The following ERRATA for SL 301,302,303,304,305 i386 are now available
from:
ftp://ftp.scientificlinux.org/linux/scientific/301,302,303,304,305/i386/errata/SL/RPMS/
ftp://ftp.scientificlinux.org/linux/scientific/302,303,304,305/x86_64/errata/SL/RPMS/
Synopsis: Updated kernel packages that fix several security issues in
the Scientific Linux 3x kernel are now available
Severity: important
Issued on: 2006-01-19
CVEs: CVE-2002-2185
CVE-2004-1057
CVE-2005-2708
CVE-2005-2709
CVE-2005-2973
CVE-2005-3044
CVE-2005-3180
CVE-2005-3275
CVE-2005-3806
CVE-2005-3848
CVE-2005-3857
CVE-2005-3858
Details:
- flaw in network IGMP processing that a allowed a remote user on the
local network to cause a denial of service (disabling of multicast reports)
if the system is running multicast applications (CVE-2002-2185, moderate)
- flaw in remap_page_range() with O_DIRECT writes that allowed a local
user to cause a denial of service (crash) (CVE-2004-1057, important)
- flaw in exec() handling on some 64-bit architectures that allowed
a local user to cause a denial of service (crash) (CVE-2005-2708, important)
- flaw in procfs handling during unloading of modules that allowed a
local user to cause a denial of service or potentially gain privileges
(CVE-2005-2709, moderate)
- flaw in IPv6 network UDP port hash table lookups that allowed a local
user to cause a denial of service (hang) (CVE-2005-2973, important)
- flaw in 32-bit-compat handling of the TIOCGDEV ioctl that allowed
a local user to cause a denial of service (crash) (CVE-2005-3044, important)
- network buffer info leak using the orinoco driver that allowed
a remote user to possibly view uninitialized data (CVE-2005-3180, important)
- flaw in IPv4 network TCP and UDP netfilter handling that allowed
a local user to cause a denial of service (crash) (CVE-2005-3275, important)
- flaw in the IPv6 flowlabel code that allowed a local user to cause a
denial of service (crash) (CVE-2005-3806, important)
- flaw in network ICMP processing that allowed a local user to cause
a denial of service (memory exhaustion) (CVE-2005-3848, important)
- flaw in file lease time-out handling that allowed a local user to cause
a denial of service (log file overflow) (CVE-2005-3857, moderate)
- flaw in network IPv6 xfrm handling that allowed a local user to
cause a denial of service (memory exhaustion) (CVE-2005-3858, important)
SRPMS
kernel-2.4.21-37.0.1.EL.src.rpm
i386
kernel-2.4.21-37.0.1.EL.athlon.rpm
kernel-2.4.21-37.0.1.EL.i686.rpm
kernel-BOOT-2.4.21-37.0.1.EL.i386.rpm
kernel-doc-2.4.21-37.0.1.EL.i386.rpm
kernel-hugemem-2.4.21-37.0.1.EL.i686.rpm
kernel-hugemem-unsupported-2.4.21-37.0.1.EL.i686.rpm
kernel-smp-2.4.21-37.0.1.EL.athlon.rpm
kernel-smp-2.4.21-37.0.1.EL.i686.rpm
kernel-smp-unsupported-2.4.21-37.0.1.EL.athlon.rpm
kernel-smp-unsupported-2.4.21-37.0.1.EL.i686.rpm
kernel-source-2.4.21-37.0.1.EL.i386.rpm
kernel-unsupported-2.4.21-37.0.1.EL.athlon.rpm
kernel-unsupported-2.4.21-37.0.1.EL.i686.rpm
kernel-module-openafs-2.4.21-37.0.1.EL-1.2.13-15.17.SL.athlon.rpm
kernel-module-openafs-2.4.21-37.0.1.EL-1.2.13-15.17.SL.i686.rpm
kernel-module-openafs-2.4.21-37.0.1.ELsmp-1.2.13-15.17.SL.athlon.rpm
kernel-module-openafs-2.4.21-37.0.1.ELsmp-1.2.13-15.17.SL.i686.rpm
x86_64
kernel-2.4.21-37.0.1.EL.ia32e.rpm
kernel-2.4.21-37.0.1.EL.x86_64.rpm
kernel-doc-2.4.21-37.0.1.EL.x86_64.rpm
kernel-smp-2.4.21-37.0.1.EL.x86_64.rpm
kernel-smp-unsupported-2.4.21-37.0.1.EL.x86_64.rpm
kernel-source-2.4.21-37.0.1.EL.x86_64.rpm
kernel-unsupported-2.4.21-37.0.1.EL.ia32e.rpm
kernel-unsupported-2.4.21-37.0.1.EL.x86_64.rpm
kernel-module-openafs-2.4.21-37.0.1.EL-1.2.13-15.17.SL.ia32e.rpm
kernel-module-openafs-2.4.21-37.0.1.EL-1.2.13-15.17.SL.x86_64.rpm
kernel-module-openafs-2.4.21-37.0.1.ELsmp-1.2.13-15.17.SL.x86_64.rpm
-Connie Sieh
-Troy Dawson
|