The remote Fedora Core host is missing a security update.
Update to Linux 220.127.116.11: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-18.104.22.168 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-22.214.171.124 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-126.96.36.199 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-188.8.131.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-184.108.40.206 CVE-2007-5501: The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.24-rc2 and earlier allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference. CVE-2007-5500: The wait_task_stopped function in the Linux kernel before 220.127.116.11 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. Plus: Fix compat class device links in sysfs. Fix boot speed when virtualized on Intel VT processors. Fix ppc64 vDSO DWARF info for CR register (#350291) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.