kernel: multiple vulnerabilities [LWN.net]

Package(s):

kernel

CVE #(s):

CVE-2012-2137 CVE-2012-2373

Created:

June 19, 2012

Updated:

October 12, 2012

Description:

From the Red Hat advisory:

A buffer overflow flaw was found in the setup_routing_entry() function in the KVM subsystem of the Linux kernel in the way the Message Signaled Interrupts (MSI) routing entry was handled. A local, unprivileged user could use this flaw to cause a denial of service or, possibly, escalate their privileges. (CVE-2012-2137)

A race condition was found in the Linux kernel's memory management subsystem in the way pmd_populate() and pte_offset_map_lock() interacted on 32-bit x86 systems with more than 4GB of RAM. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2373)

Alerts:

Scientific Linux	SL-kern-20120619	2012-06-19
CentOS	CESA-2012:0743	2012-06-19
Red Hat	RHSA-2012:0743-01	2012-06-18
Oracle	ELSA-2012-2020	2012-06-21
Oracle	ELSA-2012-0743	2012-06-21
openSUSE	openSUSE-SU-2012:0781-1	2012-06-22
Oracle	ELSA-2012-2021	2012-06-23
Oracle	ELSA-2012-2021	2012-06-23
SUSE	SUSE-SU-2012:0789-1	2012-06-26
Oracle	ELSA-2012-2022	2012-07-02
Oracle	ELSA-2012-2022	2012-07-02
Oracle	ELSA-2012-0862	2012-07-02
openSUSE	openSUSE-SU-2012:0812-1	2012-07-03
Ubuntu	USN-1514-1	2012-08-10
Ubuntu	USN-1529-1	2012-08-10
Ubuntu	USN-1532-1	2012-08-10
Ubuntu	USN-1533-1	2012-08-10
Ubuntu	USN-1539-1	2012-08-14
Ubuntu	USN-1594-1	2012-10-03
Ubuntu	USN-1606-1	2012-10-11
Ubuntu	USN-1607-1	2012-10-11
Ubuntu	USN-1609-1	2012-10-12
SUSE	SUSE-SU-2013:0759-1	2013-05-07
SUSE	SUSE-SU-2013:0759-2	2013-05-08
SUSE	SUSE-SU-2013:0786-1	2013-05-14
openSUSE	openSUSE-SU-2013:0925-1	2013-06-10
openSUSE	openSUSE-SU-2013:0927-1	2013-06-10

(Log in to post comments)