- Vulnerability/
- RHSA-2007:1104
RHSA-2007:1104: Important: kernel security and bug fix update
First published: Wed Dec 19 2007(Updated: )
The kernel packages contain the Linux kernel, the core of any Linux<br>operating system. <br>These updated packages fix the following security issues:<br>A flaw was found in the handling of IEEE 802.11 frames, which affected<br>several wireless LAN modules. In certain situations, a remote attacker<br>could trigger this flaw by sending a malicious packet over a wireless<br>network, causing a denial of service (kernel crash).<br>(CVE-2007-4997, Important)<br>A memory leak was found in the Red Hat Content Accelerator kernel patch.<br>A local user could use this flaw to cause a denial of service (memory<br>exhaustion). (CVE-2007-5494, Important)<br>Additionally, the following bugs were fixed:<br><li> when running the "ls -la" command on an NFSv4 mount point, incorrect </li> file attributes, and outdated file size and timestamp information were<br>returned. As well, symbolic links may have been displayed as actual files.<br><li> a bug which caused the cmirror write path to appear deadlocked after a </li> successful recovery, which may have caused syncing to hang, has been<br>resolved.<br><li> a kernel panic which occurred when manually configuring LCS interfaces on </li> the IBM S/390 has been resolved.<br><li> when running a 32-bit binary on a 64-bit system, it was possible to </li> mmap page at address 0 without flag MAP_FIXED set. This has been<br>resolved in these updated packages.<br><li> the Non-Maskable Interrupt (NMI) Watchdog did not increment the NMI </li> interrupt counter in "/proc/interrupts" on systems running an AMD Opteron<br>CPU. This caused systems running NMI Watchdog to restart at regular<br>intervals.<br><li> a bug which caused the diskdump utility to run very slowly on devices </li> using Fusion MPT has been resolved.<br>All users are advised to upgrade to these updated packages, which resolve<br>these issues.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=315051
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=346341
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=371551
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=399661
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=400801
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=400811
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=404741
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=404781
- http://www.redhat.com/security/updates/classification/#important
- https://access.redhat.com/errata/RHSA-2007:1104 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2007:1104