7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.913 High
EPSS
Percentile
98.6%
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the security issues described
below:
a flaw in the USB devio handling of device removal that allowed a local
user to cause a denial of service (crash) (CVE-2005-3055, moderate)
a flaw in ROSE due to missing verification of the ndigis argument of new
routes (CVE-2005-3273, moderate)
a minor info leak in socket name handling in the network code
(CVE-2006-1342, low)
a minor info leak in socket option handling in the network code
(CVE-2006-1343, low)
a directory traversal vulnerability in smbfs that allowed a local user to
escape chroot restrictions for an SMB-mounted filesystem via “…\”
sequences (CVE-2006-1864, moderate)
a flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071, moderate)
a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT
processing that allowed a remote user to cause a denial of service (crash)
or potential memory corruption (CVE-2006-2444, moderate)
All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels
to these updated packages, which contain backported fixes to correct these
issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | kernel-doc | < 2.4.18-e.63 | kernel-doc-2.4.18-e.63.ia64.rpm |
RedHat | any | ia64 | kernel-source | < 2.4.18-e.63 | kernel-source-2.4.18-e.63.ia64.rpm |
RedHat | any | ia64 | kernel-smp | < 2.4.18-e.63 | kernel-smp-2.4.18-e.63.ia64.rpm |
RedHat | any | ia64 | kernel | < 2.4.18-e.63 | kernel-2.4.18-e.63.ia64.rpm |