(RHSA-2006:0580) kernel security update

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

• a flaw in the USB devio handling of device removal that allowed a local
  user to cause a denial of service (crash) (CVE-2005-3055, moderate)

• a flaw in ROSE due to missing verification of the ndigis argument of new
  routes (CVE-2005-3273, moderate)

• a minor info leak in socket name handling in the network code
  (CVE-2006-1342, low)

• a minor info leak in socket option handling in the network code
  (CVE-2006-1343, low)

• a directory traversal vulnerability in smbfs that allowed a local user to
  escape chroot restrictions for an SMB-mounted filesystem via “…\”
  sequences (CVE-2006-1864, moderate)

• a flaw in the mprotect system call that allowed to give write permission
  to a readonly attachment of shared memory (CVE-2006-2071, moderate)

• a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT
  processing that allowed a remote user to cause a denial of service (crash)
  or potential memory corruption (CVE-2006-2444, moderate)

All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to these updated packages, which contain backported fixes to correct these
issues.