Lucene search

HistoryNov 30, 2006 - 12:00 a.m.

Important kernel security update


0.889 High




-rebuilt for EL

-Fix bonding primary=ethX so it picks correct network [IT 101532] [ORA 5136660]

-fix mprotect to not allow permission subversion (Jason Baron) [190073] {CVE-2006-2071}
-fix sys_perfmonctl() file descriptor reference count issue (Anil Keshavamurthy) [204360] {CVE-2006-3741}
-Fix hugepage crash on failing mmap (Larry Woodman) [165345] {CVE-2005-4811}
-sctp: create abort messages properly (Neil Horman) [204460] {CVE-2006-4535}
-fix oops occuring from malformed ULE packet (Neil Horman) [204912] {CVE-2006-4623}
-ipw2[12]00: restore get_wireless_stats pointer (John Linville) [198820]
-ipw2200: accept broadcast MAC traffic (John Linville) [203421]
-fix netfilter do_add_counters race (Thomas Graf) [191698] {CVE-2006-0039}
-fix ip over atm clip_mkip may dereference freed pointer (Thomas Graf) [206265]
-ppc64: Clear EN_ATTN bit in PPC970 HID0 (David Woodhouse) [201684] {CVE-2006-4093}

-sctp: Fix data overflow in iovec computation (Neil Horman) [202122]

-fix O_DIRECT writes to memory holes can leak a page reference (Jeff Moyer) [191736] {CVE-2004-2660}
-fix sctp chunk length overflow (Neil Horman) [192636] {CVE-2006-1858}
-fix possible DoS in write routine of ftdi_sio driver (Pete Zaitcev) [197610] {CVE-2006-2936}
-fix typo in drivers/cdrom/cdrom.c (Chip Coldwell) [197670] {CVE-2006-2935}
-Fix reboot on IBM Pizzaro machines (Bastien Nocera) [200111]
-don’t shut down on bogus filehandles from nfs clients (Eric Sandeen) [199172] {CVE-2006-3468}
-fix for prevention of setuid/gid on /proc/
files (Ernie Petrides) [198973] {CVE-2006-3626}
-fix SNMP NAT netfilter memory corruption (Thomas Graf) [192632] {CVE-2006-2444}
-fix for non-hugemem x86 DoS w/bogus %ds/%es values (Ernie Petrides) [196280] {CVE-2006-2932]