The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described
below: * a flaw in the get_fdb_entries function of the network bridging support
that allowed a local user to cause a denial of service (crash) or allow a
potential privilege escalation (CVE-2006-5751, Important) * an information leak in the _block_prepare_write function that allowed a
local user to read kernel memory (CVE-2006-4813, Important) * an information leak in the copy_from_user() implementation on s390 and
s390x platforms that allowed a local user to read kernel memory
(CVE-2006-5174, Important) * a flaw in the handling of /proc/net/ip6_flowlabel that allowed a local
user to cause a denial of service (infinite loop) (CVE-2006-5619, Important) * a flaw in the AIO handling that allowed a local user to cause a denial of
service (panic) (CVE-2006-5754, Important) * a race condition in the mincore system core that allowed a local user to
cause a denial of service (system hang) (CVE-2006-4814, Moderate) * a flaw in the ELF handling on ia64 and sparc architectures which
triggered a cross-region memory mapping and allowed a local user to cause a
denial of service (CVE-2006-4538, Moderate) * a flaw in the dev_queue_xmit function of the network subsystem that
allowed a local user to cause a denial of service (data corruption)
(CVE-2006-6535, Moderate) * a flaw in the handling of CAPI messages over Bluetooth that allowed a
remote system to cause a denial of service or potential code execution.
This flaw is only exploitable if a privileged user establishes a connection
to a malicious remote device (CVE-2006-6106, Moderate) * a flaw in the listxattr system call that allowed a local user to cause a
denial of service (data corruption) or potential privilege escalation. To
successfully exploit this flaw the existence of a bad inode is required
first (CVE-2006-5753, Moderate) * a flaw in the __find_get_block_slow function that allowed a local
privileged user to cause a denial of service (CVE-2006-5757, Low) * various flaws in the supported filesystems that allowed a local
privileged user to cause a denial of service (CVE-2006-5823, CVE-2006-6053,
CVE-2006-6054, CVE-2006-6056, Low) In addition to the security issues described above, fixes for the following
bugs were included: * initialization error of the tg3 driver with some BCM5703x network card * a memory leak in the audit subsystem * x86_64 nmi watchdog timeout is too short * ext2/3 directory reads fail intermittently Red Hat would like to thank Dmitriy Monakhov and Kostantin Khorenko for
reporting issues fixed in this erratum. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels
to the packages associated with their machine architecture and
configurations as listed in this erratum. Create Date: 2007-01-30 Last Update Date: 2008-03-20
Affected Platforms/Products
References
Total : 31 Click here to view references
Criteria
The patch should be installed
|
Quick Help
- Unknown Tests
- There is a hardcoded maximum limit for number of tests displayed for a definition.
For a small number of oval definitions, about ~1% of all, hundreds of test have been defined.
This causes the pages to grow in size, exceed even 1mb, and they are unsuitable for display in a web page.
So they are not displayed.Please refer to the xml definition files if you really want to view them.
- evr_string datatype
-
Represents epoch, version, and release number as a single version string
Other Help Topics
- Data Types
- What is an Object?
- What is a State?
- What is a Test?
- Other Help Topics
- Regular Expression Patterns
-
Some object or state definitions are defined as regular expression patterns,
you should interpret the regexp pattern while evaluating them.
|
|