Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 5.The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from the CVE link inthe References section. The kernel packages contain the Linux kernel, the core of any Linuxoperating system.This update fixes the following security issues:* Buffer overflow flaws were found in the udf_load_logicalvol function inthe Universal Disk Format file system implementation in the Linuxkernel. An attacker with physical access to a system could use these flawsto cause a denial of service or escalate their privileges. This update also fixes the following bugs:* Previously, race conditions could sometimes occur in interrupt handling on the Emulex BladeEngine 2 controllers, causing the network adapterto become unresponsive. This update provides a series of patches for the be2net driver, which prevents the race from occurring. The network cards using BE2 chipsets no longer hang due to incorrectly handled interrupt events. * A boot-time memory allocation pool is used to keep thelist of Desktop Management Interface devices during the system boot.Previously, the size of the DMI heap was only 2048 bytes on the AMD64 andIntel 64 architectures and the DMI heap space could become easily depletedon some systems, such as the IBM System x3500 M2. A subsequent OOM failurecould, under certain circumstances, lead to a NULL pointer entry beingstored in the DMI device list. Consequently, scanning of such a corruptedDMI device list resulted in a kernel panic. The boot-time memory allocationpool for the AMD64 and Intel 64 architectures has been enlarged to 4096bytes and the routines responsible for populating the DMI device list havebeen modified to skip entries if their name string is NULL. The kernel nolonger panics in this scenario. * The size of the buffer used to print the kernel taint output on kernelpanic was too small, which resulted in the kernel taint output not beingprinted completely sometimes. With this update, the size of the buffer hasbeen adjusted and the kernel taint output is now displayed properly.* The code to print the kernel taint output contained a typographicalerror. Consequently, the kernel taint output, which is displayed on kernelpanic, could not provide taint error messages for unsupported hardware.This update fixes the typo and the kernel taint output is now displayedcorrectly. Users should upgrade to these updated packages, which contain backportedpatches to correct these issues. The system must be rebooted for thisupdate to take effect.