Rapid7 Vulnerability & Exploit Database

CESA-2007:1104: RHSA-2007:1104

Back to Search

CESA-2007:1104: RHSA-2007:1104

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
11/06/2007
Created
07/25/2018
Added
03/12/2010
Modified
08/29/2017

Description

Important: kernel security and bug fix updateThe kernel packages contain the Linux kernel, the core of any Linuxoperating system. These updated packages fix the following security issues:A flaw was found in the handling of IEEE 802.11 frames, which affectedseveral wireless LAN modules. In certain situations, a remote attackercould trigger this flaw by sending a malicious packet over a wirelessnetwork, causing a denial of service (kernel crash).(CVE-2007-4997, Important)A memory leak was found in the Red Hat Content Accelerator kernel patch.A local user could use this flaw to cause a denial of service (memoryexhaustion). (CVE-2007-5494, Important)Additionally, the following bugs were fixed:All users are advised to upgrade to these updated packages, which resolvethese issues.

Solution(s)

  • centos-upgrade-kernel
  • centos-upgrade-kernel-devel
  • centos-upgrade-kernel-doc
  • centos-upgrade-kernel-hugemem
  • centos-upgrade-kernel-hugemem-devel
  • centos-upgrade-kernel-largesmp
  • centos-upgrade-kernel-largesmp-devel
  • centos-upgrade-kernel-smp
  • centos-upgrade-kernel-smp-devel
  • centos-upgrade-kernel-xenu
  • centos-upgrade-kernel-xenu-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;