Fedora 2004-251 Security Check
High Log Correlation Engine Plugin ID 801558
SynopsisThe remote host is missing a security update.
DescriptionPaul Starzetz discovered flaws in the Linux kernel when handling file
offset pointers. These consist of invalid conversions of 64 to 32-bit
file offset pointers and possible race conditions. A local
unprivileged user could make use of these flaws to access large
portions of kernel memory. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2004-0415 to this
These packages contain a patch written by Al Viro to correct these
flaws. Red Hat would like to thank iSEC Security Research for
disclosing this issue and a number of vendor-sec participants for
reviewing and working on the patch to this issue.
Additionally, a number of issues were fixed in the USB serial code.
SolutionUpdate the affected package(s).