(RHSA-2004:106) kernel security update

The Linux kernel handles the basic functions of the operating system.

This kernel updates several important drivers and fixes a number of bugs
including potential security vulnerabilities.

iDefense reported a buffer overflow flaw in the ISO9660 filesystem code.
An attacker could create a malicious filesystem in such a way that root
privileges may be obtained if the filesystem is mounted. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0109 to this issue.

A flaw in return value checking in mremap() in the Linux kernel versions
2.4.24 and previous that may allow a local attacker to gain root
privileges. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.

A flaw in ncp_lookup() in ncpfs could allow local privilege escalation.
The ncpfs module allows a system to mount volumes of NetWare servers or
print to NetWare printers. This is part of the kernel-unsupported package.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0010 to this issue.

A flaw in the R128 Direct Render Infrastructure could allow local privilege
escalation. This driver is part of the kernel-unsupported package. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0003 to this issue.

An overflow was found in the ixj telephony card driver in Linux kernels
prior to 2.4.20. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-1574 to this issue.

The following drivers were updated:

IBM Serveraid 6.11.07
MPT fusion v. 2.05.11.03
Qlogic v. 6.07.02-RH1

All users are advised to upgrade to these errata packages, which contain
backported security patches that correct these issues.