Advisories:rPSA-2006-0066

From rPath Wiki

rPath Security Advisory 2006-0066-1

Published: 2006-05-09

Products

• rPath Linux 1

Rating

Minor

Exposure Level Classification

Remote Deterministic Denial of Service

Updated Versions

• kernel=conary.rpath.com@rpl:1/2.6.16.14-1-0.1

rPath Issue Tracking System

• RPL-358

References

• CVE-2006-0744
• CVE-2006-1055
• CVE-2006-1522
• CVE-2006-1524
• CVE-2006-1525
• CVE-2006-1527
• CVE-2006-1863
• CVE-2006-1864
• http://lists.rpath.com/pipermail/distro-list/2006-May/000398.html

Description

Several potential vulnerabilities exist in previous kernels which

may allow remote or local denial of service attacks, primarily in

certain less-common system configurations.

The cifs and smbfs filesystems had a path interpretation bug which

could allow even non-root processes in a chroot() environment to

"escape" the chroot.

This update requires a reboot to implement the fixes for affected

systems.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html