icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Fedora 2005-014 Security Check

High

Synopsis

The remote host is missing a security update.

Description

This update rebases the kernel to match the upstream 2.6.10 release, and adds a number of security fixes by means of adding the latest -ac patch.

CVE-2004-1235 Paul Starzetz from isec.pl found a problem in the binary format loaders uselib() function that could lead to potential priveledge escalation. http://isec.pl/vulnerabilities/isec-0021-uselib.txt

NO-CAN-ASSIGNED Brad Spengler found several problems.

- An integer overflow in the random poolsize sysctl handler.

- SCSI ioctl integer overflow and information leak.

- RLIMIT_MEMLOCK bypass and unprivileged user DoS.

NO-CAN-ASSIGNED Coverity Inc. found a number of bugs with their automated source checker in coda, xfs, network bridging, rose network protocol, and the sdla wan driver. http://linuxbugs.coverity.com

Solution

Update the affected package(s).