The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when control is returned using SYSRET. The way Intel EM64T handles exceptions with uncanonical addresses might cause a Denial of Service, and will result in loss of availability for the platform.
The issue is only present on Intel EM64T CPUs.
Upgrade to version 2.6.16.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
The Linux Kernel contains a flaw that may allow a local denial of service. The issue is triggered when control is returned using SYSRET. The way Intel EM64T handles exceptions with uncanonical addresses might cause a Denial of Service, and will result in loss of availability for the platform.
Vendor Specific News/Changelog Entry: http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.5 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Secunia Advisory ID:21983 Secunia Advisory ID:19639 Secunia Advisory ID:20398 Secunia Advisory ID:21179 Secunia Advisory ID:21498 Secunia Advisory ID:20157 Secunia Advisory ID:20237 Secunia Advisory ID:21136 Secunia Advisory ID:21745 Secunia Advisory ID:19735 Secunia Advisory ID:20716 RedHat RHSA: RHSA-2006:0493 RedHat RHSA: RHSA-2006:0437 ISS X-Force ID: 25869 CVE-2006-0744 Bugtraq ID: 17541