RedHatRHSA-2007:0940(RHSA-2007:0940) Important: kernel security update
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.049 Low
EPSS
Percentile
91.9%
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
-
A flaw was found in the backported stack unwinder fixes in Red Hat
Enterprise Linux 5. On AMD64 and Intel 64 platforms, a local user could
trigger this flaw and cause a denial of service. (CVE-2007-4574, Important) -
A flaw was found in the handling of process death signals. This allowed a
local user to send arbitrary signals to the suid-process executed by that
user. A successful exploitation of this flaw depends on the structure of
the suid-program and its signal handling. (CVE-2007-3848, Important) -
A flaw was found in the Distributed Lock Manager (DLM) in the cluster
manager. This allowed a remote user who is able to connect to the DLM port
to cause a denial of service. (CVE-2007-3380, Important) -
A flaw was found in the aacraid SCSI driver. This allowed a local user to
make ioctl calls to the driver which should otherwise be restricted to
privileged users. (CVE-2007-4308, Moderate) -
A flaw was found in the prio_tree handling of the hugetlb support that
allowed a local user to cause a denial of service. This only affected
kernels with hugetlb support. (CVE-2007-4133, Moderate) -
A flaw was found in the eHCA driver on PowerPC architectures that allowed
a local user to access 60k of physical address space. This address space
could contain sensitive information. (CVE-2007-3850, Moderate) -
A flaw was found in ptrace support that allowed a local user to cause a
denial of service via a NULL pointer dereference. (CVE-2007-3731, Moderate) -
A flaw was found in the usblcd driver that allowed a local user to cause
a denial
of service by writing data to the device node. To exploit this issue, write
access to the device node was needed. (CVE-2007-3513, Moderate) -
A flaw was found in the random number generator implementation that
allowed a local user to cause a denial of service or possibly gain
privileges. If the root user raised the default wakeup threshold over the
size of the output pool, this flaw could be exploited. (CVE-2007-3105, Low)
In addition to the security issues described above, several bug fixes
preventing possible system crashes and data corruption were also included.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to resolve these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | i686 | kernel-xen-devel | <Β 2.6.18-8.1.15.el5 | kernel-xen-devel-2.6.18-8.1.15.el5.i686.rpm |
| RedHat | 5 | src | kernel | <Β 2.6.18-8.1.15.el5 | kernel-2.6.18-8.1.15.el5.src.rpm |
| RedHat | 5 | i686 | kernel-devel | <Β 2.6.18-8.1.15.el5 | kernel-devel-2.6.18-8.1.15.el5.i686.rpm |
| RedHat | 5 | ia64 | kernel-xen-devel | <Β 2.6.18-8.1.15.el5 | kernel-xen-devel-2.6.18-8.1.15.el5.ia64.rpm |
| RedHat | 5 | i686 | kernel-pae-devel | <Β 2.6.18-8.1.15.el5 | kernel-PAE-devel-2.6.18-8.1.15.el5.i686.rpm |
| RedHat | 5 | ppc64 | kernel-kdump | <Β 2.6.18-8.1.15.el5 | kernel-kdump-2.6.18-8.1.15.el5.ppc64.rpm |
| RedHat | 5 | x86_64 | kernel-xen-devel | <Β 2.6.18-8.1.15.el5 | kernel-xen-devel-2.6.18-8.1.15.el5.x86_64.rpm |
| RedHat | 5 | ppc64 | kernel-devel | <Β 2.6.18-8.1.15.el5 | kernel-devel-2.6.18-8.1.15.el5.ppc64.rpm |
| RedHat | 5 | ia64 | kernel | <Β 2.6.18-8.1.15.el5 | kernel-2.6.18-8.1.15.el5.ia64.rpm |
| RedHat | 5 | ia64 | kernel-devel | <Β 2.6.18-8.1.15.el5 | kernel-devel-2.6.18-8.1.15.el5.ia64.rpm |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.049 Low
EPSS
Percentile
91.9%