Mandrake Linux Security Advisory : kernel (MDKSA-2004:062)
Low Nessus Plugin ID 14161
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability in the e1000 driver for the Linux kernel 2.4.26 and earlier was discovered by Chris Wright. The e1000 driver does not properly reset memory or restrict the maximum length of a data structure, which can allow a local user to read portions of kernel memory (CVE-2004-0535).
A vulnerability was also discovered in the kernel were a certain C program would trigger a floating point exception that would crash the kernel. This vulnerability can only be triggered locally by users with shell access (CVE-2004-0554).
SolutionUpdate the affected packages.