| Description: | The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
a flaw in the mount handling routine for 64-bit systems that allowed a local user to cause denial of service (CVE-2006-7203, Important).
a flaw in the PPP over Ethernet implementation that allowed a remote user to cause a denial of service (CVE-2007-2525, Important).
a flaw in the Bluetooth subsystem that allowed a local user to trigger an information leak (CVE-2007-1353, Low).
a bug in the random number generator that prevented the manual seeding of the entropy pool (CVE-2007-2453, Low).
In addition to the security issues described above, fixes for the following have been included:
a race condition between ext3_link/unlink that could create an orphan inode list corruption.
a bug in the e1000 driver that could lead to a watchdog timeout panic.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages, which contain backported patches to correct these issues.
|