(RHSA-2003:195) kernel security update

The Linux kernel handles the basic functions of the operating system.

Several security issues have been found that affect the Linux kernel:

Al Viro found a security issue in the tty layer whereby any user could
cause a kernel oops. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0247 to this issue.

Andrea Arcangeli found an issue in the low-level mxcsr code in which a
malformed address would leave garbage in cpu state registers. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2003-0248 to this issue.

The TCP/IP fragment reassembly handling allows remote attackers to cause a
denial of service (CPU consumption) via packets that cause a large number
of hash table collisions, a vulnerability similar to CAN-2003-0244. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2003-0364 to this issue.

These kernels also contain updated fixes for the ioperm security issue, as
well as fixes for a number of bugs.

It is recommended that users upgrade to these erratum kernels, which
contain patches to correct these vulnerabilities.