[Frugalware-security] [ FSA-315 ] kernel

vmiklos noreply at frugalware.org
Mon Nov 12 10:33:25 CET 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-315

Date: 2007-11-12
Package: kernel
Vulnerable versions: <= 2.6.22-7sayshell1
Unaffected versions: >= 2.6.22-7sayshell2
Related bugreport: http://bugs.frugalware.org/task/2562
CVE: CVE-2007-4997

Description
===========

A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an off-by-two error within the function &quot;ieee80211_rx()&quot; in net/ieee80211/ieee80211_rx.c. This can be exploited to cause a kernel panic by sending a specially crafted ieee80211 frame with the IEEE80211_STYPE_QOS_DATA flag set to an affected system.

Updated Packages
================

Check if you have kernel installed:

	# pacman-g2 -Q kernel

If found, then you should upgrade to the latest version:

	# pacman-g2 -Sy kernel

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFHOB3lZ7NElSD1VhkRAqhbAJ9ezmYCmialNgqV5wKhMohoe+SR8wCgkUWF
paE0piA2Np0ICs7iAvClTQU=
=icQW
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list