Fedora 2005-014 Security Check
High Log Correlation Engine Plugin ID 801564
SynopsisThe remote host is missing a security update.
DescriptionThis update rebases the kernel to match the upstream 2.6.10 release,
and adds a number of security fixes by means of adding the latest -ac
CVE-2004-1235 Paul Starzetz from isec.pl found a problem in the binary
format loaders uselib() function that could lead to potential
NO-CAN-ASSIGNED Brad Spengler found several problems.
- An integer overflow in the random poolsize sysctl
- SCSI ioctl integer overflow and information leak.
- RLIMIT_MEMLOCK bypass and unprivileged user DoS.
NO-CAN-ASSIGNED Coverity Inc. found a number of bugs with their
automated source checker in coda, xfs, network bridging, rose network
protocol, and the sdla wan driver. http://linuxbugs.coverity.com
SolutionUpdate the affected package(s).