Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Fedora 2005-013 Security Check

High

Synopsis

The remote host is missing a security update.

Description

This update rebases the kernel to match the upstream 2.6.10 release, and adds a number of security fixes by means of adding the latest -ac patch.

CVE-2004-1235 Paul Starzetz from isec.pl found a problem in the binary format loaders uselib() function that could lead to potential priveledge escalation. http://isec.pl/vulnerabilities/isec-0021-uselib.txt

NO-CAN-ASSIGNED Brad Spengler found several problems.

- An integer overflow in the random poolsize sysctl handler.

- SCSI ioctl integer overflow and information leak.

- RLIMIT_MEMLOCK bypass and unprivileged user DoS.

NO-CAN-ASSIGNED Coverity Inc. found a number of bugs with their automated source checker in coda, xfs, network bridging, rose network protocol, and the sdla wan driver. http://linuxbugs.coverity.com

Solution

Update the affected package(s).