There is a new point release Linux kernel that comes barely two weeks after 2.6.15 was released and fixes at least three different vulnerabilities.

Security firm Secunia has rated the three vulnerabilities as ''moderately critical''; the potential impact could be a Denial of Service (DoS) attack against a vulnerable system.

The first vulnerability, CVE-2006-0035, describes a flaw that could trigger an infinite loop that a malicious user could potentially exploit as a DoS attack.


A patch for CVE-2006-0036, the second vulnerability, fixes a crash in ip_nat_pptp.

''When an inbound PPTP_IN_CALL_REQUEST packet is received the PPTP NAT helper uses a NULL pointer in pointer arithmetic to calculate the offset in the packet which needs to be mangled and corrupts random memory or crashes,'' according to the changelog for 2.6.15.1, the latest point release.

This article was first published on InternetNews.com. To read the full article, click here.