Important:kernel security update

2007-10-23T00:00:00
ID ELSA-2007-0940
Type oraclelinux
Reporter Oracle
Modified 2007-10-23T00:00:00

Description

[2.6.18-8.1.15.0.1.el5] - Fix bonding primary=ethX (Bert Barbe) [IT 101532] [ORA 5136660] - Add entropy module option to e1000/bnx2 (John Sobecki) [ORA 6045759]

[2.6.18-8.1.15.el5] - [dlm] A TCP connection to DLM port blocks DLM operations (Patrick Caulfield ) [245922] {CVE-2007-3380} - [ppc] 4k page mapping support for userspace in 64k kernels (Scott Moser ) [275841] {CVE-2007-3850} - [ptrace] NULL pointer dereference triggered by ptrace (Anton Arapov ) [275981] {CVE-2007-3731} - [fs] hugetlb: fix prio_tree unit (Konrad Rzeszutek ) [253929] {CVE-2007-4133} - [x86_64] Don't leak NT bit into next task (Dave Anderson ) [298151] {CVE-2007-4574} - [fs] Reset current->pdeath_signal on SUID binary execution (Peter Zijlstra ) [252307] {CVE-2007-3848} - [misc] Bounds check ordering issue in random driver (Anton Arapov ) [275961] {CVE-2007-3105} - [usb] usblcd: Locally triggerable memory consumption (Anton Arapov ) [276001] {CVE-2007-3513} - [net] igmp: check for NULL when allocating GFP_ATOMIC skbs (Neil Horman ) [303281] - [scsi] aacraid: Missing ioctl() permission checks (Vitaly Mayatskikh ) [298371] {CVE-2007-4308} - [xen] Guest access to MSR may cause system crash/data corruption (Bhavana Nagendra ) [253312] {CVE-2007-3733}