Scientific Linux: CVE-2007-4571 Moderate: ALSA Memory Issue

Dec 03, 2007 •

LinuxSecurity Advisories

3 - 5 min read

Scientific Large Esm H500

Topics Covered

security advisory denial of service kernel update memory leak wireless security Scientific Linux ALSA issue

Important: kernel security update

Date: Mon, 3 Dec 2007 12:04:56 -0600
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for kernel on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 

Synopsis:	Important: kernel security update
Issue date:	2007-11-29
CVE Names:	CVE-2007-4571 CVE-2007-4997
 CVE-2007-5494

These new kernel packages contain fixes for the following security issues:

A memory leak was found in the Red Hat Content Accelerator kernel patch. A
local user could use this flaw to cause a denial of service (memory
exhaustion). (CVE-2007-5494, Important)

A flaw was found in the handling of IEEE 802.11 frames affecting several
wireless LAN modules. In certain circumstances, a remote attacker could
trigger this flaw by sending a malicious packet over a wireless network and
cause a denial of service (kernel crash). (CVE-2007-4997, Important).

A flaw was found in the Advanced Linux Sound Architecture (ALSA). A local
user who had the ability to read the /proc/driver/snd-page-alloc file could
see portions of kernel memory. (CVE-2007-4571, Moderate).

In addition to the security issues described above, several bug fixes
preventing possible memory corruption, system crashes, SCSI I/O fails,
networking drivers performance regression and journaling block device layer
issue were also included.

SL 5.x

 SRPMS:
kernel-2.6.18-53.1.4.el5.src.rpm
 i386:
kernel-2.6.18-53.1.4.el5.i686.rpm
kernel-debug-2.6.18-53.1.4.el5.i686.rpm
kernel-debug-devel-2.6.18-53.1.4.el5.i686.rpm
kernel-devel-2.6.18-53.1.4.el5.i686.rpm
kernel-doc-2.6.18-53.1.4.el5.noarch.rpm
kernel-headers-2.6.18-53.1.4.el5.i386.rpm
kernel-PAE-2.6.18-53.1.4.el5.i686.rpm
kernel-PAE-devel-2.6.18-53.1.4.el5.i686.rpm
kernel-xen-2.6.18-53.1.4.el5.i686.rpm
kernel-xen-devel-2.6.18-53.1.4.el5.i686.rpm
 Dependancies:
kernel-module-fuse-2.6.18-53.1.4.el5-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-53.1.4.el5PAE-2.6.3-1.sl5.i686.rpm
kernel-module-fuse-2.6.18-53.1.4.el5xen-2.6.3-1.sl5.i686.rpm
kernel-module-ndiswrapper-2.6.18-53.1.4.el5-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-53.1.4.el5PAE-1.41-1.SL.i686.rpm
kernel-module-ndiswrapper-2.6.18-53.1.4.el5xen-1.41-1.SL.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5-1.4.4-42.SL5.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5-debuginfo-1.4.4-42.SL5.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5PAE-1.4.4-42.SL5.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5PAE-debuginfo-1.4.4-42.SL5.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5xen-1.4.4-42.SL5.i686.rpm
kernel-module-openafs-2.6.18-53.1.4.el5xen-debuginfo-1.4.4-42.SL5.i686.rpm
kernel-module-r1000-2.6.18-53.1.4.el5-1.05-1.sl.i686.rpm
kernel-module-r1000-2.6.18-53.1.4.el5PAE-1.05-1.sl.i686.rpm
kernel-module-r1000-2.6.18-53.1.4.el5xen-1.05-1.sl.i686.rpm
kmod-gfs-0.1.19-7.el5.1.i686.rpm
kmod-gfs-PAE-0.1.19-7.el5.1.i686.rpm
kmod-gfs-xen-0.1.19-7.el5.1.i686.rpm

 x86_64:
kernel-2.6.18-53.1.4.el5.x86_64.rpm
kernel-debug-2.6.18-53.1.4.el5.x86_64.rpm
kernel-debug-devel-2.6.18-53.1.4.el5.x86_64.rpm
kernel-devel-2.6.18-53.1.4.el5.x86_64.rpm
kernel-doc-2.6.18-53.1.4.el5.noarch.rpm
kernel-headers-2.6.18-53.1.4.el5.x86_64.rpm
kernel-xen-2.6.18-53.1.4.el5.x86_64.rpm
kernel-xen-devel-2.6.18-53.1.4.el5.x86_64.rpm
 Dependancies:
kernel-module-fuse-2.6.18-53.1.4.el5-2.6.3-1.el5.x86_64.rpm
kernel-module-fuse-2.6.18-53.1.4.el5xen-2.6.3-1.el5.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-53.1.4.el5-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-53.1.4.el5xen-1.41-1.SL.x86_64.rpm
kernel-module-ndiswrapper-2.6.18-8.1.8.el5-1.49-1.SL.x86_64.rpm
kernel-module-openafs-2.6.18-53.1.4.el5-1.4.4-42.SL5.x86_64.rpm
kernel-module-openafs-2.6.18-53.1.4.el5-debuginfo-1.4.4-42.SL5.x86_64.rpm
kernel-module-openafs-2.6.18-53.1.4.el5xen-1.4.4-42.SL5.x86_64.rpm
kernel-module-openafs-2.6.18-53.1.4.el5xen-debuginfo-1.4.4-42.SL5.x86_64.rpm
kernel-module-r1000-2.6.18-53.1.4.el5-1.05-1.sl.x86_64.rpm
kernel-module-r1000-2.6.18-53.1.4.el5xen-1.05-1.sl.x86_64.rpm
kmod-gfs-0.1.19-7.el5.1.x86_64.rpm
kmod-gfs-xen-0.1.19-7.el5.1.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here