paul Posted November 13, 2007 Report Share Posted November 13, 2007 Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: A typo in the Linux kernel caused RTA_MAX to be used as an array size instead of RTN_MAX, which lead to an out of bounds access by certain functions (CVE-2007-2172). The IPv6 protocol allowed remote attackers to cause a denial of service via crafted IPv6 type 0 route headers that create network amplification between two routers (CVE-2007-2242). The random number feature did not properly seed pools when there was no entropy, or used an incorrect cast when extracting entropy, which could cause the random number generator to provide the same values after reboots on systems without an entropy source (CVE-2007-2453). A memory leak in the PPPoE socket implementation allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized (CVE-2007-2525). A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size (CVE-2007-3105). The hugetlb_vmtruncate_list() and hugetlb_vmtruncate() functions in the Linux kernel perform certain pio_tree calculations using HPAGE_SIZE intead of PAGE_SIZE units, which may allow local users to cause a denial of service (panic) via unspecified vectors (CVE-2007-4133). To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Link to comment Share on other sites More sharing options...
Recommended Posts