RedHat Security Advisory RHSA-2009:1055


The remote host is missing updates announced in advisory RHSA-2009:1055. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a remote denial of service or arbitrary code execution if a Forward-TSN chunk is received with a large stream ID. Note: An established connection between SCTP endpoints is necessary to exploit this vulnerability. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0065, Important) This update also fixes the following bug: * a problem in the way the i5000_edac module reported errors may have caused the console on some systems to be flooded with errors, similar to the following: EDAC i5000 MC0: NON-FATAL ERROR Found!!! 1st NON-FATAL Err Reg= [hex value] EDAC i5000: NON-Retry Errors, bits= [hex value] After installing this update, the console will not be flooded with these errors. (BZ#494734) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.