kernel-source-2.4.27 - several vulnerabilities

Several security related problems have been discovered in the Linux
kernel which may lead to a denial of service or even the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the following problems:

• CVE-2005-4798
  A buffer overflow in NFS readlink handling allows a malicious
  remote server to cause a denial of service.
• CVE-2006-2935
  Diego Calleja Garcia discovered a buffer overflow in the DVD
  handling code that could be exploited by a specially crafted DVD
  USB storage device to execute arbitrary code.
• CVE-2006-1528
  A bug in the SCSI driver allows a local user to cause a denial of
  service.
• CVE-2006-2444
  Patrick McHardy discovered a bug in the SNMP NAT helper that
  allows remote attackers to cause a denial of service.
• CVE-2006-2446
  A race condition in the socket buffer handling allows remote
  attackers to cause a denial of service.
• CVE-2006-3745
  Wei Wang discovered a bug in the SCTP implementation that allows
  local users to cause a denial of service and possibly gain root
  privileges.
• CVE-2006-4535
  David Miller reported a problem with the fix for CVE-2006-3745
  that allows local users to crash the system via an SCTP
  socket with a certain SO_LINGER value.

The following matrix explains which kernel version for which
architecture fixes the problem mentioned above:

For the unstable distribution (sid) these problems won’t be fixed
anymore in the 2.4 kernel series.

We recommend that you upgrade your kernel package and reboot the
machine. If you have built a custom kernel from the kernel source
package, you will need to rebuild to take advantage of these fixes.