| Description: | Summary:
The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.
Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* a flaw was found in the Unidirectional Lightweight Encapsulation (ULE)
implementation. A remote attacker could send a specially-crafted ISO
MPEG-2 Transport Stream (TS) frame to a target system, resulting in an
infinite loop (denial of service). (CVE-2010-1086, Important)
* on AMD64 systems, it was discovered that the kernel did not ensure the
ELF interpreter was available before making a call to the SET_PERSONALITY
macro. A local attacker could use this flaw to cause a denial of service by
running a 32-bit application that attempts to execute a 64-bit application.
(CVE-2010-0307, Moderate)
* a flaw was found in the kernel connector implementation. A local,
unprivileged user could trigger this flaw by sending an arbitrary number
of notification requests using specially-crafted netlink messages,
resulting in a denial of service. (CVE-2010-0410, Moderate)
* a flaw was found in the Memory-mapped I/O (MMIO) instruction decoder in
the Xen hypervisor implementation. An unprivileged guest user could use
this flaw to trick the hypervisor into emulating a certain instruction,
which could crash the guest (denial of service). (CVE-2010-0730, Moderate)
* a divide-by-zero flaw was found in the azx_position_ok() function in the
driver for Intel High Definition Audio, snd-hda-intel. A local,
unprivileged user could trigger this flaw to cause a kernel crash (denial
of service). (CVE-2010-1085, Moderate)
This update also fixes the following bugs:
* in some cases, booting a system with the 'iommu=on' kernel parameter
resulted in a Xen hypervisor panic. (BZ#580199)
* the fnic driver flushed the Rx queue instead of the Tx queue after
fabric login. This caused crashes in some cases. (BZ#580829)
* 'kernel unaligned access' warnings were logged to the dmesg log on some
systems. (BZ#580832)
* the 'Northbridge Error, node 1, core: -1 K8 ECC error' error occurred on
some systems using the amd64_edac driver. (BZ#580836)
* in rare circumstances, when using kdump and booting a kernel with
'crashkernel=128M 16M', the kdump kernel did not boot after a crash.
(BZ#580838)
* TLB page table entry flushing was done incorrectly on IBM System z,
possibly causing crashes, subtle data inconsistency, or other issues.
(BZ#580839)
* iSCSI failover times were slower than in Red Hat Enterprise Linux 5.3.
(BZ#580840)
* fixed floating point st ...
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
kernel on CentOS 5
Solution:
Please install the updated packages.
CVSS Score:
7.8
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
