Gentoo Security Advisory GLSA 200407-16 (Kernel)

The remote host is missing updates announced in advisory GLSA 200407-16.
Users are encouraged to upgrade to the latest available sources for their system: # emerge sync # emerge -pv your-favorite-sources # emerge your-favorite-sources # # Follow usual procedure for compiling and installing a kernel. # # If you use genkernel, run genkernel as you would do normally.
Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CVE-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CVE-2004-0447, CVE-2004-0496 and CVE-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory.