In Feburary, iDefense notified us of a flaw in the iso9660 filesystem component of the Linux kernel. The Linux kernel performs no length checking on symbolic links stored on an ISO9660 filesystem, allowing a malformed CD to perform an arbitrary length overflow in kernel memory. In order to exploit this vulnerability, an attacker must be able to mount a maliciously constructed filesystem (for example by being at the machine in order to insert a cdrom) This issue is embargoed until 1400UTC on April 14th 2004.
removing embargo
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2004-105.html