I recently came across a vulnerability in the recently released RHEL v4 (http://www.securityfocus.com/bid/12599/discussion/). Would like to advice guys who have bought or planning to buy the RHEL v4 to see into the Redhat advisory RHSA-2005:092-14 to address the issue.
Red Hat Enterprise Linux kernel is reported prone to multiple vulnerabilities. These issues may allow local attackers to carry out denial of service attacks and gain elevated privileges.
The following specific issues were identified:
The Red Hat Enterprise Linux kernel is reported prone to two local denial of service vulnerabilities.
Another issue affecting the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch can allow local attackers to read and write to arbitrary kernel memory.
These issues are reported to affect the Red Hat Enterprise Linux 4 kernel.