Linux heads will want to know about two new vulnerabilities
found in the Linux Kernel. The first refers to an integer overflow error within the "do_replace()" function in Netfilter. This can be used to cause a buffer overflow. The second, an insufficient memory allocation in "drivers/usb/gadget/rndis.c" when handling NDIS response to OID_GEN_SUPPORTED_LIST, can cause a kernel memory corruption. The solution in both cases is to upgrade to Kernel 2.6.16, which does not have this issue.