7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.167 Low
EPSS
Percentile
96.1%
CentOS Errata and Security Advisory CESA-2005:514
The Linux kernel handles the basic functions of the operating system.
This is the second regular kernel update to Red Hat Enterprise Linux 4.
New features introduced in this update include:
There were several bug fixes in various parts of the kernel. The ongoing
effort to resolve these problems has resulted in a marked improvement
in the reliability and scalability of Red Hat Enterprise Linux 4.
The following security bugs were fixed in this update, detailed below with
corresponding CAN names available from the Common Vulnerabilities and
Exposures project (cve.mitre.org):
flaws in ptrace() syscall handling on 64-bit systems that allowed a local
user to cause a denial of service (crash) (CAN-2005-0756, CAN-2005-1761,
CAN-2005-1762, CAN-2005-1763)
flaws in IPSEC network handling that allowed a local user to cause a
denial of service or potentially gain privileges (CAN-2005-2456, CAN-2005-2555)
a flaw in sendmsg() syscall handling on 64-bit systems that allowed a
local user to cause a denial of service or potentially gain privileges
(CAN-2005-2490)
a flaw in sendmsg() syscall handling that allowed a local user to cause a
denial of service by altering hardware state (CAN-2005-2492)
a flaw that prevented the topdown allocator from allocating mmap areas
all the way down to address zero (CAN-2005-1265)
flaws dealing with keyrings that could cause a local denial of service
(CAN-2005-2098, CAN-2005-2099)
a flaw in the 4GB split patch that could allow a local denial of service
(CAN-2005-2100)
a xattr sharing bug in the ext2 and ext3 file systems that could cause
default ACLs to disappear (CAN-2005-2801)
a flaw in the ipt_recent module on 64-bit architectures which could allow
a remote denial of service (CAN-2005-2872)
The following device drivers have been upgraded to new versions:
qla2100 --------- 8.00.00b21-k to 8.01.00b5-rh2
qla2200 --------- 8.00.00b21-k to 8.01.00b5-rh2
qla2300 --------- 8.00.00b21-k to 8.01.00b5-rh2
qla2322 --------- 8.00.00b21-k to 8.01.00b5-rh2
qla2xxx --------- 8.00.00b21-k to 8.01.00b5-rh2
qla6312 --------- 8.00.00b21-k to 8.01.00b5-rh2
megaraid_mbox β 2.20.4.5 to 2.20.4.6
megaraid_mm ----- 2.20.2.5 to 2.20.2.6
lpfc ------------ 0:8.0.16.6_x2 to 0:8.0.16.17
cciss ----------- 2.6.4 to 2.6.6
ipw2100 --------- 1.0.3 to 1.1.0
tg3 ------------- 3.22-rh to 3.27-rh
e100 ------------ 3.3.6-k2-NAPI to 3.4.8-k2-NAPI
e1000 ----------- 5.6.10.1-k2-NAPI to 6.0.54-k2-NAPI
3c59x ----------- LK1.1.19
mptbase --------- 3.01.16 to 3.02.18
ixgb ------------ 1.0.66 to 1.0.95-k2-NAPI
libata ---------- 1.10 to 1.11
sata_via -------- 1.0 to 1.1
sata_ahci ------- 1.00 to 1.01
sata_qstor ------ 0.04
sata_sil -------- 0.8 to 0.9
sata_svw -------- 1.05 to 1.06
s390: crypto ---- 1.31 to 1.57
s390: zfcp ------
s390: CTC-MPC β
s390: dasd -------
s390: cio -------
s390: qeth ------
All Red Hat Enterprise Linux 4 users are advised to upgrade their
kernels to the packages associated with their machine architectures
and configurations as listed in this erratum.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-October/074406.html
https://lists.centos.org/pipermail/centos-announce/2005-October/074409.html
Affected packages:
kernel
kernel-devel
kernel-doc
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:514
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | ia64 | kernel | <Β 2.6.9-22.EL | kernel-2.6.9-22.EL.ia64.rpm |
CentOS | 4 | ia64 | kernel-devel | <Β 2.6.9-22.EL | kernel-devel-2.6.9-22.EL.ia64.rpm |
CentOS | 4 | noarch | kernel-doc | <Β 2.6.9-22.EL | kernel-doc-2.6.9-22.EL.noarch.rpm |
CentOS | 4 | s390 | kernel | <Β 2.6.9-22.EL | kernel-2.6.9-22.EL.s390.rpm |
CentOS | 4 | s390 | kernel-devel | <Β 2.6.9-22.EL | kernel-devel-2.6.9-22.EL.s390.rpm |
CentOS | 4 | noarch | kernel-doc | <Β 2.6.9-22.EL | kernel-doc-2.6.9-22.EL.noarch.rpm |
CentOS | 4 | s390x | kernel | <Β 2.6.9-22.EL | kernel-2.6.9-22.EL.s390x.rpm |
CentOS | 4 | s390x | kernel-devel | <Β 2.6.9-22.EL | kernel-devel-2.6.9-22.EL.s390x.rpm |
CentOS | 4 | noarch | kernel-doc | <Β 2.6.9-22.EL | kernel-doc-2.6.9-22.EL.noarch.rpm |
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.167 Low
EPSS
Percentile
96.1%