Updates/kernel-2.6.16-1.2115 FC4

From FarsiWeb

The packages kernel and kernel-smp contain the Linux kernel, the core of the Linux operating system.

These updates fix the following security vulnerabilities:

• Common Vulnerabilities and Exposures issue CVE 2006-1343:

  net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGINAL_DST, which allows local users to obtain portions of potentially sensitive memory.

• Common Vulnerabilities and Exposures issue CVE 2006-2444:

  The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.

This update will update kernel to the new version 2.6.16.20, which contains fixes for the above bugs.

See also the previous update to the kernel and kernel-smp packages, which was also a security update.