Rapid7 Vulnerability & Exploit Database

CESA-2004:437: Updated kernel packages fix security vulnerability

Back to Search

CESA-2004:437: Updated kernel packages fix security vulnerability

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:P)
Published
06/01/2004
Created
07/25/2018
Added
03/12/2010
Modified
07/04/2017

Description

Updated kernel packages are now available as part of ongoing support and maintenance of CentOS Linux version 2.1. This is the fifth regular update.

The Linux kernel handles the basic functions of the operating system. This is the fifth regular kernel update to CentOS Linux version 2.1. It contains one minor security fix, many bug fixes, and updates a number of device drivers. A bug in the SoundBlaster 16 code which did not properly handle certain sample sizes has been fixed. This flaw could be used by local users to crash a system. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0178 to this issue. The following drivers have also been updated: * cciss v2.4.52 * e1000 v5252k1 * e100 v2.3.43-k1 * fusion v2.05.16 * ips v7.00.15 * aacraid v1.1.5 * megaraid2 v2.10.6 All CentOS Linux 2.1 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

Solution(s)

  • centos-upgrade-kernel
  • centos-upgrade-kernel-boot
  • centos-upgrade-kernel-debug
  • centos-upgrade-kernel-doc
  • centos-upgrade-kernel-enterprise
  • centos-upgrade-kernel-headers
  • centos-upgrade-kernel-smp
  • centos-upgrade-kernel-source
  • centos-upgrade-kernel-summit

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;