Linux Kernel Point Release Fixes Flaws
Page 1 of 1
It's a familiar refrain. A new Linux kernel is released and a short time later it's augmented by a point release that addresses a potential security vulnerability.
The new 18.104.22.168 Linux kernel point release follows the 2.6.16 release by a week and includes various bug fixes, as well as a fix for a potential security vulnerability.
The potential vulnerability is called the "Linux Kernel IP ID Value Increment Weakness" by security firm Secunia and carries a "not-critical" rating.
The "weakness" could have potentially allowed for unauthorized system information disclosure, as well as a security restriction bypass. The problem is due to an error in the "ip_push_pending_frames()" function, which has been corrected in the new point release.
There are also some 22 other patches in 22.214.171.124 fixing an array of issues that caused various minor hang-ups and unexpected behaviors.
Point releases following major releases are a common occurrence for the current 2.6.x development train.
The 2.6.15 kernel was patched barely two weeks after its release, fixing three potential security vulnerabilities.