| Description: | Description:
The remote host is missing updates announced in
advisory RHSA-2007:0376.
The Linux kernel handles the basic functions of the operating system.
These new kernel packages contain fixes for the following security issues:
* a flaw in the mount handling routine for 64-bit systems that allowed a
local user to cause denial of service (CVE-2006-7203, Important).
* a flaw in the PPP over Ethernet implementation that allowed a remote user
to cause a denial of service (CVE-2007-2525, Important).
* a flaw in the Bluetooth subsystem that allowed a local user to trigger an
information leak (CVE-2007-1353, Low).
* a bug in the random number generator that prevented the manual seeding of
the entropy pool (CVE-2007-2453, Low).
In addition to the security issues described above, fixes for the following
have been included:
* a race condition between ext3_link/unlink that could create an orphan
inode list corruption.
* a bug in the e1000 driver that could lead to a watchdog timeout panic.
Red Hat Enterprise Linux 5 users are advised to upgrade to these packages,
which contain backported patches to correct these issues.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
http://rhn.redhat.com/errata/RHSA-2007-0376.html
http://www.redhat.com/security/updates/classification/#important
Risk factor : Medium
CVSS Score:
4.9
|
