Mandrake Linux Security Advisory : kernel (MDKSA-2006:197)
High Nessus Plugin ID 24582
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionSome vulnerabilities were discovered and corrected in the Linux 2.6 kernel :
Bugs in the netfilter for IPv6 code, as reported by Mark Dowd, were fixed (CVE-2006-4572).
The ATM subsystem of the Linux kernel could allow a remote attacker to cause a Denial of Service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (CVE-2006-4997).
The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes.
In addition to these security fixes, other fixes have been included such as :
- updated to 126.96.36.199 - fix wrong error handling in pccard_store_cis - add NX mask for PTE entry on x86_64 - fix snd-hda-intel OOPS - backported support r8169-related (r8168/r8169SC) network chipsets - explicitly initialize some members of the drm_driver structure, otherwise NULL init will have bad side effects (mach64) - support for building a nosrc.rpm package - fixed unplug/eject on pcmcia cards with r8169 chipsets - fix libata resource conflicts - fix xenU crash and re-enable domU boot logs - fix refcount error triggered by software using /proc/[pid]/auxv
To update your kernel, please follow the directions located at :
SolutionUpdate the affected packages.