| |||||||||||||||||||
Scientific Linux alert SL-kern-20130717 (kernel)
Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2013:1051-1 Issue Date: 2013-07-16 CVE Numbers: CVE-2013-0914 CVE-2013-1848 CVE-2013-2634 CVE-2013-2635 CVE-2013-3222 CVE-2013-3224 CVE-2013-3225 CVE-2012-6548 CVE-2013-3301 CVE-2013-2128 CVE-2013-2852 -- This update fixes the following security issues: * A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers (skb) were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service. (CVE-2013-2128, Moderate) * Information leak flaws in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. (CVE-2012-6548, CVE-2013-2634, CVE-2013-2635, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, Low) * An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2013-0914, Low) * A format string flaw was found in the ext3_msg() function in the Linux kernel's ext3 file system implementation. A local user who is able to mount an ext3 file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1848, Low) * A format string flaw was found in the b43_do_request_fw() function in the Linux kernel's b43 driver implementation. A local user who is able to specify the "fwpostfix" b43 module parameter could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-2852, Low) * A NULL pointer dereference flaw was found in the Linux kernel's ftrace and function tracer implementations. A local user who has the CAP_SYS_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-3301, Low) The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.14.1.el6.x86_64.rpm kernel-devel-2.6.32-358.14.1.el6.x86_64.rpm kernel-headers-2.6.32-358.14.1.el6.x86_64.rpm perf-2.6.32-358.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm python-perf-2.6.32-358.14.1.el6.x86_64.rpm i386 kernel-2.6.32-358.14.1.el6.i686.rpm kernel-debug-2.6.32-358.14.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.14.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.14.1.el6.i686.rpm kernel-devel-2.6.32-358.14.1.el6.i686.rpm kernel-headers-2.6.32-358.14.1.el6.i686.rpm perf-2.6.32-358.14.1.el6.i686.rpm perf-debuginfo-2.6.32-358.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.14.1.el6.i686.rpm python-perf-2.6.32-358.14.1.el6.i686.rpm noarch kernel-doc-2.6.32-358.14.1.el6.noarch.rpm kernel-firmware-2.6.32-358.14.1.el6.noarch.rpm - Scientific Linux Development Team (Log in to post comments)
|
|||||||||||||||||||