| Description: | The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
a flaw in the DRM driver for Intel graphics cards that allowed a local user to access any part of the main memory. To access the DRM functionality a user must have access to the X server which is granted through the graphical login. This also only affected systems with an Intel 965 or later graphic chipset. (CVE-2007-3851, Important)
a flaw in the VFAT compat ioctl handling on 64-bit systems that allowed a local user to corrupt a kernel_dirent struct and cause a denial of service (system crash). (CVE-2007-2878, Important)
a flaw in the connection tracking support for SCTP that allowed a remote user to cause a denial of service by dereferencing a NULL pointer. (CVE-2007-2876, Important)
flaw in the CIFS filesystem which could cause the umask values of a process to not be honored. This affected CIFS filesystems where the Unix extensions are supported. (CVE-2007-3740, Important)
a flaw in the stack expansion when using the hugetlb kernel on PowerPC systems that allowed a local user to cause a denial of service. (CVE-2007-3739, Moderate)
a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential remote access. Exploitation would require the attacker to be able to send arbitrary frames over the ISDN network to the victim's machine. (CVE-2007-1217, Moderate)
a flaw in the cpuset support that allowed a local user to obtain sensitive information from kernel memory. To exploit this the cpuset filesystem would have to already be mounted. (CVE-2007-2875, Moderate)
a flaw in the CIFS handling of the mount option "sec=" that didn't enable integrity checking and didn't produce any error message. (CVE-2007-3843, Low)
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages, which contain backported patches to correct these issues.
|