The kernel packages contain the Linux kernel, the core of any Linuxoperating system.These new kernel packages fix the following security issues:A flaw was found in the virtual filesystem (VFS). An unprivileged localuser could truncate directories to which they had write permission; thiscould render the contents of the directory inaccessible. (CVE-2008-0001,Important)A flaw was found in the Xen PAL emulation on Intel 64 platforms. A guestHardware-assisted virtual machine (HVM) could read the arbitrary physicalmemory of the host system, which could make information available tounauthorized users. (CVE-2007-6416, Important)A flaw was found in the way core dump files were created. If a local usercan get a root-owned process to dump a core file into a directory, whichthe user has write access to, they could gain read access to that corefile, potentially containing sensitive information. (CVE-2007-6206, Moderate)A buffer overflow flaw was found in the CIFS virtual file system. Aremote,authenticated user could issue a request that could lead to a denialof service. (CVE-2007-5904, Moderate)A flaw was found in the "sysfs_readdir" function. A local user could createa race condition which would cause a denial of service (kernel oops).(CVE-2007-3104, Moderate)As well, these updated packages fix the following bugs:Red Hat Enterprise Linux 5 users are advised to upgrade to these updatedpackages, which contain backported patches to resolve these issues.