Oval Definition:oval:com.redhat.rhsa:def:20060710
Revision Date:2006-10-19Version:637
Title:RHSA-2006:0710: kernel security update (Important)
Description:The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described below:

  • a flaw in the IPC shared-memory implementation that allowed a local user to cause a denial of service (deadlock) that resulted in freezing the system (CVE-2006-4342, Important)

  • an information leak in the copy_from_user() implementation on s390 and s390x platforms that allowed a local user to read arbitrary kernel memory (CVE-2006-5174, Important)

  • a flaw in the ATM subsystem affecting systems with installed ATM hardware and configured ATM support that allowed a remote user to cause a denial of service (panic) by accessing socket buffer memory after it has been freed (CVE-2006-4997, Moderate)

  • a directory traversal vulnerability in smbfs that allowed a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences (CVE-2006-1864, Moderate)

  • a flaw in the mprotect system call that allowed enabling write permission for a read-only attachment of shared memory (CVE-2006-2071, Moderate)

  • a flaw in the DVD handling of the CDROM driver that could be used together with a custom built USB device to gain root privileges (CVE-2006-2935, Moderate)

    In addition to the security issues described above, a bug fix for a clock skew problem (which could lead to unintended keyboard repeat under X11) was also included. The problem only occurred when running the 32-bit x86 kernel on 64-bit dual-core x86_64 hardware.

    Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed.

    All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2006-1864
    CVE-2006-2071
    CVE-2006-2935
    CVE-2006-4342
    CVE-2006-4997
    CVE-2006-5174
    RHSA-2006:0710
    RHSA-2006:0710-01
    RHSA-2006:0710-01
    Platform(s):Red Hat Enterprise Linux 3
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • kernel earlier than 0:2.4.21-47.0.1.EL is currently running
  • OR kernel earlier than 0:2.4.21-47.0.1.EL is set to boot up on next boot
  • AND
  • kernel-doc is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-doc is signed with Red Hat master key
  • kernel-unsupported is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-unsupported is signed with Red Hat master key
  • kernel is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel is signed with Red Hat master key
  • kernel-source is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-source is signed with Red Hat master key
  • kernel-smp is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-smp is signed with Red Hat master key
  • kernel-smp-unsupported is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-smp-unsupported is signed with Red Hat master key
  • kernel-hugemem is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-hugemem is signed with Red Hat master key
  • kernel-hugemem-unsupported is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-hugemem-unsupported is signed with Red Hat master key
  • kernel-BOOT is earlier than 0:2.4.21-47.0.1.EL
  • AND kernel-BOOT is signed with Red Hat master key
  • BACK