Mandrake Linux Security Update Advisory
_________________________________________________________

Package name:           kernel
Advisory ID:            MDKSA-2003:074
Date:                   July 15th, 2003

Affected versions:	8.2, 9.0, Corporate Server 2.1,
			Multi Network Firewall 8.2
__________________________________________________________
Problem Description:

 Multiple vulnerabilities were discovered and fixed in the Linux kernel.
 
 * CAN-2003-0001: Multiple ethernet network card drivers do not pad
   frames with null bytes which allows remote attackers to obtain
   information from previous packets or kernel memory by using
   special malformed packets.
 
 * CAN-2003-0244: The route cache implementation in the 2.4 kernel and
   the Netfilter IP conntrack module allows remote attackers to cause a
   Denial of Service (DoS) via CPU consumption due to packets with
   forged source addresses that cause a large number of hash table
   collisions related to the PREROUTING chain.

• Read full article
• Read full article in new window
• See other articles published by Help Net Security
• Today's headlines
• Headlines for Jul 16, 2003