.3.el5.i386.rpm
Rows per page:
1-10 of 141

Related

nessus 9
redhat 1
securityvulns 4
suse 1
veracode 3
cve 4
ubuntucve 4
prion 4
seebug 2
packetstorm 1
cert 1
exploitpack 1
exploitdb 1
oraclelinux 1
openvas 13
fedora 2
ubuntu 3
nessus
nessus
RHEL 5 : kernel (RHSA-2007:0169)
2007-05-25 00:00:00
CentOS 5 : Kernel (CESA-2007:0169)
2007-05-02 00:00:00
openSUSE 10 Security Update : kernel (kernel-3128)
2007-10-17 00:00:00
redhat
redhat
(RHSA-2007:0169) Important: kernel security and bug fix update
2007-04-30 00:00:00
securityvulns
securityvulns
Linux setsockopt / getsockopt IPv6 DoS
2007-03-12 00:00:00
Ktorrent multiple security vulnerabilities
2007-03-12 00:00:00
[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution
2007-05-25 00:00:00
suse
suse
remote denial of service in kernel
2007-05-03 18:12:20
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:15:30
Denial Of Service (DoS)
2020-04-10 00:15:26
Arbitrary Memory Read
2020-04-10 00:15:28
cve
cve
CVE-2007-1388
2007-03-10 19:19:00
CVE-2007-0771
2007-05-02 22:19:00
CVE-2007-1000
2007-03-12 23:19:00
ubuntucve
ubuntucve
CVE-2007-1388
2007-03-10 00:00:00
CVE-2007-0771
2007-05-02 00:00:00
CVE-2007-1000
2007-03-12 00:00:00
prion
prion
Code injection
2007-05-02 22:19:00
Null pointer dereference
2007-03-10 19:19:00
Design/Logic Flaw
2007-03-12 23:19:00
seebug
seebug
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
2014-07-01 00:00:00
Linux Kernel &lt; 2.6.20.2 IPV6_Getsockopt_Sticky Memory Leak PoC
2007-07-11 00:00:00
packetstorm
packetstorm
linux-26202.txt
2007-07-11 00:00:00
cert
cert
Linux Kernel vulnerable to DoS via the ipv6_getsockopt_sticky() function
2007-03-13 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak
2007-07-10 00:00:00
exploitdb
exploitdb
Linux Kernel &lt; 2.6.20.2 - &#039;IPv6_Getsockopt_Sticky&#039; Memory Leak
2007-07-10 00:00:00
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2007-06-26 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2007-0347)
2015-10-08 00:00:00
Fedora Update for kernel FEDORA-2007-335
2009-02-27 00:00:00
Fedora Update for kernel FEDORA-2007-335
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2925.fc6
2007-03-14 20:19:42
[SECURITY] Fedora Core 5 Update: kernel-2.6.20-1.2300.fc5
2007-03-14 20:26:01
ubuntu
ubuntu
Linux kernel vulnerabilities
2007-05-24 00:00:00
Linux kernel vulnerabilities
2007-07-18 00:00:00
Linux kernel vulnerabilities
2007-07-19 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for CESA-2007:169
nessus9redhat1securityvulns4suse1veracode3cve4ubuntucve4prion4seebug2packetstorm1cert1exploitpack1exploitdb1oraclelinux1openvas13fedora2ubuntu3