10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.07 Low
EPSS
Percentile
93.8%
CentOS Errata and Security Advisory CESA-2010:0019
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
a flaw was found in the IPv6 Extension Header (EH) handling
implementation in the Linux kernel. The skb->dst data structure was not
properly validated in the ipv6_hop_jumbo() function. This could possibly
lead to a remote denial of service. (CVE-2007-4567, Important)
a flaw was found in each of the following Intel PRO/1000 Linux drivers in
the Linux kernel: e1000 and e1000e. A remote attacker using packets larger
than the MTU could bypass the existing fragment check, resulting in
partial, invalid frames being passed to the network stack. These flaws
could also possibly be used to trigger a remote denial of service.
(CVE-2009-4536, CVE-2009-4538, Important)
a flaw was found in the Realtek r8169 Ethernet driver in the Linux
kernel. Receiving overly-long frames with network cards supported by this
driver could possibly result in a remote denial of service. (CVE-2009-4537,
Important)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-January/078599.html
https://lists.centos.org/pipermail/centos-announce/2010-January/078600.html
Affected packages:
kernel
kernel-PAE
kernel-PAE-devel
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-xen
kernel-xen-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0019
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i686 | kernel | < 2.6.18-164.10.1.el5 | kernel-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug | < 2.6.18-164.10.1.el5 | kernel-debug-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-debug-devel | < 2.6.18-164.10.1.el5 | kernel-debug-devel-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-devel | < 2.6.18-164.10.1.el5 | kernel-devel-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | noarch | kernel-doc | < 2.6.18-164.10.1.el5 | kernel-doc-2.6.18-164.10.1.el5.noarch.rpm |
CentOS | 5 | i386 | kernel-headers | < 2.6.18-164.10.1.el5 | kernel-headers-2.6.18-164.10.1.el5.i386.rpm |
CentOS | 5 | i686 | kernel-pae | < 2.6.18-164.10.1.el5 | kernel-PAE-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-pae-devel | < 2.6.18-164.10.1.el5 | kernel-PAE-devel-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen | < 2.6.18-164.10.1.el5 | kernel-xen-2.6.18-164.10.1.el5.i686.rpm |
CentOS | 5 | i686 | kernel-xen-devel | < 2.6.18-164.10.1.el5 | kernel-xen-devel-2.6.18-164.10.1.el5.i686.rpm |