kernel security update

CentOS Errata and Security Advisory CESA-2007:0671

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described
below:

• a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a
  denial of service or potential privilege escalation. (CVE-2007-1217, Moderate)

• a flaw in the Bluetooth subsystem that allowed a local user to trigger an
  information leak. (CVE-2007-1353, Low)

In addition to the security issues described above, fixes for the following
have been included:

• a race condition in the e1000 network driver that could cause ESB2
  systems to be started without the RX unit being turned on.

• a related e1000 bug on ESB2 systems that could cause rlogin to fail.

Red Hat would like to thank Ilja van Sprundel for reporting an issue fixed
in this erratum.

Note: The kernel-unsupported package contains various drivers and modules
that are unsupported and therefore might contain security problems that
have not been addressed.

All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels
to the packages associated with their machine architecture and
configurations as listed in this erratum.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-August/076307.html
https://lists.centos.org/pipermail/centos-announce/2007-August/076308.html
https://lists.centos.org/pipermail/centos-announce/2007-August/076309.html
https://lists.centos.org/pipermail/centos-announce/2007-August/076310.html

Affected packages:
kernel
kernel-BOOT
kernel-doc
kernel-hugemem
kernel-hugemem-unsupported
kernel-smp
kernel-smp-unsupported
kernel-source
kernel-unsupported

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0671